www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Submission Tags: falconsandbox
Submission: On December 23 via api (December 23rd 2022, 9:08:56 pm UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 15 domains to perform 132 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2691.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
11	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
22	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
2	52.54.49.121 52.54.49.121	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.199.30 108.138.199.30	16509 (AMAZON-02) (AMAZON-02)
2	52.3.42.214 52.3.42.214	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:230... 2600:9000:2304:ae00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:69b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.213.167.233 18.213.167.233	14618 (AMAZON-AES) (AMAZON-AES)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:dc:... 2a02:26f0:dc:18c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:dc:... 2a02:26f0:dc:383::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::681a:6e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
132	27

38 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.dev.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.49.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-49-121.compute-1.amazonaws.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.199.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-199-30.mxp64.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.42.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-42-214.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:ae00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:69b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.167.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-167-233.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:18c::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:383::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:6e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2691 a.et.nytimes.com — Cisco Umbrella Rank: 6502 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8533 als-svc.nytimes.com — Cisco Umbrella Rank: 10758 myaccount.nytimes.com — Cisco Umbrella Rank: 12444 dd.nytimes.com — Cisco Umbrella Rank: 10983 meter-svc.nytimes.com — Cisco Umbrella Rank: 11687 a.nytimes.com — Cisco Umbrella Rank: 7626 purr.nytimes.com — Cisco Umbrella Rank: 8049 mwcm.nytimes.com — Cisco Umbrella Rank: 11948 csp.dev.nytimes.com — Cisco Umbrella Rank: 38651	1 MB
24	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9732 static01.nyt.com — Cisco Umbrella Rank: 5862 a1.nyt.com — Cisco Umbrella Rank: 8206 mwcm.nyt.com — Cisco Umbrella Rank: 20889 typeface.nyt.com — Cisco Umbrella Rank: 32366	1007 KB
18	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7122 iteratehq.com — Cisco Umbrella Rank: 6435	36 KB
11	googlesyndication.com 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	51 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 9224	168 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3292 collector.brandmetrics.com — Cisco Umbrella Rank: 3639	17 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1239 c.go-mpulse.net — Cisco Umbrella Rank: 602	51 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	47 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7417	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 596	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1412	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8549	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	111 KB
132	15

	Domain	Requested by
16	iteratehq.com	platform.iteratehq.com
14	samizdat-graphql.nytimes.com	www.nytimes.com
14	www.nytimes.com	www.nytimes.com 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
13	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
10	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com www.googletagservices.com
6	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	mwcm.nyt.com	www.nytimes.com
4	tpc.googlesyndication.com	0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	dd.nytimes.com	www.nytimes.com dd.nytimes.com myaccount.nytimes.com
4	static01.nyt.com	www.nytimes.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	typeface.nyt.com	myaccount.nytimes.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
2	a.nytimes.com	www.nytimes.com myaccount.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	csp.dev.nytimes.com	s.go-mpulse.net
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	myaccount.nytimes.com
1	www.googletagservices.com	0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
132	36

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.tenable.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
a.et.nytimes.com R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
als-svc.nytimes.com R3	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
meter-svc.nytimes.com R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
a.nytimes.com R3	`2022-10-15` - `2023-01-13`	3 months	crt.sh
purr.nytimes.com R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Frame ID: 1A4E34316C39D9B7C52FC6CD9FE28748
Requests: 78 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 646C306CF7ABADAE27956F845AB6C301
Requests: 3 HTTP requests in this frame

Frame: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BB5471EF8EDBDAAFC183A083554BDE0
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html
Frame ID: 169E623FEE0F543783DC2D9271B1EC16
Requests: 2 HTTP requests in this frame

Frame: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D81B54FCF9637821657726EEC72A83EC
Requests: 7 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: 79D3A365D23915DCBDE0B02CC71D0115
Requests: 14 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Frame ID: 91FFEA66AD0BA90A3967ABD4E1D2C2A8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63224AFF4C254CED6314E12F7047FB9B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 280DFC853BA86CA004C9E7636F9950F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers Mined a Single Software Flaw for a Year in NY Cyberattack - The New York Times

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

132
Requests

100 %
HTTPS

62 %
IPv6

15
Domains

36
Subdomains

27
IPs

5
Countries

3037 kB
Transfer

8204 kB
Size

30
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.tenable.com/press-releases/tenable-research-finds-72-of-organizations-remain-vulnerable-to-nightmare-log4j
Title: report

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html

132 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request suffolk-county-cyberattack.html Show response
www.nytimes.com/2022/12/21/nyregion/ 199 KB
62 KB 134ms
27ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4334e097277b14b20e48807c54866515ce1e957805a2774905baea3e79bdd02d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2022
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 61548
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 21:08:49 GMT
fastly-restarts: 1
last-modified: Fri, 23 Dec 2022 20:35:08 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/12/21/nyregion/suffolk-county-cyberattack.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 2e2c1c467a5b4207b95a5b2b6431412d
x-cache: HIT, HIT
x-cache-hits: 4, 1
x-cloud-trace-context: ca4848a6de8d87b77771e728c516797c/3685869657812869463;o=1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1671827756.556663,VS0,VE8
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Fri, 23 Dec 2022 20:35:08 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2022-12-23 20:35:55 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2022-12-22T05:02:42.454Z
x-served-by: cache-lga21955-LGA, cache-hhn-etou8220082-HHN
x-timer: S1671829730.549833,VS0,VE7
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 138ms
9ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:41:26 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362444
x-guploader-uploadid: ADPycdul-uECV4Gj75J2p5QhnNyPGHu9rx_KEONy6TZweQxnjjl-GgZK8WcqIzdvSj9YcfrHzQlnwxMztMbrbjXCkCIPXg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9789
x-served-by: cache-hhn-etou8220082-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1671829730.717512,VS0,VE0
etag: "0ae5b8ecb62ff6424a71dc89303213f5"
vary: Accept-Encoding
x-goog-generation: 1651598149653041
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9789
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 26485

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 13ms
13ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1363080
x-guploader-uploadid: ADPycdvJoIWHCbvFsiNl_VmRRVpqr1b_PHvgtyurv5PFsAj7uQfCkIWqTCrUrtbDhQ40SdI6XL6CB4qtzbGKkp1211dUYQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-08 02:30:49 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.593371,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1670358381775516
content-type: text/css; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 24755
expires: Fri, 08 Dec 2023 02:30:49 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Thu, 08 Dec 2022 00:07:34 GMT
server: UploadServer
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 adslot-9349dd2c5537218e254e.js Show response
www.nytimes.com/vi-assets/static-assets/ 22 KB
8 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

89c621cba92a10f0b3c8cd9cfeec1cc73e961d101f05b4507ca33cdeebc0c37e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 277408
x-guploader-uploadid: ADPycdsRWmcmuaOoQfbu5B7sqU5UxGFza7scDk2Jm9pC3IkoJqdhzb6wBCQ6fb9RWvDI444O8Ym8DURKuJCotNDrfjkBrSwlATTm
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-20 16:05:21 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.624921,VS0,VE1
etag: "45251e92ac8641f6c1e329c20d675791"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671552083893317
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7959
expires: Wed, 20 Dec 2023 16:05:21 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7770
last-modified: Tue, 20 Dec 2022 16:01:24 GMT
server: UploadServer
x-goog-hash: crc32c=C012dQ==, md5=RSUekqyGQfbB4ynCDWdXkQ==
x-gdpr: 1
x-goog-stored-content-length: 22178
accept-ranges: bytes

GET
H2 200 21Suffolk-Cyberattack-1-23ae-jumbo.jpg
static01.nyt.com/images/2022/12/21/multimedia/21Suffolk-Cyberattack-1-23ae/ 59 KB
60 KB 139ms
16ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/12/21/multimedia/21Suffolk-Cyberattack-1-23ae/21Suffolk-Cyberattack-1-23ae-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7686e865bd772588b78f9b640b7fc976119f45426a6edf6aeff10f958c0587b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 21 Dec 2022 18:07:01 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 183707
x-guploader-uploadid: ADPycduGiGuN9_glFPcAisJTyHArnDV2KrGUr3d0zMym-11O0qthBGhpx-P4FxbaveYePAzHYLvl_4oWe_hwqIMcOYiY5w
x-cache: HIT, HIT
fastly-io-info: ifsz=159838 idim=1024x683 ifmt=jpeg ofsz=60916 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 60916
x-served-by: cache-iad-kcgs7200081-IAD, cache-hhn-etou8220082-HHN
server: UploadServer
x-timer: S1671829730.759717,VS0,VE6
etag: "nmZWZrc1pADUagx2AlXF8VnHZNmzkG5qtgwKPM/FrJI"
vary: Accept
x-goog-generation: 1671645884996131
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=QCpwig==, md5=QD4JpuCMiN+/J7K2s697fw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 159838
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

GET
H2 200 author-sarah-maslin-nir-thumbLarge-v3.png
static01.nyt.com/images/2018/06/13/multimedia/author-sarah-maslin-nir/ 26 KB
26 KB 37ms
9ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/06/13/multimedia/author-sarah-maslin-nir/author-sarah-maslin-nir-thumbLarge-v3.png

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e257f3721355b6abc887e2bddcca6c7161f5ccf1af227369612839a389c7bd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 15 Nov 2022 11:58:10 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 291987
x-guploader-uploadid: ADPycdthSdtXNdJErzbZvudKmtkHPfqM2-pi7HBrfUWDWLhvRqUWTKQTxuZXBtk3thEhfXaTDv0DQQzvG5Keq_SlN3bEA1qG_v7Y
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 26388
x-served-by: cache-iad-kjyo7100107-IAD, cache-hhn-etou8220082-HHN
last-modified: Fri, 20 May 2022 15:02:42 GMT
server: UploadServer
x-timer: S1671829730.759695,VS0,VE0
etag: "9d66f4ce66fd2f738fd11c9ba55b6630"
vary: Origin
x-goog-generation: 1653058961995567
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=d0zpPQ==, md5=nWb0zmb9L3OP0RybpVtmMA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26388
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4557, 9

GET
H2 200 author-nate-schweber-thumbLarge-v2.png
static01.nyt.com/images/2019/02/14/multimedia/author-nate-schweber/ 25 KB
26 KB 9ms
9ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2019/02/14/multimedia/author-nate-schweber/author-nate-schweber-thumbLarge-v2.png

