Submitted URL: https://m.paypal.theone-entertainment.com/
Effective URL: https://www.nytimes.com/
Submission Tags: @phishunt_io
Submission: On July 18 via api from DE — Scanned from SG

Summary

This website contacted 51 IPs in 8 countries across 46 domains to perform 221 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 5941.
TLS certificate: Issued by Thawte RSA CA 2018 on March 22nd 2023. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.212.13.134 16509 (AMAZON-02)
1 192.0.78.27 2635 (AUTOMATTIC)
73 151.101.1.164 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
6 44.226.14.255 16509 (AMAZON-02)
3 54.184.86.91 16509 (AMAZON-02)
3 2600:9000:205... 16509 (AMAZON-02)
3 99.86.175.93 16509 (AMAZON-02)
13 151.101.129.164 54113 (FASTLY)
6 99.86.181.129 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
1 12 52.46.130.91 16509 (AMAZON-02)
2 3 104.254.150.228 29990 (ASN-APPNEX)
1 35.227.252.103 15169 (GOOGLE)
5 2602:803:c006... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 18.139.131.205 16509 (AMAZON-02)
2 65.8.11.57 16509 (AMAZON-02)
2 4 65.8.11.90 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
1 2 142.251.10.149 15169 (GOOGLE)
1 2600:9000:217... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 10 15.197.193.217 16509 (AMAZON-02)
9 10 172.253.118.155 15169 (GOOGLE)
5 5 18.143.106.89 16509 (AMAZON-02)
1 11 67.199.150.86 62713 (AS-PUBMATIC)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 4 96.17.188.24 16625 (AKAMAI-AS)
2 8 139.5.84.243 27381 (CASALE-MEDIA)
2 184.51.240.213 16625 (AKAMAI-AS)
1 7 35.244.159.8 15169 (GOOGLE)
3 4 35.71.178.8 16509 (AMAZON-02)
1 1 124.146.215.51 2514 (INFOSPHER...)
2 2 65.8.11.99 16509 (AMAZON-02)
1 34.200.79.221 14618 (AMAZON-AES)
2 67.199.150.81 3257 (GTT-BACKB...)
1 2 151.101.2.49 54113 (FASTLY)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 54.251.17.22 16509 (AMAZON-02)
1 2 119.9.108.180 45187 (RACKSPACE...)
1 1 35.230.38.116 396982 (GOOGLE-CL...)
2 2406:da18:929... 16509 (AMAZON-02)
1 1 54.165.154.245 14618 (AMAZON-AES)
1 2 52.33.228.203 16509 (AMAZON-02)
1 1 23.106.127.164 59253 (LEASEWEB-...)
1 20.40.202.2 8075 (MICROSOFT...)
5 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
3 207.65.33.76 62713 (AS-PUBMATIC)
2 2 182.161.73.146 55569 (CRITEO-AS...)
2 23.72.44.21 16625 (AKAMAI-AS)
5 5 35.213.12.39 15169 (GOOGLE)
2 2 52.220.50.50 16509 (AMAZON-02)
2 2 2a02:fa8:c411... 399104 (CNVR-APAC)
1 2 185.84.60.20 198622 (ADFORM)
1 1 198.8.71.131 54312 (ROCKETFUEL)
1 1 2620:116:800e... 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 1 51.255.68.171 16276 (OVH)
221 51
Apex Domain
Subdomains
Transfer
52 nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 5941
a.et.nytimes.com — Cisco Umbrella Rank: 7573
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7790
als-svc.nytimes.com — Cisco Umbrella Rank: 12034
dd.nytimes.com — Cisco Umbrella Rank: 12252
purr.nytimes.com — Cisco Umbrella Rank: 10155
a.nytimes.com — Cisco Umbrella Rank: 8575
static.nytimes.com — Cisco Umbrella Rank: 15941
static01.nytimes.com — Cisco Umbrella Rank: 10792
mwcm.nytimes.com — Cisco Umbrella Rank: 12896
3 MB
45 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 10376
static01.nyt.com — Cisco Umbrella Rank: 7826
a1.nyt.com — Cisco Umbrella Rank: 9795
vp.nyt.com — Cisco Umbrella Rank: 23489
1 MB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
73 KB
18 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 797
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage4.pubmatic.com — Cisco Umbrella Rank: 1338
image4.pubmatic.com — Cisco Umbrella Rank: 1305
28 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 10973
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
165 KB
15 googlesyndication.com
d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
197 KB
10 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 603
match.adsrvr.org — Cisco Umbrella Rank: 383
6 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
7 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 982
u.openx.net — Cisco Umbrella Rank: 769
us-u.openx.net — Cisco Umbrella Rank: 496
jp-u.openx.net — Cisco Umbrella Rank: 9654
nytimes-d.openx.net — Cisco Umbrella Rank: 14715
2 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
3 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1429
cs.media.net — Cisco Umbrella Rank: 1653
contextual.media.net — Cisco Umbrella Rank: 675
4 KB
6 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 8969
iteratehq.com — Cisco Umbrella Rank: 7574
32 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
3 KB
5 google.com
accounts.google.com — Cisco Umbrella Rank: 67
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
79 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
110 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 646
eb2.3lift.com — Cisco Umbrella Rank: 422
2 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 552
6 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
1 KB
4 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1915
gw.geoedge.be — Cisco Umbrella Rank: 2107
190 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 428
899 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3412
collector.brandmetrics.com — Cisco Umbrella Rank: 3847
18 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
