www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zlth.xyz/
Effective URL:
https://www.nytimes.com/section/us
Submission: On March 01 via api (March 1st 2020, 6:44:44 am UTC) from DE

Summary HTTP 110 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 17 domains to perform 110 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	167.99.26.105 167.99.26.105	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
33	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
12	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:814::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1 1	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
9	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f1:... 2a02:26f0:f1:18e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	34.233.218.104 34.233.218.104	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.101.22 143.204.101.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
1	18.194.77.222 18.194.77.222	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
2	34.225.200.104 34.225.200.104	14618 (AMAZON-AES) (AMAZON-AES)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:800:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3036::6812:206c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.0.121.144 52.0.121.144	14618 (AMAZON-AES) (AMAZON-AES)
1	23.37.33.211 23.37.33.211	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:303... 2606:4700:3032::6812:216c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
110	28

4 167.99.26.105 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

zlth.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cigsvc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:814::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.164 (United States) 1 redirects

ASN54113 (FASTLY, US)

nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::5c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

payments.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients2.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:18e::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.233.218.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-218-104.compute-1.amazonaws.com

et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-22.fra50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.77.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-77-222.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.200.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-200-104.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:800:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6812:206c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.121.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-121-144.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.33.211 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-33-211.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6812:216c (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	nytimes.com 1 redirects www.nytimes.com a.et.nytimes.com samizdat-graphql.nytimes.com nytimes.com cigsvc.nytimes.com et.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	646 KB
31	nyt.com g1.nyt.com static01.nyt.com a1.nyt.com	1 MB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net 5290727.fls.doubleclick.net	103 KB
11	google.com 2 redirects news.google.com pay.google.com payments.google.com clients2.google.com adservice.google.com www.google.com	55 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	234 KB
4	zlth.xyz 1 redirects zlth.xyz	1 MB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	118 KB
2	typekit.net use.typekit.net p.typekit.net	1 KB
2	datadome.co js.datadome.co api-js.datadome.co	23 KB
1	chartbeat.net pnytimes.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.de www.google.de	109 B
1	googlesyndication.com tpc.googlesyndication.com
1	google.co.uk adservice.google.co.uk	778 B
1	gstatic.com www.gstatic.com	82 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
110	17

	Domain	Requested by
22	static01.nyt.com	www.nytimes.com
11	a.et.nytimes.com	www.nytimes.com
10	www.nytimes.com	zlth.xyz www.nytimes.com
9	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
8	et.nytimes.com	www.nytimes.com zlth.xyz
8	g1.nyt.com	www.nytimes.com
5	news.google.com	www.nytimes.com news.google.com
4	zlth.xyz	1 redirects zlth.xyz
3	platform.iteratehq.com	zlth.xyz platform.iteratehq.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com
2	iteratehq.com	www.nytimes.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	errors.client.optimizely.com	www.nytimes.com
2	pay.google.com	news.google.com
2	samizdat-graphql.nytimes.com	www.nytimes.com
1	p.typekit.net
1	use.typekit.net
1	pnytimes.chartbeat.net
1	a1.nyt.com	zlth.xyz
1	static.chartbeat.com	zlth.xyz
1	mwcm.nytimes.com	www.nytimes.com
1	www.google.de	www.nytimes.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	api-js.datadome.co	www.nytimes.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	js.datadome.co	zlth.xyz
1	cigsvc.nytimes.com	www.nytimes.com
1	cdn.optimizely.com	www.nytimes.com
1	clients2.google.com	news.google.com
1	www.gstatic.com	www.nytimes.com
1	payments.google.com	1 redirects
1	nytimes.com	1 redirects
1	www.googletagmanager.com	www.nytimes.com
110	39

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
nytimes.com
cn.nytimes.com
cooking.nytimes.com
parenting.nytimes.com
thewirecutter.com
nytconferences.com
store.nytimes.com
account.nytimes.com
eedition.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
spiderbites.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
a.et.nytimes.com COMODO RSA Domain Validation Secure Server CA	`2018-08-27` - `2020-08-26`	2 years	crt.sh
*.news.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2019-10-08` - `2021-10-21`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.nytimes.com/section/us
Frame ID: 0B3988F81FF4AEE8379BFF87C93C80AA
Requests: 107 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
Frame ID: 5C53EBD6DC1C6BA95135E193403FA7D6
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=439734
Frame ID: 3D489356BF3121B0C3A21B5863ADF77C
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;u8=;u10=http%3A%2F%2Fzlth.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus
Frame ID: 83BD85EEBF07AF04CBB883B678246A75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zlth.xyz/ Page URL
http://zlth.xyz/Home/Process HTTP 302
https://www.nytimes.com/section/us Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