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

974e8a951d9c6b20e8ce9c0c8d995c34343581705b29b764835c8c2c0805a82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 07 Dec 2022 07:56:16 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 219495
x-guploader-uploadid: ADPycdsYn5WLdyzsIUZ579ml03Oc__DjBG_3jsnO8iNA2mDf1UsFb8bxw3JpEGyROPb_J3BbXbkatWwpM92-wfl5yVhENxHB5brL
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 25614
x-served-by: cache-iad-kjyo7100064-IAD, cache-hhn-etou8220082-HHN
last-modified: Thu, 14 Feb 2019 20:56:39 GMT
server: UploadServer
x-timer: S1671829730.775298,VS0,VE1
etag: "9ef42c491040ee19f476d05e46c89068"
vary: Origin
x-goog-generation: 1550177799086029
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=xtQE+Q==, md5=nvQsSRBA7hn0dtBeRsiQaA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 25614
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 566, 1

GET
H2 200 vendor-08c1b617cd319b136ad1.js Show response
www.nytimes.com/vi-assets/static-assets/ 150 KB
42 KB 11ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-08c1b617cd319b136ad1.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

25c5444f9cf815dbf8d7101748a3646f56150945a62d10c9a6eec45417fdd67f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1363080
x-guploader-uploadid: ADPycduGQtf8IwmAmbazwhL_mXnLqaWC-e7vU2j5sDIrZvsH6gwzF4SVqucYvee2H0UyCPSLzOgy3VZKxay93U3gCClnKYq5u9ZG
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-08 02:30:49 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.784649,VS0,VE1
etag: "88a118a1bf6afaee66edb713204f6666"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1670441606049857
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-08c1b617cd319b136ad1.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 31072
expires: Fri, 08 Dec 2023 02:30:49 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 41809
last-modified: Thu, 08 Dec 2022 00:07:35 GMT
server: UploadServer
x-goog-hash: crc32c=qa6p5A==, md5=iKEYob9q+u5m7bcTIE9mZg==
x-gdpr: 1
x-goog-stored-content-length: 153525
accept-ranges: bytes

GET
H2 200 story-2bd094b67465e10a60b5.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
378 KB 13ms
11ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-2bd094b67465e10a60b5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7a2a94e30871bc1a31b9f8dea1437bf6a3e214120febed58e8de503a1e8a57bc

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 98481
x-guploader-uploadid: ADPycdtG2VuBzUO8vzbA_xmmfACF40Z6-5LkDlhOk0y2hngWpdSsvKIO1Sr6CcQ3mjXGh0j1Vy8YcVCXJ3HtbGebc8mzx6DeKr8E
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-22 17:47:29 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.784800,VS0,VE1
etag: "0ec90ac3edfc31e12594ffa03eebd46f"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671730819958319
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-2bd094b67465e10a60b5.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2
expires: Fri, 22 Dec 2023 17:47:29 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 385516
last-modified: Thu, 22 Dec 2022 17:40:20 GMT
server: UploadServer
x-goog-hash: crc32c=RwAb9w==, md5=DskKw+38MeEllP+gPuvUbw==
x-gdpr: 1
x-goog-stored-content-length: 1394095
accept-ranges: bytes

GET
H2 200 main-07211c4a9bada1f49b5c.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
401 KB 11ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2a098b4bf2876c5638d056a8fefb621f7dd08894b748eda3399b22e86e3843ae

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 174254
x-guploader-uploadid: ADPycducXkBoORdwsZs7gP1TyvW-y2Y9PbuOSOh5wlIiNRql4Efrh4WPFZ6bp0iFUe65v5jhXjj1SxuN31alFV3jvAZqpQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-21 20:45:02 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.784949,VS0,VE1
etag: "c828c592300c4293ec06b4842d9a2591"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671654860268259
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2
expires: Thu, 21 Dec 2023 20:44:36 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 409872
last-modified: Wed, 21 Dec 2022 20:34:20 GMT
server: UploadServer
x-goog-hash: crc32c=+SaevQ==, md5=yCjFkjAMQpPsBrSELZolkQ==
x-gdpr: 1
x-goog-stored-content-length: 1411944
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 404 KB
111 KB 70ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b88f26311d3e0b335adecbd25012aeafc4b061f4af138a448f1d7d4b3526b943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113004
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 404ms
137ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
883 B 119ms
119ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: f1d039c86ad7ea2-32163aa9fae67962-0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 330e80f4d978a1ce
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829730.850267,VS0,VE110
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: fabd0826
x-envoy-upstream-service-time: 17
content-length: 123
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: f1d039c86ad7ea2-32163aa9fae67962-0
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 76ms
8ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 0
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:49 GMT
samizdat-x-canary: false
samizdat-x-instance: 2fa2855a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 19f6b5f07aa3a039-3f195716f40802dc-0
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: 19f6b5f07aa3a039-3f195716f40802dc-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 88f3ca0d7e0e5121
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829730.839409,VS0,VE1

GET
H2 200 als Show response
als-svc.nytimes.com/ 967 B
1 KB 380ms
131ms XHR
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Fa3778e38-6805-54d3-a9d5-78c66b572548&typ=&prop=nyt&plat=web

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

fd4013faa350e497f2eac1f6b651dfe9648976e526d90485383cb2e19c08c025

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google
x-envoy-decorator-operation: als-svc.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
content-length: 967

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 33ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362587
x-guploader-uploadid: ADPycdsMdN37yQQezJJOD1uB6fmKjwjN14H7aMr_ryhOtzv6GQddjWR0pTfKNG6TDj22wYuu7tNzSXNM1AwDJLidQO74zw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829730.820012,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1651598151017654
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8938

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 41ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362587
x-guploader-uploadid: ADPycdv-f7zYfkiMMiYxemmiEtaV7YJXrYdMlHcJ9f-XKye0eK12q3HpcBIj0xV7vNkf-onUCT2_SOBrr0L0ltNVAEkeug
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829730.820700,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1651598151054057
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8902

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 34ms
9ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:32 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362558
x-guploader-uploadid: ADPycds2NoN0QRVxYL-bhByYIykKVIephky6bpv08JhR7a2qj2YHeYdNIRjMlYkro1ExwhkcWcpQ8qSdULIbRoItnLWqKA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1671829730.820615,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
x-goog-generation: 1651598149633653
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29076
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6394

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 41ms
16ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:32 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362557
x-guploader-uploadid: ADPycdvJSmS2IJH50NT7fAPxOpFqSNr2s46gPqF9Tz9mAYlKQCtNwxShfxDamhWgUFxK6igvfVbq0hrszpGbnSk7kMenQw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:50 GMT
server: UploadServer
x-timer: S1671829730.821287,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
x-goog-generation: 1651598150092466
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4236

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 46ms
21ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362587
x-guploader-uploadid: ADPycdsJbxGGTkKx_25_9GBm5CJ8gR1lUwkkwUCiKs-PAkGAAkgsn6JlJKypxzebu6m7psVu__l2zYfoZ6HYFy5Ib7iB
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829730.822245,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598150991608
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7960

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 42ms
17ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362587
x-guploader-uploadid: ADPycdtsB59si_y4HnNZi6MJdR_uu7BfawbR13u72WHVorJhnphqBHvtyYwxaliswrLTaXXLbJOKPadNVHdJneUJpqqc0Ak5eoCb
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1671829730.822243,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
x-goog-generation: 1651598149661480
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28620
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3201

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 47ms
22ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:40:43 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362486
x-guploader-uploadid: ADPycdt6iGOPjA6Hrwf5J88wdeIPkPX86oE9hFzqtOwPnw3Jnen0_szki3D0q6TKJYqhYee9vDkAFxLXwAlnUvc-sLGd-A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1671829730.823365,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1651598149597753
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5012

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 189ms
84ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1430 / 839 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Dec 2022 21:08:49 GMT

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 18ms
18ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362587
x-guploader-uploadid: ADPycdvdqkGZY3eQ_Akge0ajjL2M6unAf-MCqVeT657czXf0SUxX7KOfCRO6RPrc8aCpSxLEx7htGy46vkRBMhGireLtopnPt5i1
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829730.826460,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1651598151578179
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8200

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 646C 393 B
1 KB 44ms
9ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

9d027c05ea641b66ac6831e2d032bb5f710c281ec1c241b559e96f11f2020969

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25
cache-control: public, max-age=600
content-encoding: gzip
content-length: 276
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 21:08:49 GMT
etag: W/"189-FKDoQsnWk1EHdxLt8XXzU14Bmlk"
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-cloud-trace-context: 37add39a0abc2efd42bfe589a6cb0201
x-content-type-options: nosniff
x-datadog-parent-id: 1218962043379867848
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 21153206418011281
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 6
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-hhn-etou8220082-HHN

GET
H2 200 vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-14c6f1ad263703b2ce77.js Show response
www.nytimes.com/vi-assets/static-assets/ 45 KB
15 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-14c6f1ad263703b2ce77.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c56b85b1919a8b6ebb60d35b5001eea9eb61ee51ed55f3dd0ff20acf7ad08bd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 277408
x-guploader-uploadid: ADPycdth07JGlepeAgIY3lJoKNh8Ba2a6fUdnUg7FrfQJG4PT0uIxNfjqHVQ0KqWQ7D8Y9_F5SWVbr8R_wF03md_aJ8ZsQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-20 16:05:22 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.986840,VS0,VE1
etag: "e8f2d0f628bb513076bbbe257fad5adc"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671552085289003
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-14c6f1ad263703b2ce77.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7325
expires: Wed, 20 Dec 2023 16:05:21 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14101
last-modified: Tue, 20 Dec 2022 16:01:25 GMT
server: UploadServer
x-goog-hash: crc32c=YeTq6Q==, md5=6PLQ9ii7UTB2u74lf61a3A==
x-gdpr: 1
x-goog-stored-content-length: 45586
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~5ec95911-dd84837cc1487c18d5cd.js Show response
www.nytimes.com/vi-assets/static-assets/ 66 KB
14 KB 10ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~5ec95911-dd84837cc1487c18d5cd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6b32218f7bee034f726211a4d2b6951a42d74213b7baaf9e1431b7f420a761af

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1362688
x-guploader-uploadid: ADPycdt2zjaWjzFDazM8dYbst10co8mrWy302JvRu3_LZhAga0zQxnI-FeXqpAv4G160NhqfutBdvR7e-L3RYC2eDXi-QA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-08 02:37:21 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.987094,VS0,VE1
etag: "63dc40b3f01633bcdf94eaaea6d07423"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1670440400751411
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~5ec95911-dd84837cc1487c18d5cd.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 27503
expires: Fri, 08 Dec 2023 02:37:21 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13123
last-modified: Thu, 08 Dec 2022 00:07:35 GMT
server: UploadServer
x-goog-hash: crc32c=xHQiCQ==, md5=Y9xAs/AWM7zflOquptB0Iw==
x-gdpr: 1
x-goog-stored-content-length: 67804
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
5 KB 9ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29cd49f61d6124f05a6cd8d781742624ea2205be8dcee00249e588e2a02737e2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1362485
x-guploader-uploadid: ADPycdsXuCunCN1xqp0CKdu6tXvVcvLZXeChagrs2B_vOU6dy2nWikDmhN9dlKdzLhfW-Zt6npwtjhkouFdaNx9FGSYHC6VvZxA6
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-08 02:40:44 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.987068,VS0,VE1
etag: "1cc0a195edd4322de916042d2d3ce9a5"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1669851759141967
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 26350
expires: Fri, 08 Dec 2023 02:40:44 GMT
date: Fri, 23 Dec 2022 21:08:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 4953
last-modified: Thu, 08 Dec 2022 00:07:35 GMT
server: UploadServer
x-goog-hash: crc32c=VL7/VQ==, md5=HMChle3UMi3pFgQtLTzppQ==
x-gdpr: 1
x-goog-stored-content-length: 21765
accept-ranges: bytes