9 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 926
882 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 11807
669 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
937 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1361
856 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
854 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
772 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 19518
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
175 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3678
566 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4818
390 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
594 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
795 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
347 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
1 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
661 B
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 9611
201 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
853 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
24 KB
1 href.li
href.li — Cisco Umbrella Rank: 95176
320 B
1 theone-entertainment.com
m.paypal.theone-entertainment.com
993 B
221 46
Domain Requested by
31 static01.nyt.com www.nytimes.com
rumcdn.geoedge.be
16 static.nytimes.com www.nytimes.com
15 www.nytimes.com href.li
www.nytimes.com
rumcdn.geoedge.be
12 s.amazon-adsystem.com 1 redirects rumcdn.geoedge.be
s.amazon-adsystem.com
u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
11 g1.nyt.com www.nytimes.com
g1.nyt.com
10 cm.g.doubleclick.net 9 redirects u.openx.net
9 match.adsrvr.org 9 redirects
9 tpc.googlesyndication.com www.nytimes.com
rumcdn.geoedge.be
8 samizdat-graphql.nytimes.com www.nytimes.com
6 simage2.pubmatic.com 1 redirects www.nytimes.com
ads.pubmatic.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
6 a.et.nytimes.com www.nytimes.com
5 x.bidswitch.net 5 redirects
5 pagead2.googlesyndication.com www.nytimes.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 image2.pubmatic.com ads.pubmatic.com
5 ups.analytics.yahoo.com 5 redirects
5 cdn.ampproject.org rumcdn.geoedge.be
5 fastlane.rubiconproject.com www.nytimes.com
4 iteratehq.com platform.iteratehq.com
4 eb2.3lift.com 3 redirects
4 cs.media.net 1 redirects
4 sb.scorecardresearch.com 2 redirects www.nytimes.com
4 securepubads.g.doubleclick.net rumcdn.geoedge.be
securepubads.g.doubleclick.net
www.nytimes.com
3 idsync.rlcdn.com 2 redirects
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 accounts.google.com rumcdn.geoedge.be
accounts.google.com
3 ib.adnxs.com 2 redirects www.nytimes.com
3 c.amazon-adsystem.com www.nytimes.com
c.amazon-adsystem.com
3 rumcdn.geoedge.be www.nytimes.com
rumcdn.geoedge.be
href.li
2 pippio.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 medianet-match.dotomi.com 2 redirects
2 pm.w55c.net 2 redirects
2 contextual.media.net
2 dis.criteo.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 platform.iteratehq.com href.li
platform.iteratehq.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 us-u.openx.net u.openx.net
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 cdn.brandmetrics.com www.googletagmanager.com
rumcdn.geoedge.be
2 a1.nyt.com href.li
www.googletagmanager.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dd.nytimes.com href.li
dd.nytimes.com
2 www.googletagmanager.com www.nytimes.com
www.googletagmanager.com
1 image4.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 nytimes-d.openx.net
1 www.google.com rumcdn.geoedge.be
1 collector.brandmetrics.com cdn.brandmetrics.com
1 ssbsync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 um.simpli.fi 1 redirects
1 pnytimes.chartbeat.net www.nytimes.com
1 tg.socdm.com 1 redirects
1 vp.nyt.com www.nytimes.com
1 adservice.google.com 5290727.fls.doubleclick.net
1 mwcm.nytimes.com www.nytimes.com
1 insight.adsrvr.org 1 redirects
1 static.chartbeat.com href.li
1 static01.nytimes.com www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 gw.geoedge.be rumcdn.geoedge.be
1 tlx.3lift.com www.nytimes.com
1 prebid.media.net www.nytimes.com
1 rtb.openx.net www.nytimes.com
1 d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 als-svc.nytimes.com www.nytimes.com
1 href.li
1 m.paypal.theone-entertainment.com 1 redirects
221 84
Subject Issuer Validity Valid
tls.automattic.com
R3
2023-07-01 -
2023-09-29
3 months crt.sh
nytimes.com
Thawte RSA CA 2018
2023-03-22 -
2024-04-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
a.et.nytimes.com
R3
2023-07-15 -
2023-10-13
3 months crt.sh
als-svc.nytimes.com
R3
2023-06-05 -
2023-09-03
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-02-21 -
2023-10-10
8 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-07-05 -
2023-10-03
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-08 -
2024-04-06
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
purr.nytimes.com
R3
2023-07-07 -
2023-10-05
3 months crt.sh
a.nytimes.com
R3
2023-06-16 -
2023-09-14
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
brandmetrics.com
GTS CA 1P5
2023-07-08 -
2023-10-06
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2
2023-05-10 -
2024-06-10
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-06 -
2024-05-04
a year crt.sh
www.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh

This page contains 22 frames:

Primary Page: https://www.nytimes.com/
Frame ID: E871D513266B98BB079D667BB6D37324
Requests: 147 HTTP requests in this frame

Frame: https://d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C7E9570EAF470D500C879A023D14812
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: EF92CEAA36B5D7DC793E00746FFDFB5D
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 19F9A932DAD1D08D96F327CF88E0DDA4
Requests: 15 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 716BBE2994CB96A17A0495F32139E7B5
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F
Frame ID: B4ED1CB6BBE3E9AB7A62B1C854767F77
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 5C9766DE3E06F7125FFE5D1C3D52768F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 8FB173C0BBAD1BD6EA5BFD4176DA57B0
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
Frame ID: DBED37B41EC56EDF01751C9E79BBE26C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 56C93A7A8489BB720D0A68C25F441CD7
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
Frame ID: 9E91811265578BA599246DF05ED1A0D0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
Frame ID: 5309473AF328B77275D46CEFAA7A1668
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLYV9gABrY5hWAAN
Frame ID: 0AC8C536D490AF5808E824A5849AAAFC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD0B7084A-866C-4B13-A97A-14019B69ECF7
Frame ID: 8507DEE8378D6F4E3BAC2B92B1C8C4EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F650286369ED7EA311D1D16AAA6739E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 025576046A5FA500BCE129B10EC5BA82
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
Frame ID: 98C7485E9CB1545EDFFE8675B3825D63
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
Frame ID: 41BF4BBCC18C762087780837554F7643
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
Frame ID: A0B6CC24854CAAFD5DE8E3FDE860CF1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
Frame ID: 0D93D7D904C5D55F30020E661EF8D80B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B28A9075BAB4E6AE0C01ED614BE3FF84
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD0B7084A-866C-4B13-A97A-14019B69ECF7
Frame ID: 3F937E18039E4169D233068782C53097
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Page URL History Show full URLs

  1. https://m.paypal.theone-entertainment.com/ HTTP 302
    https://href.li/?https://www.nytimes.com/ Page URL
  2. https://www.nytimes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

221
Requests

86 %
HTTPS

27 %
IPv6

46
Domains

84
Subdomains

51
IPs

8
Countries

5017 kB
Transfer

10100 kB
Size

110
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m.paypal.theone-entertainment.com/ HTTP 302
    https://href.li/?https://www.nytimes.com/ Page URL
  2. https://www.nytimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://m.paypal.theone-entertainment.com/ HTTP 302
  • https://href.li/?https://www.nytimes.com/
Request Chain 39
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fwww.nytimes.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fwww.nytimes.com%2F&c9=
Request Chain 124
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F
Request Chain 129
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1029118888 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OThhZjFmYzItODEwMi00MGQ0LWE1ZWYtODBiODNiZmYyNjc2&gdpr=0&gdpr_consent=&ttd_tdid=98af1fc2-8102-40d4-a5ef-80b83bff2676 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98af1fc2-8102-40d4-a5ef-80b83bff2676&google_gid=CAESEAUC_K4YiLihyH3R7VwWbF0&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=98af1fc2-8102-40d4-a5ef-80b83bff2676&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-2K3ZFLZE2uL5pctGBuqk_DJIpvZGvKk-~A&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
Request Chain 140
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3326563733878670000V10
Request Chain 142
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 144
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
Request Chain 145
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 146
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
Request Chain 147
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
Request Chain 151
  • https://match.adsrvr.org/track/cmf/openx?oxid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0&gdpr_consent=
Request Chain 152
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLYV9cCo8XYAALianuoAAAAA
Request Chain 153
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWA9Ut6XBm1wks8AD7MOvTwm6s8AAAGJZ0XHtw
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKDBoeMWU9YMuJT2Ga41M8M&google_cver=1
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLYV9gABrY5hWAAN
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0LcISoZsSxOpehQBm2ns9w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 164
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D0B7084A-866C-4B13-A97A-14019B69ECF7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D0B7084A-866C-4B13-A97A-14019B69ECF7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%2C%2C
Request Chain 165
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=&ct=y
Request Chain 166
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDBCNzA4NEEtODY2Qy00QjEzLUE5N0EtMTQwMTlCNjlFQ0Y3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOxsXatKCLM5jBhgfUOedok&google_cver=1
Request Chain 169
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2268D34E7E594BC5ACFB75E1E589DEDF
Request Chain 171
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEODS3fxDfEE1w6wqvk-fQpI&google_cver=1
Request Chain 174
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&expiration=1692246773&gdpr=0&gdpr_consent=
Request Chain 175
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLYV9bNZeeuZO.7ZaD2iKwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEQtEcHcwHsSRyW3LlnFsnQ&google_cver=1&google_hm=2
Request Chain 176
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RNaxqJVvWzNMwq1Ts5lo5mf-meI
Request Chain 177
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
Request Chain 178
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736
Request Chain 179
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4699845187637072123&gdpr=0&gdpr_consent=
Request Chain 189
  • https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Request Chain 204
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e7f553f4-eb82-4bfe-af53-caa62fbd0ef6
Request Chain 205
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33&google_hm=Y2EwNzM4NGItNjZhMi00ZmI5LWE5ODEtZDZiZmU3MjZiZjMz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMiUbzremjj55F2wOe3Iuy4&google_cver=1&ssp=medianet&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 207
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=98af1fc2-8102-40d4-a5ef-80b83bff2676&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 208
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=sIyri1vd1QlCoo5
Request Chain 209
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=35221be521862072&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAANN0ZLoEX0IwMyQmzkAAAAAAA&expiration=1689741176&is_secure=true
Request Chain 211
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
Request Chain 212
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
Request Chain 213
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
Request Chain 214
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
Request Chain 215
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 217
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D0B7084A-866C-4B13-A97A-14019B69ECF7 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQwQjcwODRBLTg2NkMtNEIxMy1BOTdBLTE0MDE5QjY5RUNGNxAAGg0I-KvYpQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=deb7e94cfa78d6ec0380e1923d16b1a4e9df6ebc4fc1de256f1bf7b78dc6038c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkZWI3ZTk0Y2ZhNzhkNmVjMDM4MGUxOTIzZDE2YjFhNGU5ZGY2ZWJjNGZjMWRlMjU2ZjFiZjdiNzhkYzYwMzhjNzkxNDI2YjU0MTdkY2UyMRAAGgwI-avYpQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkZWI3ZTk0Y2ZhNzhkNmVjMDM4MGUxOTIzZDE2YjFhNGU5ZGY2ZWJjNGZjMWRlMjU2ZjFiZjdiNzhkYzYwMzhjNzkxNDI2YjU0MTdkY2UyMRAAGgwI-avYpQYSBAgCEABCAEoA&google_gid=CAESEFv3-94stzZnaX2qUPDXF5E&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2720082a-206a-4e12-a086-ee71cb7f2537
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=47f725cb-3e72-4735-a160-b5f60058a1ef&expires=1&user_group=2&ssp=pubmatic&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 219
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D0B7084A-866C-4B13-A97A-14019B69ECF7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D7ewHoFE2uVO39e38.iHuUcfJEWpQjU-~A&gdpr=0