Kestrel (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Page Statistics

110
Requests

97 %
HTTPS

59 %
IPv6

17
Domains

39
Subdomains

28
IPs

5
Countries

3791 kB
Transfer

7454 kB
Size

18
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log In

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://parenting.nytimes.com/
Title: parenting

Search URL Search Domain Scan URL

URL: https://thewirecutter.com/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: http://nytconferences.com/
Title: Live Events

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT store

Search URL Search Domain Scan URL

URL: https://account.nytimes.com/
Title: manage my account

Search URL Search Domain Scan URL

URL: http://eedition.nytimes.com/cgi-bin/signup.cgi?cc=37FYY
Title: replica edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2020 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014892108-Privacy-policy
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://spiderbites.nytimes.com/
Title: Site Map

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zlth.xyz/ Page URL
http://zlth.xyz/Home/Process HTTP 302
https://www.nytimes.com/section/us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://nytimes.com/ads/google/adsbygoogle.js HTTP 301
https://www.nytimes.com/ads/google/adsbygoogle.js

Request Chain 50

https://payments.google.com/payments/v4/js/integrator.js?ss=md HTTP 301
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

Request Chain 81

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=599409511&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fzlth.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=dock&ea=impression&el=gdpr&_u=YAhAAEAB~&jid=771710884&gjid=1781282453&cid=1636311138.1583045069&tid=UA-58630905-2&_gid=78559878.1583045069&_r=1&gtm=2wg2j0P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd9=9&cd14=null&cd21=collection&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd42=nyt-vi&cd48=null&cd49=&cd51=nyt-vi&cd52=collection&cd54=null&cd57=0&cd58=0&cd59=&cd60=&cd63=fLa_GquyoogNEMYNPvl_uR&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=fLa_GquyoogNEMYNPvl_uR&cd172=desktop&cd173=desktop&z=1972422322 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_gid=78559878.1583045069&gjid=1781282453&_v=j81&z=1972422322 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_v=j81&z=1972422322 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_v=j81&z=1972422322&slf_rd=1&random=47467519

Request Chain 90

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;u8=;u10=http%3A%2F%2Fzlth.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;u8=;u10=http%3A%2F%2Fzlth.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
zlth.xyz/ 3 KB
3 KB 363ms
313ms Document
text/html 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://zlth.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fd5d68c2ad95c95fb7d7fec7b83cb486f928d224383d04e2c9940df5e5e368f4

Request headers

Host: zlth.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Mar 2020 06:44:24 GMT
Content-Type: text/html; charset=utf-8
Server: Kestrel
Cache-Control: no-store,no-cache
Pragma: no-cache
Transfer-Encoding: chunked

GET
H/1.1 200
OK jquery.min.js Show response
zlth.xyz/lib/jquery/dist/ 85 KB
85 KB 167ms
167ms Script
application/javascript 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://zlth.xyz/lib/jquery/dist/jquery.min.js
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

Referer: http://zlth.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Mar 2020 06:44:24 GMT
Last-Modified: Wed, 27 Nov 2019 19:56:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5a55cb8008591"
Content-Length: 86929
Content-Type: application/javascript

GET
H/1.1 200
OK playcanvas-latest.min.js
zlth.xyz/lib/ 1009 KB
1010 KB 325ms
305ms Script
application/javascript 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://zlth.xyz/lib/playcanvas-latest.min.js
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer: http://zlth.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Mar 2020 06:44:24 GMT
Last-Modified: Thu, 21 Nov 2019 18:48:48 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5a09c4f122df3"
Content-Length: 1033715
Content-Type: application/javascript

GET
H2

200

Primary Request us Show response
www.nytimes.com/section/
Redirect Chain

http://zlth.xyz/Home/Process
https://www.nytimes.com/section/us

876 KB
102 KB

116ms
39ms

Document
text/html

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/section/us

Requested by

Host: zlth.xyz
URL: http://zlth.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

026e2bff82da9f182e40c97ac9d5b4f0b3a9cbb027fea857c30175d62209bb86

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /section/us
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://zlth.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://zlth.xyz/