GET
H2 404 index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 646C 0
0 48ms
48ms Script
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
age: 0
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 21
content-length: 308
x-served-by: cache-hhn-etou8220082-HHN
server: envoy
content-type: text/html; charset=UTF-8
x-cloud-trace-context: e03829d02dc83f1a396c0de814a32e6e
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 646C 466 KB
155 KB 11ms
11ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=da9f64e

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9f71bfedce3a05a08fd041fb707774acff7ad68572602115c4387ed4c6acdf34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 15 Dec 2022 10:38:03 GMT
date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
x-api-version: F-X
age: 340
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 7
content-length: 158213
x-served-by: cache-hhn-etou8220082-HHN
server: envoy
x-nyt-backend: lire-ui
etag: "aQx8TQ"
content-type: application/javascript
x-cloud-trace-context: f1b441f553450950bda8d6f7237bb716
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tags.js Show response
dd.nytimes.com/ 203 KB
42 KB 224ms
21ms Script
text/javascript 108.138.199.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.199.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-199-30.mxp64.r.cloudfront.net

Software

Apache /

Resource Hash

3ef385b221c0c207fcac68f08aeea9f2b25fb959b234982a099e580ba06a80fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront), 1.1 e36fe0bdae95008c3ad3d675228af1aa.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 20:51:33 GMT
x-amz-cf-pop: FRA60-P2, MXP64-P2
age: 1037
x-cache: Hit from cloudfront
content-length: 42664
last-modified: Wed, 07 Dec 2022 10:03:12 GMT
server: Apache
etag: "32de8-5ef3a07422ee0-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: xKUrNvyQRH3NmhTPYb0tlxRz8LOBF9tVFC-vOb6YdpTHfjUK0FcfnA==
expires: Fri, 23 Dec 2022 21:51:33 GMT

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Dec 2023 01:30:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
347 B 123ms
62ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b8ecfd11e8086450c73ba71ec182da2ef46cb8602cfdaccf9640efe20fdcb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 322
x-xss-protection: 0
expires: Fri, 23 Dec 2022 21:08:50 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
7ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:50 GMT
samizdat-x-canary: false
samizdat-x-instance: 2fa2855a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 19f6b5f07aa3a039-3f195716f40802dc-0
x-cache: HIT
x-cache-hits: 2
x-datadog-trace-id: 19f6b5f07aa3a039-3f195716f40802dc-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: a7572a59bda20280
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829730.324022,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
8ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:50 GMT
samizdat-x-canary: false
samizdat-x-instance: 2fa2855a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 19f6b5f07aa3a039-3f195716f40802dc-0
x-cache: HIT
x-cache-hits: 3
x-datadog-trace-id: 19f6b5f07aa3a039-3f195716f40802dc-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 9c41ae70aa79d754
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829730.360903,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
7ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:50 GMT
samizdat-x-canary: false
samizdat-x-instance: 2fa2855a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 19f6b5f07aa3a039-3f195716f40802dc-0
x-cache: HIT
x-cache-hits: 4
x-datadog-trace-id: 19f6b5f07aa3a039-3f195716f40802dc-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: ae4c52e2967493c4
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829730.385229,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
8ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:50 GMT
samizdat-x-canary: false
samizdat-x-instance: 2fa2855a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 19f6b5f07aa3a039-3f195716f40802dc-0
x-cache: HIT
x-cache-hits: 5
x-datadog-trace-id: 19f6b5f07aa3a039-3f195716f40802dc-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: ad8ed82f2dcadc5c
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829731.590364,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
844 B 122ms
122ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 623a752f9985c92a-7a6eaa369d25d5ff-1
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 4c6b5aac0ee85e53
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829730.332664,VS0,VE115
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 7221635f
x-envoy-upstream-service-time: 19
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 623a752f9985c92a-7a6eaa369d25d5ff-1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 532 B
1 KB 471ms
217ms XHR
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&pageviewID=FxCM8XAw7khXFXPVSzLsEpFp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

a1ebe5ee8ccf7752663a9fc6e30b8fba9b75b6d2ac3582ef3ba940a975eda430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 115
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
content-length: 532

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
310 B 161ms
161ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 1e82e249892194de-1782188a75635292-0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: ae3dd1404d5e787c
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829730.369399,VS0,VE154
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: fabd0826
x-envoy-upstream-service-time: 63
content-length: 77
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 1e82e249892194de-1782188a75635292-0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 172ms
172ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e6120f855429552d58fd528613cd5d944c3f457b04017ad08d108f06448e035b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 4ce16e2c7914dc29-2a7481e7ba634576-0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 4bf93aa736da4c6e
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829730.394166,VS0,VE164
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 9d2ae4b5
x-envoy-upstream-service-time: 69
last-modified: Fri, 23 Dec 2022 21:08:50 GMT
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 4ce16e2c7914dc29-2a7481e7ba634576-0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 comments-437911ed6d8f92f8111b.js Show response
www.nytimes.com/vi-assets/static-assets/ 38 KB
12 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-437911ed6d8f92f8111b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e9b25d4fa8fffd3b34ea088bdda8ffa4b952c82c04fde13056d8f1098f7fe768

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 277407
x-guploader-uploadid: ADPycdtOSUz0L7_rA54FmUdod5twClXtAhmltjtjsn8ipYUT2oF_Fq95uI3gFWR9oTE83MyqfYVdztHEpo5THdOs4zch6ZhhmfC9
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-20 16:05:23 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.389089,VS0,VE1
etag: "2a4e62720b225736cb4400c115405fdf"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671552084184247
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-437911ed6d8f92f8111b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6455
expires: Wed, 20 Dec 2023 16:05:23 GMT
date: Fri, 23 Dec 2022 21:08:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 11263
last-modified: Tue, 20 Dec 2022 16:01:24 GMT
server: UploadServer
x-goog-hash: crc32c=DSmyYQ==, md5=Kk5icgsiVzbLRADBFUBf3w==
x-gdpr: 1
x-goog-stored-content-length: 38445
accept-ranges: bytes

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 397ms
141ms XHR
application/json 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&caller_id=nyt-vi&jkcb=1671829730400&referrer=&sourceApp=nyt-vi

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-42-214.compute-1.amazonaws.com

Software

envoy /

Resource Hash

5193e8f546bc5017866cc89aeda16b7d649cc8a6a2ef85ec7893bfbaf5d3fe08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: f20c010d73d3773c01cc7199d6f1f93e
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 35
access-control-allow-headers: Content-Type, x-requested-by

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 367ms
121ms Fetch
text/html 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v1/purr-cache

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: purr.nytimes.com:443/*
server: envoy
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 4e0b2b517aa1a9edab10f4646c08108d
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
content-length: 0
expires: Fri, 23 Dec 2022 21:08:50 GMT

GET
H2 200 clientSideCapsule-9559b95cc920b58b425b.js Show response
www.nytimes.com/vi-assets/static-assets/ 426 KB
104 KB 12ms
12ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-9559b95cc920b58b425b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe229c6b7dd3a609bb9965294ced2a46e833d927811d541bbe6603bb848b841d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 277406
x-guploader-uploadid: ADPycdvSU7ONa5WuqA96wHit7uLaqtakoZOzMDq8hdl_GQJIdLObU4MB8n6DnOLyKlgJEeQELf3p6RvTwyUeqf-r0WFTf5lVOBLJ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-20 16:05:23 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829730.422135,VS0,VE1
etag: "87933015927ed5d106a235066bbefd33"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671552084173891
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-9559b95cc920b58b425b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3847
expires: Wed, 20 Dec 2023 16:05:23 GMT
date: Fri, 23 Dec 2022 21:08:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 105534
last-modified: Tue, 20 Dec 2022 16:01:24 GMT
server: UploadServer
x-goog-hash: crc32c=PmdK+g==, md5=h5MwFZJ+1dEGojUGa779Mw==
x-gdpr: 1
x-goog-stored-content-length: 436349
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 11 KB
3 KB 244ms
244ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