221 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
href.li/
Redirect Chain
  • https://m.paypal.theone-entertainment.com/
  • https://href.li/?https://www.nytimes.com/
437 B
320 B
Document
General
Full URL
https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:49 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.sin _bur MISS

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 04:32:49 GMT
location
https://href.li/?https://www.nytimes.com/
server
LiteSpeed
vary
Accept-Encoding
Primary Request /
www.nytimes.com/
500 KB
116 KB
Document
General
Full URL
https://www.nytimes.com/
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4070be2af7923069ba718318e1e8de4e6464f6aebc6ad850581cec7dcdebe7a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
s-maxage=30,no-cache
content-encoding
gzip
content-length
117179
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:50 GMT
last-modified
Tue, 18 Jul 2023 04:31:45 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
da9230fbbf9f4feb981369f50637f0fb
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cloud-trace-context
f2ccfd87153f52a92eec182f3544bde3/18311551670863688159;o=1
x-content-type-options
nosniff
x-frame-options
DENY
x-gdpr
0
x-nyt-app-webview
0
x-nyt-data-last-modified
Tue, 18 Jul 2023 04:31:45 GMT
x-nyt-edge-cache
MISS-MISS
x-nyt-route
homepage
x-origin-time
2023-07-18 04:32:50 UTC
x-pagetype
vi-homepage
x-served-by
cache-lga21969-LGA, cache-fra-etou8220080-FRA
x-timer
S1689654770.258257,VS0,VE463
x-xss-protection
1; mode=block
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 14:25:45 GMT
date
Tue, 18 Jul 2023 04:32:50 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
15516424
x-guploader-uploadid
ADPycdu8r8EIkDKHQncby-VxhC4_p_retMia2725uERdqg3x4PWqarMbAFr8Ibt9W3TTJubkfCi_3gQtjgkfPrPzZrZXWJ9J46L7
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-fra-etou8220080-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654771.907872,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
Accept-Encoding
x-goog-generation
1673991774978541
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
925
global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/
6 KB
3 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
23321374
x-guploader-uploadid
ADPycdvX-ZCr92eVvOnBmM_kXRs7MAoM2CUGFUPF9dapGCYk0OiZSImuIlTAOf-evWYxdHOP8KdbpcVXy_0G4cieuuByuQ
x-goog-stored-content-encoding
identity
x-origin-time
2022-10-21 06:23:16 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.900695,VS0,VE0
etag
"e74f8b7c668251280cf3e52e20455a1c"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1666046870273577
content-type
text/css; charset=utf-8
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
911
expires
Sat, 21 Oct 2023 06:23:16 GMT
date
Tue, 18 Jul 2023 04:32:50 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1968
last-modified
Fri, 21 Oct 2022 04:08:16 GMT
server
UploadServer
x-goog-hash
crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr
0
x-goog-stored-content-length
5656
accept-ranges
bytes
adslot-4d815b6492202d78c7ef.js
www.nytimes.com/vi-assets/static-assets/
23 KB
9 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-4d815b6492202d78c7ef.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f22b065f74f94e584bc2f5369c7729709126e755139d4380981468865f61952a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
906834
x-guploader-uploadid
ADPycduZmdQcCU314KaiQ1jdGCUOCt-QsVMNe7o9_exSgdpIl81rqtdh0lkE3ZJ3htU12B6vxCId9HCL0ypSXcJ8i78kk8YtN4bk
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-07 16:38:58 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.230138,VS0,VE0
etag
"ebd56236d74102dfef558ac9333f104b"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1688747250820387
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-4d815b6492202d78c7ef.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1113
expires
Sat, 06 Jul 2024 16:38:57 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7958
last-modified
Fri, 07 Jul 2023 16:27:30 GMT
server
UploadServer
x-goog-hash
crc32c=pO4scg==, md5=69ViNtdBAt/vVYrJMz8QSw==
x-gdpr
0
x-goog-stored-content-length
23058
accept-ranges
bytes
17pol-netanyahu1-zpvk-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/17/multimedia/17pol-netanyahu1-zpvk/
23 KB
24 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17pol-netanyahu1-zpvk/17pol-netanyahu1-zpvk-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
be3c2e371e0c0915b0754a62ffa3d867d6b4acb090737407aec29f90638824f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 18:56:19 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
34591
x-guploader-uploadid
ADPycduj4bx1OFjszX2ATfeSbd2BoPGOnca1lKxDPtMiTm0OR5qLmK1SGfbAeXt-etm13Era2DrMH4ycDhRBz6zygmN2pQR7VDpn
x-cache
HIT, HIT
fastly-io-info
ifsz=62574 idim=600x400 ifmt=jpeg ofsz=23492 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
23492
x-served-by
cache-iad-kcgs7200096-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.242212,VS0,VE0
etag
"2vRKm//NmWcshauicP8XKQuF4w7pQkwpfI1E++szPUo"
vary
Accept
x-goog-generation
1689620174842111
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=9nXqew==, md5=NvHspK+Pm+iwEDe1e+WBcw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
62574
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38, 4
11DUCHESS-RUTLAND-newtop-vcgw-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/07/13/multimedia/11DUCHESS-RUTLAND-newtop-vcgw/
41 KB
41 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/13/multimedia/11DUCHESS-RUTLAND-newtop-vcgw/11DUCHESS-RUTLAND-newtop-vcgw-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57dca90a16ae03177ac28fbff3cdd53d796b3cae477f49b603af81451e4775fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 11 Jul 2023 10:16:50 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
584162
x-guploader-uploadid
ADPycdsK3rlk_HRJHyRPjJaKfUrzgSnTUYWTe6AgT4iyOLPC_sVLYB6fweX4CcKL4QXD6rhxfpMcWu1dowaHeCkBwkCxWw
x-cache
HIT, HIT
fastly-io-info
ifsz=91165 idim=600x400 ifmt=jpeg ofsz=41944 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
41944
x-served-by
cache-iad-kcgs7200022-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.263708,VS0,VE0
etag
"xjNRwGEplbXd2dh539NMIuUN2vk0uJeUXVEBG9srRRI"
vary
Accept
x-goog-generation
1689070605466555
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=ywr1mQ==, md5=2PHho+f83uymwPwRW5HODw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