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Sun, 01 Mar 2020 06:39:18 GMT
last-modified: Sun, 01 Mar 2020 06:39:18 GMT
x-pagetype: vi-collection
x-vi-compatibility: Compatible
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=600,no-cache
x-nyt-route: vi-collection
x-origin-time: 2020-03-01 06:39:33 UTC
accept-ranges: bytes
date: Sun, 01 Mar 2020 06:44:27 GMT
age: 308
x-served-by: cache-jfk8133-JFK, cache-hhn4056-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1583045067.298489,VS0,VE2
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=fLa_GquyoogNEMYNPvl_uR; Expires=Mon, 01 Mar 2021 06:44:27 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Sun, 01 Mar 2020 12:44:27 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhhpnh; Expires=Mon, 01 Mar 2021 06:44:27 GMT; Path=/; Domain=.nytimes.com
x-gdpr: 1
x-frame-options: DENY
x-api-version: F-F-VI
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 103628

Redirect headers

Date: Sun, 01 Mar 2020 06:44:26 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-store,no-cache
Pragma: no-cache
Location: https://www.nytimes.com/section/us

GET
H2 200 web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 120ms
42ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-cache-hits: 14858
age: 12321124
status: 200
x-guploader-uploadid: AEnB2UoZ_LvEh1F_VrfCOidW9TKNGcy4tP3fDnqVWT2wPk-avC_ijrP7yDcMEfsX0Ez7KKNMnRogVlZ0HTlMMUAwgbZipDAN3T1sUDXAAOHkhkYma4tNDD4
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
content-length: 9922
x-served-by: cache-fra19172-FRA
access-control-allow-origin: *
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583045067.424733,VS0,VE0
etag: "b3e9eedd81b658bb38d40b91c6568d7a"
vary: Accept-Encoding, Origin
x-goog-hash: crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
x-goog-generation: 1570567624278152
via: 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9922
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Fri, 09 Oct 2020 16:12:23 GMT

GET
H2 200 global-42db6c8821fec0e2b3837b2ea2ece8fe.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
2 KB 44ms
44ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-42db6c8821fec0e2b3837b2ea2ece8fe.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 724860
x-guploader-uploadid: AEnB2UqmigfKUK9AVhGJKCteMcE3FUCsU9xvcpMDTFxA9DhWkHaqrifkK-tE7dfUPZR4jXVCZz6HT7bLon1nXp2hA-XcEHDXf-u9jOyW4fizYuTu6BPyRHo
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-21 21:23:27 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 20:53:44 GMT
server: UploadServer
x-timer: S1583045067.346292,VS0,VE0
etag: "42db6c8821fec0e2b3837b2ea2ece8fe"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=kfeHYA==, md5=QttsiCH+wOKzg3suouzo/g==
x-goog-generation: 1582318424792323
expires: Sat, 20 Feb 2021 21:23:27 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 4619
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 1813
content-type: text/css; charset=utf-8
x-cache-hits: 8626

GET
H2 200 adslot-df60c69ae832943d22c0.js Show response
www.nytimes.com/vi-assets/static-assets/ 11 KB
5 KB 37ms
37ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-df60c69ae832943d22c0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e0f32d4e30e0a6e969beef61ec0faff6051e64ddf950c08fb85b495811da9c2

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 138853
x-guploader-uploadid: AEnB2UpVdO713uw2Vy1nizo-jZ2Rg_NzhDeZeirlNOZXmOje4UgPjX76-_LlJZ6w8GUG92T40bLOauy1x5Jz_mOYkKIQud5SiQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:34 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:34 GMT
server: UploadServer
x-timer: S1583045067.366082,VS0,VE1
etag: "ca4f5029955768da7e187801e2d7d1d0"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=mLsjBQ==, md5=yk9QKZVXaNp+GHgB4tfR0A==
x-goog-generation: 1582904254960427
expires: Sat, 27 Feb 2021 16:10:14 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 11121
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 4276
content-type: application/javascript
x-cache-hits: 9286