62bc7a2d6e67c5e9156a4c8255e74e97b949094ded4ca756f2acbaf28eb26cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 6da4e48090ab772b-554aa395b2fea24f-0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: b52552718f8ccdca
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829731.598905,VS0,VE236
x-nyt-continent: EU
vary: Accept-Encoding, x-nyt-is-anonymous, x-nyt-entitlements, x-nyt-audience-target-flat, x-nyt-news-tenure, x-nyt-programming-abtest, device_type, Samizdat-X-Personalize, x-nyt-meridiem, NYT-App-Type, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 9f7572d8
x-envoy-upstream-service-time: 141
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 6da4e48090ab772b-554aa395b2fea24f-0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 204ms
51ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
26ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 254ms
253ms XHR
text/plain 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1570654682147205&correlator=1290571843616625&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=4262024170&sfv=1-0-40&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1138&cust_params=als_test_clientside%3Dweb_none_none_20221223210850%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1671822187707%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Dalphvblackcat%252Cfederalbureauofinvestigation%26geo%3Dsuffolkcountyny%26des%3Dcyberattacksandhackers%26auth%3Dnateschweber%252Csarahmaslinnir%26coll%3Dnewyork%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000008697083%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt17%252Cnt18%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt11%252Cpt21%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_mastercard%252Cneg_capitalone%252Cneg_chanel%252Cneg_ibm%252Cneg_ms_safe%252Cneg_orep%252Cneg_bp%252Cneg_mtb%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_crime%252Cgs_tech_computing%252Cggl_wrk_collab%252Cdashlane%252Cgs_tech%252Cneg_chan2%252Cneg_hearts%252Ccc_tech_data%252Cneg_racism%252Cgb_crime_edu%252Cgb_spam_edu%252Cgs_law%252Cgb_spam_newsent%252Cgs_t%26tt%3D94%26mt%3DMT10%252CMT8%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_1022_2_update_4%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DFxCM8XAw7khXFXPVSzLsEpFp%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dfd3fHgm2FO8AIKUPK0OseH&sc=1&cookie_enabled=1&abxe=1&dt=1671829730731&lmt=1671827708&dlt=1671829729573&idt=1115&adxs=0&adys=76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&frm=20&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1128108629.1671829731&ga_sid=1671829731&ga_hid=535557547&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f975734493d6d46a3010e8123855986ed5f96cb7c4306d085fa00c712d736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10301
x-xss-protection: 0
google-lineitem-id: 6118280598
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407039063
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 536 B
293 B 91ms
91ms XHR
text/plain 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1570654682147205&correlator=1290571843616625&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&ifi=2&adks=2023797970&sfv=1-0-40&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1140&cust_params=als_test_clientside%3Dweb_none_none_20221223210850%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1671822187707%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Dalphvblackcat%252Cfederalbureauofinvestigation%26geo%3Dsuffolkcountyny%26des%3Dcyberattacksandhackers%26auth%3Dnateschweber%252Csarahmaslinnir%26coll%3Dnewyork%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000008697083%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt17%252Cnt18%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt11%252Cpt21%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_mastercard%252Cneg_capitalone%252Cneg_chanel%252Cneg_ibm%252Cneg_ms_safe%252Cneg_orep%252Cneg_bp%252Cneg_mtb%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_crime%252Cgs_tech_computing%252Cggl_wrk_collab%252Cdashlane%252Cgs_tech%252Cneg_chan2%252Cneg_hearts%252Ccc_tech_data%252Cneg_racism%252Cgb_crime_edu%252Cgb_spam_edu%252Cgs_law%252Cgb_spam_newsent%252Cgs_t%26tt%3D94%26mt%3DMT10%252CMT8%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_1022_2_update_4%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DFxCM8XAw7khXFXPVSzLsEpFp%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dfd3fHgm2FO8AIKUPK0OseH&sc=1&cookie_enabled=1&abxe=1&dt=1671829730737&lmt=1671827708&dlt=1671829729573&idt=1115&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&frm=20&vis=1&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1128108629.1671829731&ga_sid=1671829731&ga_hid=535557547&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d9cb6078d8ed52146a6f83177d1b717d41505b95f1f659292c5d6f8b93e3db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BB5 6 KB
3 KB 212ms
62ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:08:50 GMT
expires: Sat, 23 Dec 2023 21:08:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
dd.nytimes.com/js/ 235 B
620 B 65ms
26ms XHR
application/json 108.138.199.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.199.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-199-30.mxp64.r.cloudfront.net

Software

DataDome /

Resource Hash

d0c092e832c5e8876c95cc42ea2c94fab378715d3aacc61c2490a1fee5268c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 e459b04c35249d5dc407dc0a45b9f29e.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: MXP64-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
x-amz-cf-id: ahueSD70lsgpTWAQxrqX3EcQgwAJwpo5K7mCauBiSb5gxoiexqp-ew==
expires: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 987 B
1 KB 8ms
8ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0320aecc1a21d25cd7796aa09abdc6fced5390d9ed9a376714e790e854f5ca4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 6357eda3a8804901-35d367d28bf0554b-0
age: 1744
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 2fce518141883067
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829731.913357,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: HIT
x-cache-hits: 165
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:50 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: eb696c08
x-envoy-upstream-service-time: 17
content-length: 569
last-modified: Thu, 11 Mar 2021 22:07:09 GMT
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 6357eda3a8804901-35d367d28bf0554b-0
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
8ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:50 GMT
samizdat-x-canary: false
samizdat-x-instance: 2fa2855a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 19f6b5f07aa3a039-3f195716f40802dc-0
x-cache: HIT
x-cache-hits: 6
x-datadog-trace-id: 19f6b5f07aa3a039-3f195716f40802dc-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 8df022dc3857baf8
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829731.904480,VS0,VE1

POST
H2 200 track
a.et.nytimes.com/ 0
0 242ms
242ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 45ms
14ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 19:29:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 23 Dec 2022 21:29:14 GMT

GET
H3

200

activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fn... Show response
5290727.fls.doubleclick.net/ Frame 169E
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2...
https://5290727.fls.doubleclick.net/activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2F...

565 B
307 B

91ms
61ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

e71b4b48e95a17e37c734e3b76b76442998d8a28f0752e5e450ca46df0317a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:08:51 GMT
expires: Fri, 23 Dec 2022 21:08:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:08:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 137ms
21ms Script
application/x-javascript 2600:9000:2304:ae00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:ae00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:01:25 GMT
content-encoding: gzip
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: VIE50-P1
age: 72446
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ZNBu-GE0RBQBJ7bcj5FLLiSgGpPhtnXVcxnpmJCbKgvXA1sV2RlH9A==
expires: Sat, 24 Dec 2022 01:01:25 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
701 B 73ms
8ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 09 Dec 2022 02:14:50 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 68003
x-guploader-uploadid: ADPycdsNm9UAys459iwgE_D3VLqHsTWrnRfxBu0TH80omNfdLhxH7-Jv9kSsEmrq6DqzZWE14u0pcOHdWhqzo_v0iM-_iVyE2dLo
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-hhn-etou8220082-HHN
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1671829731.036332,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1864

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 48ms
16ms Script
text/javascript 2606:4700:20::681a:69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dadde92340126226fab77a5a6cef5da6509a1f5abec49e2a159d948f3c7f577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 20:40:39 GMT
server: cloudflare
age: 1692
cf-polished: origSize=4751
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsGJ9bFu19uQfylStcraC48hKCg%2FwCVjaM7vYxSKyc3dk38oLgaman5PhsWieEp9b5LNSfy7T%2FL58Gtgnvxnxc7vvxbbiF7t7vPTKhon4FcjdEhDPgOZZMVLPIsWRgA823e2GExtlwyf5flmgrbFCeZ5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77e4132ac86e9bca-FRA

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 113ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1498484598
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 23 Dec 2022 21:08:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 60 KB
14 KB 774ms
740ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&gr=METER_LIMIT&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator&areas=gateway

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9415d1ba6f1c42dff943fbb361d0007e2958a8535a1807825eaba7f7d6116841

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache: MISS
x-envoy-upstream-service-time: 266
x-served-by: cache-hhn-etou8220082-HHN
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale_1","gateway":"MAG_web_nonsub_all_monthly-sale_1","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1671829731.030134,VS0,VE732
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-user-status, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 7f4d231d1b029b764bf74b3ac53cb6af
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 37 KB
15 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-2bd094b67465e10a60b5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0de699e5a824527d0851b367a167377ee4d01a22e2134d97fcf560a444ebc6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 15 Dec 2022 10:45:21 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
x-api-version: F-X
age: 550
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 9
content-length: 14551
x-served-by: cache-hhn-etou8220082-HHN
server: envoy
x-nyt-backend: lire-ui
etag: "aQx8TQ"
content-type: application/javascript
x-cloud-trace-context: b47a5977f9a73912ab962da12bcbc653
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 3

GET
H3 200 container.html Show response
0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D81B 6 KB
3 KB 92ms
30ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:08:50 GMT
expires: Sat, 23 Dec 2023 21:08:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 127ms
127ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 0
cache-control: max-age=30
content-length: 0
date: Fri, 23 Dec 2022 21:08:51 GMT
samizdat-x-canary: false
samizdat-x-instance: eaf6821a
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 2ec02095c6742fcd-4dbe103c7f8a3d5a-0
x-cache: MISS
x-cache-hits: 0
x-datadog-trace-id: 2ec02095c6742fcd-4dbe103c7f8a3d5a-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 25
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 953ccf081962839d
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220037-HHN
x-timer: S1671829731.096888,VS0,VE117

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 146 B
906 B 123ms
122ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-2bd094b67465e10a60b5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c91b38dc4d51603266fea7ecc689e901e2ea260b0ca5219eb1a97196487d5598

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
nyt-app-type: project-vi
Content-Type: text/plain;charset=UTF-8

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 61124b79cb772634-6ddc2545533a139-0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 1756da50df18e8ef
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220082-HHN
x-nyt-country: DE
x-timer: S1671829731.227495,VS0,VE114
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BY
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: fabd0826
x-envoy-upstream-service-time: 18
content-length: 127
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 61124b79cb772634-6ddc2545533a139-0
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 139ms
94ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=535557547&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&dr=&ul=en-us&de=UTF-8&dt=Hackers%20Mined%20a%20Single%20Software%20Flaw%20for%20a%20Year%20in%20NY%20Cyberattack%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACgBM~&jid=1522432553&gjid=1879631109&cid=1128108629.1671829731&tid=UA-58630905-2&_gid=637738570.1671829731&_r=1&gtm=2wgbu0P528B3&cg1=nyregion&cg2=null&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&cd3=&cd4=New%20York&cd9=9&cd10=null&cd13=null&cd14=metro_desk&cd15=earned&cd16=referring_links&cd17=100000008697083&cd18=Sarah%20Maslin%20Nir%2CNate%20Schweber&cd19=How%20Hackers%20Used%20One%20Software%20Flaw%20to%20Take%20Down%20a%20County%20Computer%20System&cd20=&cd21=Article&cd23=New%20York&cd26=2022&cd27=2022-12-21-13&cd28=Wednesday&cd29=13&cd30=1671685362454&cd32=New%20York&cd33=SECTION&cd34=NEWS&cd36=21Suffolk-Cyberattack&cd37=1080&cd38=Metro&cd42=nyt-vi&cd43=Cyberattacks%20and%20Hackers&cd44=ALPHV%2FBlackCat%2CFederal%20Bureau%20of%20Investigation&cd46=Suffolk%20County%20(NY)&cd48=December&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Metro&cd54=metro_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=fd3fHgm2FO8AIKUPK0OseH&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=fd3fHgm2FO8AIKUPK0OseH&z=1105731275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:08:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 318ms
101ms Image
image/gif 18.213.167.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&u=062mSCMOY_xYuQo8&d=nytimes.com&g=16698&g0=nyregion%2Cmetro_desk&g1=Sarah%20Maslin%20Nir%2CNate%20Schweber&n=1&f=00001&c=0&x=0&m=0&y=1735&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html&b=1712&t=DMnLMeC8-zvKBit50WDC9Qr0DBL6lM&V=139&i=How%20Hackers%20Used%20One%20Software%20Flaw%20to%20Take%20Down%20a%20County%20Computer%20System&tz=0&_acct=anon&sn=1&sv=B4YtovBu1MInybsnzC48CHbCAb4Nl&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.167.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-167-233.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 23 Dec 2022 21:08:51 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 44 KB
14 KB 19ms
18ms Script
text/javascript 2606:4700:20::681a:69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91aabe6c4b2f7eea18f828f356c4513f32c37b0673873af09bade5da457fc007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 20:40:29 GMT
server: cloudflare
age: 1702
cf-polished: origSize=45750
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UesWB1OzMofYdRx%2Fzr%2FQnt%2F3l7GO8Fk5rKlofvkjFNoP5bX6aMrXgWf012bKvU%2BNfIDLHX7%2BdeWpZjOVvoGwgQ2FOkDWMO6cEgVOuM0Hcu70owu1wxa3jIQRL4qMF1cxhNhInboC6WVVliaRbqRbazmN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77e4132baa479bca-FRA