91165
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 4
12sci-surfing-sea-otter-01-tvgh-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/12/multimedia/12sci-surfing-sea-otter-01-tvgh/
33 KB
34 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/12/multimedia/12sci-surfing-sea-otter-01-tvgh/12sci-surfing-sea-otter-01-tvgh-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a9433f8b070769d1644291a5ce53af9183fbac562b989201968acb5914eeb4f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 12 Jul 2023 09:10:18 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
501753
x-guploader-uploadid
ADPycdu_y918EsGqL2MZvOYm1UjzNkp0-iyzmixSQLY9BTWpteIaZOJmZ23tlLRyAcWfrrH0D3Xe_GjEWlRs1j80ktQM
x-cache
HIT, HIT
fastly-io-info
ifsz=63200 idim=600x400 ifmt=jpeg ofsz=34092 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
34092
x-served-by
cache-iad-kiad7000142-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.266799,VS0,VE0
etag
"/wFx0BT0XbJcyFUhegBXofmMn+YjfZC0XwtztGbdLHY"
vary
Accept
x-goog-generation
1689152426279317
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=yKvuJA==, md5=H27DnrK+ErGAUFzuH1lb7g==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
63200
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9913, 4
08GIRL-DINNER-01-qkhm-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/09/multimedia/08GIRL-DINNER-01-qkhm/
41 KB
42 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/09/multimedia/08GIRL-DINNER-01-qkhm/08GIRL-DINNER-01-qkhm-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0a8cea5595d87be4e3a256959f91f7e4f6607ea567dc5211169dfefb6494e398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 08 Jul 2023 09:05:49 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
242820
x-guploader-uploadid
ADPycdvgB5pU6zj9Fl6rpQyJWp9sJBZFOkzo4KH5ikr-7bryOvUE917qoQTvROnTxLn11hmMIQ5RlTJpuV-v_mica2AU-g
x-cache
HIT, HIT
fastly-io-info
ifsz=72673 idim=600x400 ifmt=jpeg ofsz=42410 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
42410
x-served-by
cache-iad-kiad7000125-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.266971,VS0,VE0
etag
"7HcooRy+EeWYm70k0kzeocCYI75VpeLbxI+WXWG3PHo"
vary
Accept
x-goog-generation
1688806811563436
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=zVc+6w==, md5=4swytLYUmffGJ4drU/bBhw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
72673
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4975, 5
vendor-34178772379de2278287.js
www.nytimes.com/vi-assets/static-assets/
179 KB
53 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-34178772379de2278287.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
addc472d9cdbbe7b865e216906b388af3d03c577315cb1949fe38d414cb24037
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
983917
x-guploader-uploadid
ADPycdvSlHumWcZfobA458caC5k9DWU_QzXcPF0vQ4ne-RizkfIo9Yn6HEs2j_QpkgzI3cl9zD0p1Kr8vRc1nuDu1av5UUyrVHmq
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-06 19:14:14 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265583,VS0,VE1
etag
"a8096b736251a2795e566a4fbcf66c07"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1688670802589190
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-34178772379de2278287.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1187
expires
Fri, 05 Jul 2024 19:14:14 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
52973
last-modified
Thu, 06 Jul 2023 19:13:22 GMT
server
UploadServer
x-goog-hash
crc32c=KDZCaA==, md5=qAlrc2JRonleVmpPvPZsBw==
x-gdpr
0
x-goog-stored-content-length
183294
accept-ranges
bytes
home-2b367887e3b42a06820b.js
www.nytimes.com/vi-assets/static-assets/
708 KB
178 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/home-2b367887e3b42a06820b.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
98eaa1edbc96e93687db9b994a662f2f6c59fbcb7659bdefc798db4b3f46b473
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
31050
x-guploader-uploadid
ADPycdttEwZk4rSjA5ciaZxa69Mvuq6e8GxyNYBY81VIjCGOBtkGMIHXThEmP-wsvT5n-f7DOppFNwnpbFD9iLIkkK6uLA
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-17 19:55:21 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265510,VS0,VE1
etag
"8c1bf2f743269fa1020792ee37e9832d"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1689623675871959
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-2b367887e3b42a06820b.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
6
expires
Tue, 16 Jul 2024 19:55:21 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
181496
last-modified
Mon, 17 Jul 2023 19:54:36 GMT
server
UploadServer
x-goog-hash
crc32c=oQOF2Q==, md5=jBvy90Mmn6ECB5LuN+mDLQ==
x-gdpr
0
x-goog-stored-content-length
725157
accept-ranges
bytes
main-ecfd5f264a8ec352e643.js
www.nytimes.com/vi-assets/static-assets/
1 MB
417 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7753d8243589a8ade0618437770f6e1c8cd86906f3fdfff8c36c10a9fc65172a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
35495
x-guploader-uploadid
ADPycdtaNTZ8SPgZsR37mcRGDpK_gS4ImHP82x1JGgsNrIn_T52jGfVPqavBdVzNiZigdrnZf7jsxXjYGCwLhrpYL-ZORQ
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-17 18:41:16 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265516,VS0,VE1
etag
"7a7271619986e0493339187e37dc68a5"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1689618652982559
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
25
expires
Tue, 16 Jul 2024 18:41:16 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
425894
last-modified
Mon, 17 Jul 2023 18:30:53 GMT
server
UploadServer
x-goog-hash
crc32c=PiCsoA==, md5=enJxYZmG4EkzORh+N9xopQ==
x-gdpr
0
x-goog-stored-content-length
1487876
accept-ranges
bytes
gtm.js
www.googletagmanager.com/
434 KB
117 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bc0626d4c6419e299f673f39b0d611f0b58a52555193d7bb7da34ec4682d77a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119332
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2
samizdat-graphql.nytimes.com/graphql/
149 B
1008 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
nyt-app-type
project-vi
x-nyt-programming-abtest
.ver=13578.000&HOME_DFP_FirstAd_0723=2_Lower_FirstAd&HOME_Intl-AA-Dry-Run=0_Control&HOME_Intl-AA-Dry-Run-USHOLD=&HOME_Intl-AA-Dry-Run-USHOLD_2=&HOME_Intl2023_Intl-RegiID=1_International
Content-Type
application/json
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
anon_user