GET
H2 200 29virus-northwest-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/02/29/us/29virus-northwest/ 215 KB
215 KB 50ms
37ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/29virus-northwest/29virus-northwest-threeByTwoMediumAt2X.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 61a7468d9c3fea786610c320aa118fe7a6cac1627c71cfd8fcaf17cac94d4fc0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 20068
status: 200
x-guploader-uploadid: AEnB2Up8aomLg0mCirVaFRHNhOvtsxkwoIJxlsLM1vRmC-VnkH0aLv1hUSJmEJVu5cu545yY_vIpZO8zy4WCjArGZZDTN8zGqg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 2
content-length: 219771
x-served-by: cache-bwi5137-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Sun, 01 Mar 2020 01:09:54 GMT
server: UploadServer
x-timer: S1583045067.379055,VS0,VE0
etag: "799395cdeefe74d4bfd6e9240e2ea657"
vary: Origin
x-goog-hash: crc32c=uKQ06Q==, md5=eZOVze7+dNS/1ukkDi6mVw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Sun, 01 Mar 2020 01:09:59 GMT

GET
H2 200 merlin_169802310_af06ddc8-3884-4a37-aac6-1170130d0332-thumbStandard.jpg
static01.nyt.com/images/2020/02/29/us/29virus-northwest/ 5 KB
6 KB 37ms
37ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/29virus-northwest/merlin_169802310_af06ddc8-3884-4a37-aac6-1170130d0332-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dc1bef527d74b76efafddf47f2334a7fc1613bb27c51a3a1a01d5b76c85cdcf1

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 20068
status: 200
x-guploader-uploadid: AEnB2UqP5UcNMB4cYe_gpRo2UpLD5bNCGNP1CxG3QaBoMy_hTNzMhFPH_5nxCC4r-cIKcYUFuMigzlP5XVYq30gTb3ols6j2hA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 5531
x-served-by: cache-bwi5141-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Sun, 01 Mar 2020 01:09:54 GMT
server: UploadServer
x-timer: S1583045067.408459,VS0,VE1
etag: "2aba6ce2cd015dcc123a0a9950f3c374"
vary: Origin
x-goog-hash: crc32c=nsYVTQ==, md5=Krps4s0BXcwSOgqZUPPDdA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Sun, 01 Mar 2020 01:09:59 GMT

GET
H2 200 merlin_169673538_cb41e11d-204f-46fd-9c95-05f0bd7720b3-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/02/27/us/27coronavirus-solano1/ 141 KB
141 KB 38ms
38ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/27/us/27coronavirus-solano1/merlin_169673538_cb41e11d-204f-46fd-9c95-05f0bd7720b3-threeByTwoMediumAt2X.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 280dbf2e73a64c89631e0e3bcded0ac5b07270e166e9d25698849ded2e3dfa4b

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 160484
status: 200
x-guploader-uploadid: AEnB2UqXMbPvfmiGvQdq5eOygwhpoqZwl6ZrA6n2UeP7bVwaZxJs8nnQhck-giDpxDoCG50jSvXwV46Ecueg_UZYujfLcC_Bdw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 144252
x-served-by: cache-bwi5129-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Fri, 28 Feb 2020 10:00:18 GMT
server: UploadServer
x-timer: S1583045067.445726,VS0,VE1
etag: "6ed090a7a4422ce16dfd5bd5d29fdeef"
vary: Origin
x-goog-hash: crc32c=dnbiOw==, md5=btCQp6RCLOFt/VvV0p/e7w==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Fri, 28 Feb 2020 10:09:43 GMT

GET
H2 200 merlin_169673538_cb41e11d-204f-46fd-9c95-05f0bd7720b3-thumbStandard.jpg
static01.nyt.com/images/2020/02/27/us/27coronavirus-solano1/ 7 KB
7 KB 36ms
36ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/27/us/27coronavirus-solano1/merlin_169673538_cb41e11d-204f-46fd-9c95-05f0bd7720b3-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6ea392e67e347ccb12084ab19c6361c7ff0d6030ffd0a340e54de2365b4b3032

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 160665
status: 200
x-guploader-uploadid: AEnB2UrMf9EgDZ5Q_k7hhYO3Xa5dlxBECfTImAueCxUZdieS7k_ZGvgqG5bgrKf_x26cElxIzc1OsBoh0CN3C2Xv8P4PCI8jnqDTymsQxQaSF3MJ3C2TESI
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 2
content-length: 6966
x-served-by: cache-bwi5135-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Fri, 28 Feb 2020 10:00:18 GMT
server: UploadServer
x-timer: S1583045067.445966,VS0,VE0
etag: "6a5d7c74f5e3894f30579f2abcd6ab71"
vary: Origin
x-goog-hash: crc32c=9YZmsg==, md5=al18dPXjiU8wV58qvNarcQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Fri, 28 Feb 2020 10:06:42 GMT