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame 79D3 20 KB
9 KB 410ms
408ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

18b4fdebb56e8bfa4db228aa3ed6bd16526666ba88cfce1625498bbcbc731b64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 21:08:51 GMT
etag: W/"4f4c-n/W8tE37sQPXblnsr2SU7sZTkI0"
expires: 0
pragma: no-cache
resp-details: [[it:lui]]
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 8a1df20d05ee140fef2ea055deb69eb9
x-content-type-options: nosniff
x-datadog-parent-id: 105144344465937124
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 4473334250708252392
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 31
x-nyt-backend: lire-ui
x-nyt-edge-cache: MISS
x-powered-by: Express
x-served-by: cache-hhn-etou8220082-HHN

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 278ms
19ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=7797439
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H3 200 dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyber...
adservice.google.com/ddm/fls/z/ Frame 169E 42 B
63 B 82ms
50ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=COX8-onTkPwCFTtGkQUdx9wGXg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4418709155016;gtm=2wgbu0;auiddc=1438177793.1671829731;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F12%2F21%2Fnyregion%2Fsuffolk-county-cyberattack.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:08:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D81B 24 KB
7 KB 135ms
29ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
URL: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Dec 2023 01:30:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D81B 153 KB
47 KB 202ms
97ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
URL: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:08:51 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 142ms
141ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D81B 0
0 65ms
65ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwD1osiLDbmAlW6QrNFKGIvmWkc5Ljo2usi0e4du3SVNxFBoaqNbAdM_yyaT6oFGMuw0nYkds67-4qkoytVlXBbkagr-DQ0qbDrqSWuVMDZ-3jcRPK7hyB06e_OkNDZN2V9INtFvcvAiSR4L-GNLHidI-vW-1DRKOwDeuVjgGPn-RvkkxVfr-dR7zaKU1DhSF5okb2KymQ9h3BWZwLYMlGsftuVkaQd1avet4VH6QNXpjgji9P2K8x-lMKYJp5iGpCFWHUaCJAWQlyzbmDmNjVZu7_bp-F-Nj9vJSWmc95JFkcfmqkd4QMnN8qcJ16tKQiXAoVF7wiCCqwmAGMNvjgy0ChtIaUB3PHF5wi-Z0VQEeN&sai=AMfl-YT8KVeRDp2v1B-m9arZQajNgUGwXQVk1ykPu9X7MGlo9JwckqC2S2rwnm3p0W3zA8hP90o9a6jt5iX8-yN4z-2xPJQ0e9Cs53lz82bjtatpOpC7K8dpx-_sriCG54ZutW53d6WR-v71Y1UMRaam-Q&sig=Cg0ArKJSzA82Qoa3X7ClEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
URL: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 flex Show response
www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/ Frame 91FF 4 KB
2 KB 10ms
9ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Requested by

Host: 0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
URL: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

837c46a211e63b71476737cae813c22a71d995b58b1fbd6d6b677236ce44b2b7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
age: 78
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1145
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html;charset=UTF-8
date: Fri, 23 Dec 2022 21:08:51 GMT
expires: 0
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
pragma: no-cache
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding,x-nyt-country, x-nyt-continent, X-NYT-Currency, Fastly-SSL
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 20
x-gdpr: 1
x-magnolia-vary: x-nyt-country, x-nyt-continent, X-NYT-Currency
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
x-nyt-route: mwcm-banner-ads
x-origin-time: 2022-12-23 21:07:33 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829731.354391,VS0,VE2

GET
H2 200 vendors~emailsignup-2be2b84ba4c4171c29af.js Show response
www.nytimes.com/vi-assets/static-assets/ 24 KB
8 KB 10ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup-2be2b84ba4c4171c29af.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

468a18bcfa33f25cb2a54de252f5b1f96b5cfa266b67e2d44496b49deb79f5b5

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 277338
x-guploader-uploadid: ADPycdtqT_XSP9maAriI8zYjAlWQeyQT136yMbGWnkuS6Agfo8idMJEc5uaJpsuGjoBVeVIhe2QTtlky8JVLZyI4qIVrMeVPqhBD
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-20 16:07:26 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829731.359281,VS0,VE1
etag: "12429258c5504ed2c18f429fd533d4c1"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671552085348794
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup-2be2b84ba4c4171c29af.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3514
expires: Wed, 20 Dec 2023 16:06:33 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 6608
last-modified: Tue, 20 Dec 2022 16:01:25 GMT
server: UploadServer
x-goog-hash: crc32c=I8plMQ==, md5=EkKSWMVQTtLBj0Kf1TPUwQ==
x-gdpr: 1
x-goog-stored-content-length: 24400
accept-ranges: bytes

GET
H2 200 emailsignup-11c6b8dc8bcc3dc541b4.js Show response
www.nytimes.com/vi-assets/static-assets/ 3 KB
2 KB 10ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/emailsignup-11c6b8dc8bcc3dc541b4.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cce0ffed913d8ca376c940ddce7d862780c884093ca55864ffd55a13f692efcf

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 277338
x-guploader-uploadid: ADPycdt41YxohOQMEBsxmJesvFfbzzzornepFdNnGx5LYchULYStdHa6m0AkX6re_Pqde9F3gggt-PKIeYTnAidr08VD
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-20 16:07:26 UTC
x-served-by: cache-hhn-etou8220082-HHN
x-timer: S1671829731.360076,VS0,VE0
etag: "c79ecd67bc31a4c558c2b902124cf4b1"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1671552084266632
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/emailsignup-11c6b8dc8bcc3dc541b4.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3697
expires: Wed, 20 Dec 2023 16:06:32 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1293
last-modified: Tue, 20 Dec 2022 16:01:24 GMT
server: UploadServer
x-goog-hash: crc32c=H1relw==, md5=x57NZ7wxpMVYwrkCEkz0sQ==
x-gdpr: 1
x-goog-stored-content-length: 3185
accept-ranges: bytes

GET
H2 200 main_flex.css
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/ Frame 91FF 344 KB
42 KB 66ms
8ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3fdb813192098028336976db08f3065344ea01a1d5df815c29bc1476d4f3912

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
age: 152548
x-cache: HIT
x-envoy-upstream-service-time: 10
content-length: 43178
x-served-by: cache-hhn-etou8220082-HHN
last-modified: Wed, 28 Sep 2022 19:05:59 GMT
server: envoy
x-timer: S1671829731.431301,VS0,VE0
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 970x250_2X_.gif
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame 91FF 243 KB
244 KB 78ms
20ms Image
image/gif 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/970x250_2X_.gif

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f745cef00cf29b0b9806d20bdc65ae6c07696c7daa7984f37dcf21b3e64ac9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 153442
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 249151
x-served-by: cache-hhn-etou8220082-HHN
last-modified: Wed, 28 Sep 2022 19:05:24 GMT
server: envoy
x-timer: S1671829731.431265,VS0,VE7
content-type: image/gif;charset=UTF-8
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 300x250_2X.gif
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame 91FF 189 KB
189 KB 16ms
15ms Image
image/gif 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/300x250_2X.gif

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5b1e6e8a48f4f9f2b5c1651045906dfb671cf15e8a9571b94d223dbc00109874

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 580002
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 193787
x-served-by: cache-hhn-etou8220082-HHN
last-modified: Wed, 28 Sep 2022 19:05:23 GMT
server: envoy
x-timer: S1671829731.444218,VS0,VE2
content-type: image/gif;charset=UTF-8
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 NYTAllAccess_Black.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame 91FF 14 KB
6 KB 7ms
7ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/NYTAllAccess_Black.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1f4a49e702d0d77e1694817dd9cf1ba8569a9e2506ff6f3e6eaab2be2b14b46d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
content-encoding: gzip
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
age: 153443
x-cache: HIT
x-envoy-upstream-service-time: 17
content-length: 6269
x-served-by: cache-hhn-etou8220082-HHN
last-modified: Wed, 28 Sep 2022 19:05:24 GMT
server: envoy
x-timer: S1671829731.486633,VS0,VE0
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
x-origin-server: mwcm-pub-est08.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 958

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
26 KB 9ms
8ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:30:50 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1363081
x-guploader-uploadid: ADPycduCEpzSVheUeClyt2xp73UwXoZ9KWtsez6RVj9DsTSM_fBnBPOCzdDQmYhpt2dJfhk3XhaX2sLFzDMj_pLXeGs3rw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829731.390631,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
x-goog-generation: 1651598151622741
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 25680
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4187

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D81B 0
0 65ms
65ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaXaAvVh_61srJKy32KA2lYpren1ppVrtjp-SacC2nlGsyoDqbbkKqG0qyZNsPE37fnEDN6KJrD15QI2OTQni7Pl5djkHQN4_qFJHvAZpokbZRk6XvfzM703AfiEX-A7cSCSBeGRMSTTva1aPP9pgnkNxlzx8-VlUpW9AbHZjpA-fKGkwt_riNXYw8-IuQs9pi2ceaab6qoXsHrxcSfHJl3f9y7jsV4tlayB3Gw8EmpDPw48IOfZ0H3-3PUzuw1SiKHUIL499cv0SxwS5UINs5oZxJ173v1a_sxTyonaHtPuEmoVOTfY9AtyetLZ47q6ZUxhtFXbVv_A&sai=AMfl-YRVym65mgvWQ9ok-r8BFECj4HKDxa_9sggeDQXvQv2f1m0k-NACBI39S9IXnoB4-zR-KNf21RaimhK_FZUuN3MKhBXXrPEVlAa4ydX5aMd1iP8P6Q1rZyTrY5tU9l4B9NjM-nKD6WTrJWK6lE5UoQ&sig=Cg0ArKJSzB8Pbpp2Y9ILEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Dec 2022 21:08:51 GMT

GET
DATA 200
OK truncated
/ Frame D81B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55a8f01071e07bdb0737e3a03844e5960087070e6843c2d28f831a0a02fcec21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cheltenham-normal-300.woff2
g1.nyt.com/fonts/family/cheltenham/ Frame 91FF 27 KB
27 KB 8ms
8ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff2

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:42:05 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362407
x-guploader-uploadid: ADPycdt86aqn8PEZa8LKlO5FS16F5E1-eI5p4uw0BAZ0VNRvnuHXWsElCb1_o1FRO4WdwfSJiPThFVekpuYr8M80sysR6w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1671829731.493874,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1651598149673512
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 252

GET
H2 200 franklin-normal-300.woff2
g1.nyt.com/fonts/family/franklin/ Frame 91FF 20 KB
20 KB 9ms
8ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.woff2