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
age
0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
e2e972a2098525fc
samizdat-x-canary
false
x-served-by
cache-fra-etou8220080-FRA
x-graphiti-gateway
0952608e
x-nyt-country
SG
x-timer
S1689654772.746872,VS0,VE385
x-nyt-continent
AS
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
01
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
AS:PM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
3ba33b84
x-envoy-upstream-service-time
30
content-length
132
last-modified
Tue, 18 Jul 2023 04:32:51 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
495
content-encoding
gzip
content-length
20
date
Tue, 18 Jul 2023 04:32:51 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
1
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
17
x-nyt-audience-target-flat
AS:PM
x-nyt-continent
AS
x-nyt-country
SG
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
01
x-samizdat-query-exe-id
ba70924a384789ff
x-samizdat-query-field-errors
0
x-served-by
cache-fra-etou8220042-FRA
x-timer
S1689654772.585844,VS0,VE1
als
als-svc.nytimes.com/
679 B
895 B
XHR
General
Full URL
https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
a57e80be4a6f3ac8d1781915ba6fd0f999577482f4c1c89deaa8dad524db6b46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 google
content-encoding
gzip
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
als-svc.nytimes.com:443/*
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
65
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
grumi-ip.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
14 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2055:7200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:21:34 GMT
x-amz-version-id
ZeZbQXIiZ8B7xRijiw8G.q9OnSDyuFAm
content-encoding
br
last-modified
Mon, 27 Mar 2023 06:19:38 GMT
server
AmazonS3
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C2
etag
W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
678
x-amz-cf-id
VJ1yT34ROq0u2KBe5IM8eKzYHsszm3dGcTJCcdCYwg0l7enBrIOqzA==
apstag.js
c.amazon-adsystem.com/aax2/
236 KB
58 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.175.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-175-93.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 03:59:48 GMT
content-encoding
gzip
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront), 1.1 1da735789e643081d5969c1b95f23834.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:22 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, KUL50-C1
age
1984
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
cb3IGMGkMUy2vsKcjnT9A1vi9QCt1VZpT5c0vRZ62rZvlgMTbyoaJQ==
prebid8.1.0.js
www.nytimes.com/ads/
302 KB
96 KB
Script
General
Full URL
https://www.nytimes.com/ads/prebid8.1.0.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
302025
x-guploader-uploadid
ADPycdsUdeFaKXVxFq9sYced9gbCBWviM10gQfQwbxF_yuQulHThWV0Tkd-Fnbve_rcS6N0r3fOIRgFnrhtzD_Bz3WuMjg
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-07 16:39:04 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265686,VS0,VE1
etag
"69d0b1569bbd0b87116d60db3a12cd34"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1687806692468937
content-type
text/javascript
access-control-allow-origin
*
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview
0
x-nyt-route
ads-static-assets
x-nyt-edge-cache
HIT
x-cache-hits
576
expires
Fri, 07 Jul 2023 16:39:04 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
content-length
97611
last-modified
Mon, 26 Jun 2023 19:11:32 GMT
server
UploadServer
x-goog-hash
crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr
0
x-goog-stored-content-length
308841
accept-ranges
bytes
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e