GET
H2 200 29border-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/02/29/us/29border/ 139 KB
139 KB 45ms
42ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/29border/29border-threeByTwoMediumAt2X.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8e357ddbc0eddfcc062510b13f7ccf8fe11feae7e9b61818c9187115c11c708b

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 53860
status: 200
x-guploader-uploadid: AEnB2Uq3kySIF3tjWuso-tIXtt_1ozBKFwJt8E9DWx10ldoNkHtPSRJIhuNMAyY5WjZCqGmDBENPW5e3ciRO_JzHZQuWiL5LGQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 141893
x-served-by: cache-bwi5133-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Sat, 29 Feb 2020 15:40:16 GMT
server: UploadServer
x-timer: S1583045067.489974,VS0,VE1
etag: "540e2d87d9ee8266d0fb36a3b2c4678f"
vary: Origin
x-goog-hash: crc32c=XBto5Q==, md5=VA4th9nugmbQ+zajssRnjw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Sat, 29 Feb 2020 15:46:47 GMT

GET
H2 200 29border-thumbStandard.jpg
static01.nyt.com/images/2020/02/29/us/29border/ 5 KB
5 KB 40ms
37ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/29border/29border-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6b447402078e50e134f19153aa3cdd24b4b27224ee8b7c37a0622e3a8a7a9448

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 54227
status: 200
x-guploader-uploadid: AEnB2Uo0Uf70hFZQGN4NbMiSgsHDZrHyTv16JwJXMo7SNij87aTGOQ0UmKNcpxp21bYUErpiQUUxGYYcONFjRqtjJTJkO8vLDg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 5214
x-served-by: cache-bwi5122-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Sat, 29 Feb 2020 15:40:16 GMT
server: UploadServer
x-timer: S1583045067.490169,VS0,VE1
etag: "07e636fa4a1d416e0f8472bcf9aa8965"
vary: Origin
x-goog-hash: crc32c=xK7I4g==, md5=B+Y2+kodQW4PhHK8+aqJZQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Sat, 29 Feb 2020 15:40:40 GMT

GET
H2 200 29calunequalSUB-threeByTwoMediumAt2X-v2.jpg
static01.nyt.com/images/2020/03/01/us/politics/29calunequalSUB/ 132 KB
133 KB 45ms
42ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/01/us/politics/29calunequalSUB/29calunequalSUB-threeByTwoMediumAt2X-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8caaa5804579ecaf2bda61945bfe4e5795fe46a1098970367c5f8d4e83759b37

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 32891
status: 200
x-guploader-uploadid: AEnB2Uqk0BnmvRWx9Xty9LwpUddrXldULGQap_4IT7T2yDvjolJcSxG4_ibVcNbvwHA6k1QOP3uAlI-1pVyCJZ4-_8cuAHRcKA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 135506
x-served-by: cache-bwi5128-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Sat, 29 Feb 2020 21:36:09 GMT
server: UploadServer
x-timer: S1583045067.490148,VS0,VE1
etag: "c018ceda5156418bc3d9e30820b83d1c"
vary: Origin
x-goog-hash: crc32c=rDHahA==, md5=wBjO2lFWQYvD2eMIILg9HA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Sat, 29 Feb 2020 21:36:16 GMT

GET
H2 200 29calunequalSUB-thumbStandard-v2.jpg
static01.nyt.com/images/2020/03/01/us/politics/29calunequalSUB/ 5 KB
6 KB 41ms
38ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/01/us/politics/29calunequalSUB/29calunequalSUB-thumbStandard-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 93040244b31bb1e355b9217dd3a680d4c97aebbbf0e9ba7c5204496e574c2f4a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 32891
status: 200
x-guploader-uploadid: AEnB2UqNEVz5s_h7fswzoK9ypNZ_8buuyA0hTl2xbXoPvbrbgbKxacJmhZJasILrIAhHMlcoVVIHn_NJoZQHS_JPCUwAqhLMdg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 5594
x-served-by: cache-bwi5151-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Sat, 29 Feb 2020 21:36:09 GMT
server: UploadServer
x-timer: S1583045067.490158,VS0,VE1
etag: "dac01e7ca000df0a4363b013fc7cee40"
vary: Origin
x-goog-hash: crc32c=nvAdjA==, md5=2sAefKAA3wpDY7AT/HzuQA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Sat, 29 Feb 2020 21:36:16 GMT