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:42:05 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362405
x-guploader-uploadid: ADPycdvSDLf8e-REI7S-y0Bfr1kVd2t0xDRRYh4LqybxXbCYn-_IXRYVzdbc2M39OXdy8c2HmCQp12mLLXW6hfJtGVDgw2Lh9t16
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829731.495036,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598151029342
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 508

GET
H2 200 franklin-normal-700.woff2
g1.nyt.com/fonts/family/franklin/ Frame 91FF 20 KB
20 KB 9ms
8ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff2

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:42:05 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1362405
x-guploader-uploadid: ADPycdutLS6hlvaSij6XjUu6fIF3VqYzc3cjEsg7IB1ZNA7-wE6UcMjCOWKlHY-Plr3969xDb3LSsnSs70k7bpD2ReHZTw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1671829731.495046,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1651598151071151
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 534

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 79D3 466 KB
155 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=da9f64e

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9f71bfedce3a05a08fd041fb707774acff7ad68572602115c4387ed4c6acdf34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 15 Dec 2022 10:38:03 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
x-api-version: F-X
age: 342
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 7
content-length: 158213
x-served-by: cache-hhn-etou8220082-HHN
server: envoy
x-nyt-backend: lire-ui
etag: "aQx8TQ"
content-type: application/javascript
x-cloud-trace-context: f1b441f553450950bda8d6f7237bb716
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame 79D3 205 KB
50 KB 104ms
25ms Script
application/javascript 2a02:26f0:dc:18c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: br
last-modified: Thu, 08 Dec 2022 04:50:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame 79D3 0
0 141ms
139ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame 79D3 203 KB
42 KB 25ms
24ms Script
text/javascript 108.138.199.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.199.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-199-30.mxp64.r.cloudfront.net

Software

Apache /

Resource Hash

3ef385b221c0c207fcac68f08aeea9f2b25fb959b234982a099e580ba06a80fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront), 1.1 e36fe0bdae95008c3ad3d675228af1aa.cloudfront.net (CloudFront)
date: Fri, 23 Dec 2022 20:51:33 GMT
x-amz-cf-pop: FRA60-P2, MXP64-P2
age: 1038
x-cache: Hit from cloudfront
content-length: 42664
last-modified: Wed, 07 Dec 2022 10:03:12 GMT
server: Apache
etag: "32de8-5ef3a07422ee0-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: arkecb8ZAoISmHXpIxIBVrqdGFma-Jt5NNuyykkuNm_BhTGYmAJypQ==
expires: Fri, 23 Dec 2022 21:51:33 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame 79D3 0
0 136ms
136ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame 79D3 1 KB
1 KB 365ms
154ms Fetch
application/json 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2022%25252F12%25252F21%25252Fnyregion%25252Fsuffolk-county-cyberattack.html%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-872434

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=da9f64e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-42-214.compute-1.amazonaws.com

Software

envoy /

Resource Hash

1b77cdf82b483303a2946fe1938fa9fd81c70d8293514890929d0a2ed30b6635

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 82389c901a4189145193d84eeea035ac
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48
access-control-allow-headers: Content-Type, x-requested-by

POST
H2 200 track
a.et.nytimes.com/ 0
0 138ms
137ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ Frame 79D3 0
0 139ms
138ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 79D3 29 KB
29 KB 72ms
7ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:54:00 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1361691
x-guploader-uploadid: ADPycdtQbj6ewMK02wTCmhdmtPDPE66Y8zTMj7YzNQUFw2mTGSmIxpeAYJG6FCgIk-ra7vE65SAZ1AECO5_P03wDX-Q4SA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1671829732.755999,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
x-goog-generation: 1605538717313763
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29324
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 658

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 79D3 29 KB
29 KB 73ms
8ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:54:00 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1361691
x-guploader-uploadid: ADPycdvNd9RXunXZckfpTvUn0GufSxlYL433u-ahw2963bu-wKRs4XGx04WEfw3Qf8s1HWCu_qZXl-sd-28gvRLpW_gFEQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn-etou8220037-HHN
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1671829732.756229,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
x-goog-generation: 1605538717322939
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29504
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 306

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame 79D3 240 B
626 B 25ms
24ms XHR
application/json 108.138.199.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.199.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-199-30.mxp64.r.cloudfront.net

Software

DataDome /

Resource Hash

85f456c80ae11a12c1c2060d851b6ad2fc04eca04353ea19f5f561b80aade920

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 e459b04c35249d5dc407dc0a45b9f29e.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: MXP64-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 240
x-amz-cf-id: dXr4JOZYOKFVD2Ftc4y14B5KzsDtFPkWlg_ilyMzMBDJiZh2mq8D9w==
expires: 0

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 79D3 6 KB
2 KB 115ms
42ms XHR
application/json 2a02:26f0:dc:383::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5572766&v=1.720.0&sl=0&si=90385ef3-b8b8-431e-a9d3-72c25410359f-rnd42r&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:383::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e1457d8acf03cf8417e2748118dc9ac0ecb1fb9563fcef41ccf26c7467087f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 21:08:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1506

GET
H2 200 .status
a.et.nytimes.com// 0
0 136ms
135ms Fetch
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
63ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b26c89c2ff225b921be7956aeb84d69caa5af12779016f92890f60999f1ff426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 53ms
22ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6808e11878e70b84cedaed0086afe4f8bdbef5093440bad9e7366684b97b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-amz-version-id: Y1O4cJrNJRrFPDCP_nKZ03XDIIOg9JmW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: RQN8J94HEJXTWDVS
age: 30
x-amz-id-2: InqmZdXyQyogmNVfdUxnta+/i8/UWweYRNYLVgbL96BUw4AxOZFUJKd+gmMYmizUdqnKWWzVLOU=
last-modified: Fri, 09 Dec 2022 16:16:56 GMT
server: cloudflare
etag: W/"552f05e75518084825c2abe18e5df154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B%2F%2Ffkw7yuGTaRcUOHdyOko1VspbrUmTi%2FHj%2BN46y3v8Q%2F0KBMffTMGmgAHjGc3xsG9Zx%2BdArRQZRYz6GhOzRwLmXpdCFJz7UizCcu52wQxNABf313hK826DENdaZuQvbUdgvgxgoHpNRA3YPgAl%2F4cBkQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 77e4132fcda89238-FRA

GET
H2 200 21Suffolk-Cyberattack-1-23ae-jumbo.jpg
static01.nyt.com/images/2022/12/21/multimedia/21Suffolk-Cyberattack-1-23ae/ 59 KB
60 KB 9ms
8ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/12/21/multimedia/21Suffolk-Cyberattack-1-23ae/21Suffolk-Cyberattack-1-23ae-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-07211c4a9bada1f49b5c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7686e865bd772588b78f9b640b7fc976119f45426a6edf6aeff10f958c0587b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 21 Dec 2022 18:07:01 GMT
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 183709
x-guploader-uploadid: ADPycduGiGuN9_glFPcAisJTyHArnDV2KrGUr3d0zMym-11O0qthBGhpx-P4FxbaveYePAzHYLvl_4oWe_hwqIMcOYiY5w
x-cache: HIT, HIT
fastly-io-info: ifsz=159838 idim=1024x683 ifmt=jpeg ofsz=60916 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 60916
x-served-by: cache-iad-kcgs7200081-IAD, cache-hhn-etou8220082-HHN
server: UploadServer
x-timer: S1671829732.796250,VS0,VE0
etag: "nmZWZrc1pADUagx2AlXF8VnHZNmzkG5qtgwKPM/FrJI"
vary: Accept
x-goog-generation: 1671645884996131
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=QCpwig==, md5=QD4JpuCMiN+/J7K2s697fw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 159838
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 2

GET
H2 200 match-prod-12d96d82cf3a66fc5deb.js Show response
platform.iteratehq.com/ 84 KB
29 KB 19ms
18ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaabd90820ba269406274edd0edad418a026a18d33470d6c44eefb0522d0cb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:51 GMT
x-amz-version-id: IyBdpRmdaiN7MN9jjXWA2fyu65ZY761K
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: D571JYDWC77BPM2T
age: 1226625
x-amz-id-2: JnesB1ucW41D3/Pim251gk0QyjzX5dEmzaxs0Ro5QbwVftd17A23Y0NkIBKN3y7JoGBrs2wu2+g=
last-modified: Fri, 09 Dec 2022 16:16:54 GMT
server: cloudflare
etag: W/"550d38dda47616fcdd8c5cda549c4f16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaqM8ercuhojSdDxUcwi3T%2FLtFD6yrWqsX4bUg93yIuHcboXcWkoeVo%2B4eUVHyDms0KXt4cHJKyccZQ%2FhA6Cf4jAUSokSzMHkSEeklWosUsZFsXNEVGUrNRAUqaIPQlVYb7bX8ciYgHeNnS2BVPxWmyY23s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 77e4132fedc99238-FRA

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
658 B 114ms
114ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:52 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtQW85%2FxuNaAM7XdXzbqJMMMpUaGsWjgkG4BOlcTGrYyvY0EBP1QcNu6f8ARsMFYBEAIvjVKIe67eoMoTHibUcDabZPnnUB37cmRPwo0orc5mpjNtGVYzo3Y3OeIDB9lRw7mR%2FGYTcBqm8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e413313f45917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 145ms
114ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e413308e0b917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqSX60WBd7uKGop9veR22Zd5UfFxecyleh9QbYb4PwttTw2KLC3eQRt8%2FwqYLMDp3OFQQcqB4iR9RPPp9WEMVz7hJZMpPGNdaotshtPaJpGN0sO2XrYVJIij1gsmlVzbhfXT%2FQOTOJ%2FOPzc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 179ms
112ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:08:52 GMT

POST
H2 403 report
csp.dev.nytimes.com/ Frame 79D3 425 B
500 B 42ms
7ms Other
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

ff4bbf67614c5347acbdd78dc171441540a8d06842e113bd6839343f8b9551b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

x-served-by: cache-hhn-etou8220037-HHN
date: Fri, 23 Dec 2022 21:08:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: Varnish
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 425
retry-after: 0
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ Frame 79D3 0
0 140ms
138ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F12%252F21%252Fnyregion%252Fsuffolk-county-cyberattack.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6322 13 KB
5 KB 32ms
30ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 243019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:38:33 GMT
expires: Thu, 21 Dec 2023 01:38:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 280D 783 B
1 KB 91ms
24ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a6d743e4f923845e39c8f30e12c52248d855b6f96895081dcd6918fb0bde529