Request headers

Referer
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 21 Oct 2023 06:23:17 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
23321375
x-guploader-uploadid
ADPycduMMv-8etBF_QLtnaI0Y5YNVqBbkrVTdfH9RKMz8tHhvF73vnZXdkMZmGe8IsVibeYizebgUyzDVX5zx-V8xXLjJAX92dbf
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1689654772.606225,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation
1651598151054057
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2113
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 15 May 2024 04:11:20 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
5444490
x-guploader-uploadid
ADPycds1198e7b8ra_egNEgwxV4ogulIZ-p9n29WDoYtHP8p-aX17AcQrVw4mnNiM0-ZtjlnXEQW_a5S0G4FKGUE-y0bpfxdZcM7
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1689654772.606209,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation
1673991776231570
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2110
cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
28 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 14 Jul 2024 00:42:37 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
273014
x-guploader-uploadid
ADPycds27ISF2T-3ic1polM_MoFzDJJRi1I4TzMT9Kl7jlo3cXq4LSYEkgR40_bEXANb8qHZwF_uy6YsdVFL6tuWPSEHMAW3f9XY
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28276
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606359,VS0,VE0
etag
"530cfb72378419eedb60da7e266ad5f1"
x-goog-generation
1673991775200429
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
28276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1211
imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 00:32:20 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
15048031
x-guploader-uploadid
ADPycdu8EQpQm3V7zdMFkJ8XgnencwVnT2B2YUBtaf-sewkAiBh8gRLsetmgM9V27ohK7R6xXMuURFc3DzPNRarYrc9Kgw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26504
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1689654772.607048,VS0,VE0
etag
"6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation
1673991776736810
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
26504
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2039
cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/
27 KB
27 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 00:37:40 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
15047711
x-guploader-uploadid
ADPycdt38TCVFQs07sap3a_qPNNQhOB-oNJNkUm_5NonsSEFt4KS8xlMhMrghM6zQ_O5kimI_tkdWYmaGFdi_deDSjYNLGG5VM4c
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27260
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606727,VS0,VE0
etag
"7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation
1673991775007595
x-goog-hash
crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
27260
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1350
franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 07 Mar 2024 01:48:20 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
11414669
x-guploader-uploadid
ADPycdvKYJzdy5tDaRtgbtZSa5oUcsQgjS6NlJhV8y1JpS4GYbnLeuGqT07o35mSIR-QDQxmhV7ZNRWUOiZlCBCztdJiKDV-f8VD
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20196
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1689654772.606728,VS0,VE0
etag
"75739ac267f076931c6da9740386ee6b"
x-goog-generation
1673991776257702
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20196
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1310
cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/
23 KB
24 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 15 Jul 2024 00:40:09 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
186762
x-guploader-uploadid
ADPycdv1MxrqeQUBH0balFnVL6Qu3OF-CF9lwZlrh4bhqN7ZF-QIE0ostboI_ou3b0JtcJSCus4ZbMTO8Pdu-yb62rcMag
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23704
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.759720,VS0,VE0
etag
"1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation
1673991775396405
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
23704
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
22
cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/
28 KB
29 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 19 Jun 2024 00:58:32 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2432059
x-guploader-uploadid
ADPycdv0Y_XZrbjavKJXYmOYsEY2zJBqpW6vOl91z_ED3FDIB_wRGrW-K0Hc9OtQAnDobPy00d6SahdNj-q3EHlSwjPzvQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28868
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606646,VS0,VE0
etag
"7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation
1673991775506403
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
28868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
21
cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/
23 KB
24 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 03 Jul 2024 04:07:53 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1211099
x-guploader-uploadid
ADPycdubXQ2sVa3S6V44A16OLlSRbCstYbyF-J_aoSfYQGRMmEpYWRR3nqvBQvrVsxBoKAs7FOorg60DuJO_tqrUIa2SPOuve2l6