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YN5q4nMLmYfu1hvR4JFccA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-YN5q4nMLmYfu1hvR4JFccA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 21:08:52 GMT
expires: Fri, 23 Dec 2022 21:08:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
844 B 126ms
126ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd59bee2a941575a4044ebb8863a6ef69c087c254fed7fcb3914e106732b3e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:52 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw%2FfenDyLBFZcpR5ZwdwFkpUvLJqNqNqaZSJe3eK9vfifFrS2BdgoZoxEVSFWXs1NRVR2KRcvj5%2BCaDsFvDl7ucjQkf88lDquioOYDwsHYv%2BwTSXZW3JBBAXH4EeKe7JlHibfjbqQn6gh3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e41332ca46917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 110ms
110ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e413321909917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkQITX9Zix%2F48Jw4j5uoXlbnVAxKoz8%2Bpf5B5g25nhr85bIQ%2Bts9PhcBVQvBfDEjDo5n4GwQDhH5Iag6Wpc1j4XoEeC5ZRPs3p4BlUFkfgUGddoWeHOFA2DxbAtEITSdsUfRJotYk1e87OA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 6322 36 KB
16 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 10:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 10:28:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 280D 0
0 53ms
48ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1570654682147205&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6322 0
10 B 29ms
29ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xDILAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 21:08:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
661 B 116ms
115ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efcfe75085307a6a0cc83365281ef95206d95a6ff4e939a04f176db09c19e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:52 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcNncRlhDvkQmgJp1Twlx6C7MU9nZ70yJQm5LLnnFBTxY5%2FVLVKge%2FqvcLS7siCMTXlPvjcmWujTfeHc%2FWI%2B4cP9HrS0dhmxNzujDDPXbFnBuJ8lzHPMEIKmai6D3qJ6wFy0Gna3YRQH4lI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e413346d8b917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 121ms
120ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e413339c14917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umdCA5mpyi%2FM00kPAeHtyAtp6c5xqDuMjTw5dxokQAvgdu%2FF5wSlSMR%2BTtH6HPNYpvNuakcgfO4Mg7x0ftBIQEiUkiE6M9WSvCSvSGykRIOxONv9UMDXUls9WIHz%2BWx73lq2fcFM%2FfXV9Rw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D81B 42 B
64 B 107ms
51ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFDJroLqK6wrv8I97EdkrzKFs3Omul-aFAjhXLuj_ySkj6aAydaW4yt97N1DpxixgcBCHtBBXE1B6mComfEuEolPTr0Fx4_8Goo4K4AUeals45b8M0&sig=Cg0ArKJSzPx-0H2yRaTPEAE&id=lidar2&mcvt=1018&p=93,0,367,1600&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=4262024170&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671829731092&rpt=379&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 21:08:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
648 B 120ms
119ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efcfe75085307a6a0cc83365281ef95206d95a6ff4e939a04f176db09c19e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:52 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSEiB9Qw6VpOh7SjTgrRdO%2FsVLCHwmnyFVU61yuok2MD%2F%2FMbTtgDQF%2BSJN6M5y5KpU1wgElXNm5hG%2FY1ap1ocfNqODFQVIWUv3FXuw5nU2KIc0bxJC%2BH8KlwCBJRSd6xqsXO4D5Ecl2zD90%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e41335e831917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 119ms
116ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e413352ef5917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Y2pOIFZyaJOD3BTQdSpowvo7uEQSjv9IKgJgJzhvzvWG2VusXep7VPSvCMjNGJJCrD8RB6o5XAOLecFzUxkZ%2BazoxXvUXpVDW63cThiGi%2FTcrHO4Dl8dcNvUKKOceLA7%2FsMRHui3vTqr0s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1570654682147205&bg=!cXKlcjbNAAYgquz3AKo7ACkAdvg8WtHz8U6iq2nVRQIDEuyhA6_pEhpZfRr4-RcjSyGoS0pGW2leCAIAAABBUgAAAA9oAQcKAC1ImAJqfuq9HwN9uE8UxXYdJmy-KwcEA5q0Uc9JnBzplxnEK1i9_QFRynfnnVSZAu6qPBdXCOFYn6GGp90HivtPFUGMJkVGa_N3aTSPVZX5NT41LWv1CbMGpOUnPqRGSMoFHylSc74IUBntDju5qAE24Eyyaqe5Z5mnV_IuTxGxNQe_J2wzeQ-eUlJu3Ru6XbOPf25tJCXFoQ8JPJimvfHlQAlFgrnUmThEekoaA1mtS7UoNjF_ZrsSsAGBHdWfUzuGDPuJ8RSqrUxqFUfLKyMsDPfUT_4FrYotE_LTNeFUUqdoiFmAvoh0WE6JggT4nGuBWDATBFrQ8jVD6KfU96wIfqSf6-utGvZiSL7ddykooHfv2lGQ1YUOXSHMzXMpX0Hcb8ZhoKxkEjpXBbw5x1QINXJHYGmtjrI484VUcyUVa48B0p7pTNhkFTcqbNIS9Xa0KH3ZmDv4g5-z_QIoQBlc1c09Ptrh5skHKm9dR_qlAN9BlvhBn0_6-VN42ks9xZh0xjnQY-xp6211DqAC5fwsuXpx7dDqbbbQrYVKKf8j4qJ-6BEL0taJ1g_vABk9ilmUrQ7C5tcHDVWJH1PI1cRNlQOp5AzGe7yXvW46KhPXBfucZZ0ht9weH8kSzTnUlBBt-1-b3zoZPOfEITg9vmNACkHRdDqA7luRHqXVQ7Bp7wuLiPa3vyHef96x7uKjDoP4vtjvLnBDNMYbfgtgIJ7NVKIxv-ouehIBb6m0UpDiuYQXKsWzbr7Es3UrvOgGh0m0QBvu2ntgIcIw6yEwjNEFG_G6snUlZLLDHaGaNrCZQ1jJokSRTMnoj3m3MoXRqt0h1PH6SC_gLGYMtMPeBvTPLmQbIqC7nYwKn7UHJxKg2EnSNbsrfGCyoq-S4A8wwxxWX9971fqq4FJug1OIO8jd0emsQRXCMgoB5921yn_Poq07hPtwuhyO2fpkAAaSGuxC9vo79zAwPEmkkRPE-fDfYI3kIhoFaGr-plcS0VbvZS289ysB5k4l_h5gieKNp-uX1DmLfzpYF7duFgq41bkIUYPUK6uqavumYsIt9bU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
655 B 130ms
129ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2735ab38f0ed7a860b6499c75b109b23a39198e81d1938de6984c6e7d3096194

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:53 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7aqWVlonnhweq%2Bxr9Vp3yRoxlaAyrkBmk3EJ3ICwFGlifmgTkYu4txG9%2Fj6zjJaoqRmRrreiLdkVytcRUEPOlbJZqXlRLgAsWlZCBkQuroK7bqv6sdDvUcRj%2BMSFW%2FCG5qBh786D1q2nNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e413376a9c917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 118ms
117ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e41336a96a917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmxb3ZunFSk1esDLYRiX05CSwGkHNKqGOaVjmWckhgXAShIur842RoS7SrBYzSrY7NNnvqjHwqGBqaVE6saGgIQyOhQPYZLJIhW226jKnkIdii9JuYFv2IbtJGarWUz8Rh8QmdARqIPsEhI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
629 B 124ms
123ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2735ab38f0ed7a860b6499c75b109b23a39198e81d1938de6984c6e7d3096194

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:53 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D5O4n9nK2HNCRSgoUCahrJq2eYNUFnaLLs2vQ2KPghLo8zcMXqwjtwTXxBBUAsYxm4M6OfFcdLwswcF%2FjJPpxYm1HMkH3skguZzcVF3sachTS3hmkvzzdLZKqWxAzpUW0A6ukJt1hw72Uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e41338fdbd917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 116ms
115ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e413383c4e917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVGIp4NWnis3H7Doq%2FDwndTQRKjNAFIeIfALEMhaFR35BTTjexwwY284Ei7LJPvEtuW27T8BZG%2BMTM%2BcyQE60BNqf0M5JJdfH9MdIjq%2ByYNR47lz0YC2LfawNLlkTj%2F6qCwMn5GlTjKn2kI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
650 B 147ms
147ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2735ab38f0ed7a860b6499c75b109b23a39198e81d1938de6984c6e7d3096194

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:53 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fp6mO563RpzkZ%2F1sA8RzfLRiPanU820xLqp9og4rl8sy4H%2BGKvgMWsGO6w9eWybFnaexYNqN6EaoeoMiQ%2FITi1FbGYbkHZsteAi4diUchH1ymvPAjp6QYyErF%2BmDIbqwfmHGMB2yyaIGRIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e4133a883f917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 119ms
118ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e41339cf17917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtcEHzKSyyCFvMDDJXG9gq9Isqn5KK8j%2B6jqdkNcycExg4H3vmLpOJQGyihH6bz9onYJ6CywtLzz2rLw%2BHGlOmKTBKMtrSV4feBnhDGDKR4JVGl6HxAaRcEeXNSJSreOAJa%2BrxOjn3eMVY0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
632 B 137ms
137ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-12d96d82cf3a66fc5deb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2735ab38f0ed7a860b6499c75b109b23a39198e81d1938de6984c6e7d3096194

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Dec 2022 21:08:53 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs2xGLFNSjtGS2uOXq%2Fk0OhlbiHxe40tbzKiYYIRjXR7pqMrcVRfNDw0BgVgdVXxRzcnyj0MSvQOhkceIE5ZkBcXUb2mBIZisVUGsXbZGIlQizMN%2Bt7N6BzS5D1fZkqZGtykeykG4uovmNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77e4133c2bfb917a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 111ms
111ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 77e4133b7a2c917a-FRA
content-length: 0
date: Fri, 23 Dec 2022 21:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBMT7%2BaHNGGrrp5vnnqa8a3ymWiv11mzOfJO9BgIip5lr3dqRUa7V6WyUuZRy08nAaKkSmutilf1tyJtqUpNlvefjr1exlQwfcSoV0HWYbk7htPyh0fdRXuxY0wxngIn673kfm7SzbiuMq0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 140ms
138ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 17:09:25	Name: nyt-a Value: fd3fHgm2FO8AIKUPK0OseH
.nytimes.com/	1970-01-20 08:24:11	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 17:09:25	Name: nyt-purr Value: cfhspnahhudnhu
.nytimes.com/	1970-01-20 08:24:11	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 08:24:11	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: d2e420fec8f2449898cedc2fc8cd4474
.et.nytimes.com/	1970-01-20 08:23:51	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 17:09:25	Name: sessionIndex Value: 1\|1671829730084\|fd3fHgm2FO8AIKUPK0OseH\|1671829730084
.nytimes.com/	1970-01-20 17:53:19	Name: purr-cache Value: <K0<r<C_<G_<S0
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1671829730723&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 17:09:25	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 08:23:59	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 08:23:59	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 17:09:25	Name: nyt-jkidd Value: uid=0&lastRequest=1671829730723&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.nytimes.com/	1970-01-20 17:59:49	Name: nyt-m Value: ABC51A6767CF727BAE580589FD1E09F9&v=i.0&rc=i.1&e=i.1672581600&igu=i.1&iir=i.0&fv=i.0&imv=i.0&s=s.core&vr=l.4.0.0.0.0&pr=l.4.0.0.0.0&igf=i.0&uuid=s.28fb5bb5-fd35-4162-b3e4-f07a9204f1fa&er=i.1671829730&cav=i.1&igd=i.0&n=i.2&ft=i.0&ica=i.0&iue=i.0&iub=i.0&ifv=i.0&t=i.0&ier=i.0&iru=i.1&ird=i.0&prt=i.0&vp=i.0&imu=i.1&iga=i.0&ira=i.0&g=i.0
.www.nytimes.com/	1970-01-20 17:09:25	Name: datadome Value: 3YnwQbuyMQs_wwjDXM1Sj1Jqy_DIiyNFvtV14pPAiw2~jGjMO0V8_gkU~mJdy0vM1Q2526zOzdqHTxwZLRpiqJKNc9LloWJ1ZrE4Q0o0NITMARH_rmm2rHPDi8TBG5~l
.nytimes.com/	1970-01-20 10:33:25	Name: _gcl_au Value: 1.1.1438177793.1671829731
.nytimes.com/	1970-01-20 17:45:25	Name: __gads Value: ID=6069b13b2bdbde7f:T=1671829730:S=ALNI_Mby2vnuXxLwabf0rw_wFUMfjYdOqA
.nytimes.com/	1970-01-20 17:45:25	Name: __gpi Value: UID=00000b974faa4095:T=1671829730:RT=1671829730:S=ALNI_MZ31S-QSPqdWvJ5AvtzQlSjlBib2w
.nytimes.com/	1970-01-20 17:59:49	Name: walley Value: GA1.2.1128108629.1671829731
.nytimes.com/	1970-01-20 08:25:16	Name: walley_gid Value: GA1.2.637738570.1671829731
.nytimes.com/	1970-01-20 08:23:49	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 17:52:37	Name: _cb Value: 062mSCMOY_xYuQo8
.nytimes.com/	1970-01-20 17:52:37	Name: _chartbeat2 Value: .1671829731133.1671829731133.1.B4YtovBu1MInybsnzC48CHbCAb4Nl.1
.nytimes.com/	1970-01-20 08:23:51	Name: _cb_svref Value: null
.doubleclick.net/	1970-01-20 17:45:25	Name: IDE Value: AHWqTUkEp3OVrFb64_W_QUy03iVHY0q5X5KdZvBvx1gwMSaXZvlZIaLVUGy6HKfYrUs
.et.nytimes.com/	1970-01-20 08:25:16	Name: et-ppvid Value: https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html=FxCM8XAw7khXFXPVSzLsEpFp^https://myaccount.nytimes.com/auth/iframe/enter-email=fMvDjtvbE_KNtbdsiJ4vJKhi
.myaccount.nytimes.com/	1970-01-20 17:09:25	Name: datadome Value: oGEUitPu7xV5Ae9BgDo0yZoUkWa40VvhrGimcBqaIBn250OmC6g2ibBGLnkZ8_0RVjQdxdZ3vUo8Pk7SPwS5-JlMjJ05PppQLl9u8trcGhhvCMveKEr32MfW8NZiFOr
.nytimes.com/	1970-01-20 08:33:54	Name: RT Value: "z=1&dm=nytimes.com&si=04726aaa-72b9-4074-9cc8-f204ecfd541d&ss=lc1098i8&sl=1&tt=gz&bcn=%2F%2F02179918.akstat.io%2F&ld=kx"
.nytimes.com/	1970-01-20 17:59:49	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2E2MThlNGNkNjQyMjAwMDE0OTYwNTYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjcxODI5NzMyfQ.Wa4T0GwS6v5cf4uJf2teecG8tAeyVcVKybjLoKZpM5A

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://02179918.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cc4703c251e54a4a3a919bd61daa51b.safeframe.googlesyndication.com
5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c.go-mpulse.net
cdn.brandmetrics.com
collector.brandmetrics.com
csp.dev.nytimes.com
dd.nytimes.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
108.138.199.30
142.250.186.38
15.197.193.217
151.101.1.164
151.101.129.164
18.213.167.233
20.50.2.28
2001:4860:4802:38::178
2600:9000:2304:ae00:18:1fcd:351:7bc1
2606:4700:20::681a:69b
2606:4700:20::681a:6e5
2606:4700:20::ac43:479c
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2004
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:808::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2001
2a02:26f0:dc:18c::11a6
2a02:26f0:dc:383::11a6
44.211.112.71
52.3.42.214
52.54.49.121
0320aecc1a21d25cd7796aa09abdc6fced5390d9ed9a376714e790e854f5ca4c
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0d9cb6078d8ed52146a6f83177d1b717d41505b95f1f659292c5d6f8b93e3db8
0de699e5a824527d0851b367a167377ee4d01a22e2134d97fcf560a444ebc6e9
18b4fdebb56e8bfa4db228aa3ed6bd16526666ba88cfce1625498bbcbc731b64
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1b77cdf82b483303a2946fe1938fa9fd81c70d8293514890929d0a2ed30b6635
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1f4a49e702d0d77e1694817dd9cf1ba8569a9e2506ff6f3e6eaab2be2b14b46d
25c5444f9cf815dbf8d7101748a3646f56150945a62d10c9a6eec45417fdd67f
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
2735ab38f0ed7a860b6499c75b109b23a39198e81d1938de6984c6e7d3096194
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
29cd49f61d6124f05a6cd8d781742624ea2205be8dcee00249e588e2a02737e2
2a098b4bf2876c5638d056a8fefb621f7dd08894b748eda3399b22e86e3843ae
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
3a6d743e4f923845e39c8f30e12c52248d855b6f96895081dcd6918fb0bde529
3dadde92340126226fab77a5a6cef5da6509a1f5abec49e2a159d948f3c7f577
3ef385b221c0c207fcac68f08aeea9f2b25fb959b234982a099e580ba06a80fb
4334e097277b14b20e48807c54866515ce1e957805a2774905baea3e79bdd02d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468a18bcfa33f25cb2a54de252f5b1f96b5cfa266b67e2d44496b49deb79f5b5
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4c56b85b1919a8b6ebb60d35b5001eea9eb61ee51ed55f3dd0ff20acf7ad08bd
5193e8f546bc5017866cc89aeda16b7d649cc8a6a2ef85ec7893bfbaf5d3fe08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a8f01071e07bdb0737e3a03844e5960087070e6843c2d28f831a0a02fcec21
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5b1e6e8a48f4f9f2b5c1651045906dfb671cf15e8a9571b94d223dbc00109874
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bc7a2d6e67c5e9156a4c8255e74e97b949094ded4ca756f2acbaf28eb26cfe
6b32218f7bee034f726211a4d2b6951a42d74213b7baaf9e1431b7f420a761af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7686e865bd772588b78f9b640b7fc976119f45426a6edf6aeff10f958c0587b5
7a2a94e30871bc1a31b9f8dea1437bf6a3e214120febed58e8de503a1e8a57bc
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7f975734493d6d46a3010e8123855986ed5f96cb7c4306d085fa00c712d736ae
837c46a211e63b71476737cae813c22a71d995b58b1fbd6d6b677236ce44b2b7
85f456c80ae11a12c1c2060d851b6ad2fc04eca04353ea19f5f561b80aade920
89c621cba92a10f0b3c8cd9cfeec1cc73e961d101f05b4507ca33cdeebc0c37e
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91aabe6c4b2f7eea18f828f356c4513f32c37b0673873af09bade5da457fc007
9415d1ba6f1c42dff943fbb361d0007e2958a8535a1807825eaba7f7d6116841
974e8a951d9c6b20e8ce9c0c8d995c34343581705b29b764835c8c2c0805a82c
9d027c05ea641b66ac6831e2d032bb5f710c281ec1c241b559e96f11f2020969
9efcfe75085307a6a0cc83365281ef95206d95a6ff4e939a04f176db09c19e48
9f71bfedce3a05a08fd041fb707774acff7ad68572602115c4387ed4c6acdf34
a1ebe5ee8ccf7752663a9fc6e30b8fba9b75b6d2ac3582ef3ba940a975eda430
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
aaabd90820ba269406274edd0edad418a026a18d33470d6c44eefb0522d0cb3c
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b26c89c2ff225b921be7956aeb84d69caa5af12779016f92890f60999f1ff426
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b3fdb813192098028336976db08f3065344ea01a1d5df815c29bc1476d4f3912
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b88f26311d3e0b335adecbd25012aeafc4b061f4af138a448f1d7d4b3526b943
c91b38dc4d51603266fea7ecc689e901e2ea260b0ca5219eb1a97196487d5598
cce0ffed913d8ca376c940ddce7d862780c884093ca55864ffd55a13f692efcf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c092e832c5e8876c95cc42ea2c94fab378715d3aacc61c2490a1fee5268c83
d7b8ecfd11e8086450c73ba71ec182da2ef46cb8602cfdaccf9640efe20fdcb1
dd59bee2a941575a4044ebb8863a6ef69c087c254fed7fcb3914e106732b3e84
df6808e11878e70b84cedaed0086afe4f8bdbef5093440bad9e7366684b97b90
e1457d8acf03cf8417e2748118dc9ac0ecb1fb9563fcef41ccf26c7467087f37
e257f3721355b6abc887e2bddcca6c7161f5ccf1af227369612839a389c7bd30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e6120f855429552d58fd528613cd5d944c3f457b04017ad08d108f06448e035b
e71b4b48e95a17e37c734e3b76b76442998d8a28f0752e5e450ca46df0317a11
e9b25d4fa8fffd3b34ea088bdda8ffa4b952c82c04fde13056d8f1098f7fe768
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f745cef00cf29b0b9806d20bdc65ae6c07696c7daa7984f37dcf21b3e64ac9bc
fd4013faa350e497f2eac1f6b651dfe9648976e526d90485383cb2e19c08c025
fe229c6b7dd3a609bb9965294ced2a46e833d927811d541bbe6603bb848b841d
ff4bbf67614c5347acbdd78dc171441540a8d06842e113bd6839343f8b9551b6

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

62 %IPv6

15 Domains

36 Subdomains

27 IPs

5 Countries

3037 kBTransfer

8204 kBSize

30 Cookies

12 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

62 %
IPv6

15
Domains

36
Subdomains

27
IPs

5
Countries

3037 kB
Transfer

8204 kB
Size

30
Cookies

132 HTTP transactions
1 data transactions