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
24028
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.759709,VS0,VE0
etag
"cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation
1673991775386814
x-goog-hash
crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
24028
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
17
cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 30 Apr 2024 23:46:34 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
6669977
x-guploader-uploadid
ADPycdsieML4XuwXFGqb9edZuCzrTUFlXDh-P9aDq6_mj1SAPBD_xFNAu5ycd1rrBhr_13xBo5niJr93aODWEUAWKo5O
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26448
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606711,VS0,VE0
etag
"40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation
1673991775015704
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
26448
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1088
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
285 KB
92 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2055:7200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34cca514a48181ab00cb3186bf75b6919c3b1872dc393d2cd8b7ddff252e4804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:21:34 GMT
x-amz-version-id
w4fKLKJYjCftMJeOWAmBaPzibwHjcUFK
content-encoding
br
last-modified
Tue, 18 Jul 2023 03:57:39 GMT
server
AmazonS3
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C2
etag
W/"7d1d865810a5fbec5756e3ba240b3aa2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
678
x-amz-cf-id
9BRcEpl8YuhYlM6QlRYD7h7jiWVT00QSn6x0Tvn0clfvBv8pvq1Cqg==
config
c.amazon-adsystem.com/cdn/prod/
0
311 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fwww.nytimes.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.175.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-175-93.kul50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 02:04:55 GMT
via
1.1 1da735789e643081d5969c1b95f23834.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
age
8874
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
4eWeS3QxLQQoVhSN5PGVPKzNwVuy7TXAaQm-hFxnrHnihVKf2fJH4g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.175.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-175-93.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 41c06d8a12e9a33e89f3ec25030f08a2.cloudfront.net (CloudFront)
date
Mon, 17 Jul 2023 08:04:16 GMT
x-amz-cf-pop
KUL50-C1
age
73715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-l6bnBFm1K3vvSOrxzvpXSZECKYv_3_DkVaboO9x1l0cva3S2s4vPw==
bid
aax.amazon-adsystem.com/e/dtb/
187 B
522 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%2C%7B%22sd%22%3A%22top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
ba12a34407540c7d6c1a4ab78d7d566060b1ee92bdce94345bf1749fd2f3e11f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
187
x-amz-cf-id
LitcdL7E8ccF2PGvdQyauN58glyqC5L8UpCK2Q592WxSWlVFhxLdBQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2c3a7d02660575588914cc2eac2bc83555f39329550a54e141278528923c719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27639
x-xss-protection
0
server
cafe
etag
871 / 19556 / 31076056 / config-hash: 2841643792367511638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 04:32:51 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/
391 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
45983
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127551
x-xss-protection
0
server
cafe
etag
11165969021637306507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Jul 2024 15:46:28 GMT
bid
aax.amazon-adsystem.com/e/dtb/
187 B
520 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=1&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
99cb5d5dc1814ed3f243d841b718a71ec98da7b244bb118e233c4ea88c2876ba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:50 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
187
x-amz-cf-id
UpVMvzArgy0lqLmhANziwc2cpI-_IQOo-S-qH0ClB16-An4aYzncUQ==
ads
securepubads.g.doubleclick.net/gampad/
44 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2926828148306979&correlator=4082149580276563&eid=31076056%2C31075028%2C31068825&output=ldjh&gdfp_req=1&vrg=202307120101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=2496155832&sfv=1-0-40&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D1%26amznp%3D1%26request_time%3D759&cust_params=als_test_clientside%3Dempty_empty_empty_20230718043251%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_liveads_0323_2_4repupdates%252Cdfp_amzn_0_control%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%252Cdfp_adrefresh_0123_1_adrefresh%26sov%3D1%26page_view_id%3DRkzADI-K_5U5KOk9Xtckzn4V%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser%26aid%3DthMiTivLk0kOKouC5ZlvPx&sc=1&cookie_enabled=1&abxe=1&dt=1689654771583&lmt=1689654705&dlt=1689654770804&idt=739&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=906528895.1689654772&ga_sid=1689654772&ga_hid=448640009&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169