GET
H2 200 20diary-virus-promo-sub-videoLarge.jpg
static01.nyt.com/images/2020/02/20/us/20diary-virus-promo-sub/ 87 KB
87 KB 44ms
41ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/20/us/20diary-virus-promo-sub/20diary-virus-promo-sub-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 33f5577f85b711d60e9e17c43bc1cbec52618293306f736e092e4d44c67a0181

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 194366
status: 200
x-guploader-uploadid: AEnB2UoeuMaiec2XUsEi-LnsyaVBI1OgRDRs6eU2G-eyCdPR2OAoHAVqOJGQJRY-49zF1BeGkK7uTOfp0F4yWkSRosbXWuK1gA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 88679
x-served-by: cache-iad2141-IAD, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Thu, 20 Feb 2020 23:20:43 GMT
server: UploadServer
x-timer: S1583045067.490389,VS0,VE1
etag: "ec2f777c0ced9383edcd996ed9ddbba9"
vary: Origin
x-goog-hash: crc32c=uYLdwg==, md5=7C93fAztk4PtzZlu2d27qQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Thu, 20 Feb 2020 23:44:09 GMT

GET
H2 200 merlin_169662837_a49bb6a0-ae0e-4774-a5df-b53363b95ac7-videoLarge.jpg
static01.nyt.com/images/2020/02/27/us/28newsomcatoday/ 79 KB
80 KB 42ms
42ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/27/us/28newsomcatoday/merlin_169662837_a49bb6a0-ae0e-4774-a5df-b53363b95ac7-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0be57c2174cbdb4650aeb4857520f69a421f6b5282b0816a9ee7f9d043ede1fe

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 188485
status: 200
x-guploader-uploadid: AEnB2UrBwgZc6WXvsnZMQvKeBLDP6d9KR046jD6WyDhf7m-NprVLalUY_8BuKtnAEXNWJe-M45loN8YLDQwJeXUlU9xhrGqlSw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
content-length: 81154
x-served-by: cache-bwi5121-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Fri, 28 Feb 2020 02:23:00 GMT
server: UploadServer
x-timer: S1583045067.490578,VS0,VE1
etag: "44e491d588c924c053b6898455cb77ee"
vary: Origin
x-goog-hash: crc32c=7bEA/g==, md5=ROSR1YjJJMBTtomEVct37g==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Fri, 28 Feb 2020 02:23:02 GMT

GET
H2 200 26coronavirus-schools03-videoLarge.jpg
static01.nyt.com/images/2020/02/26/us/26coronavirus-schools03/ 64 KB
65 KB 41ms
41ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/26/us/26coronavirus-schools03/26coronavirus-schools03-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 675654854a14af3aa644717269456469e2964f2076f79197a462b4453509c01a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 243959
status: 200
x-guploader-uploadid: AEnB2Uqt2EZab7YpzEpoJTUvucj0yURHfQWsprAn6Fb78aepEy9RDODPITccAZmwtGGelSKYflCRrYr_sOmkWLiSF7o9PmQF9w
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 65934
x-served-by: cache-bwi5146-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Thu, 27 Feb 2020 10:00:16 GMT
server: UploadServer
x-timer: S1583045068.530221,VS0,VE1
etag: "a80bf29a04202be9effd17bd8649c677"
vary: Origin
x-goog-hash: crc32c=IrOGeQ==, md5=qAvymgQgK+nv/Re9hknGdw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Thu, 27 Feb 2020 10:58:28 GMT

GET
H2 200 26VIRUS-TRANSMISSION-videoLarge.jpg
static01.nyt.com/images/2020/03/26/science/26VIRUS-TRANSMISSION/ 76 KB
76 KB 43ms
43ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/26/science/26VIRUS-TRANSMISSION/26VIRUS-TRANSMISSION-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6d9f1c86122a1a020f144f77d5e84e0f5c191021348c8eed5610d51d38c413d6

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 237166
status: 200
x-guploader-uploadid: AEnB2UrdVAkM5qv6DJDe8rF3UVEKQsuwYNWma5T1OyQ0vSf5MAV6-i7mGQvSrRI0Iior-FDc2DoszwCKZs8O-YtV3TqdG-ARGg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
content-length: 77501
x-served-by: cache-bwi5136-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Thu, 27 Feb 2020 12:51:22 GMT
server: UploadServer
x-timer: S1583045068.530350,VS0,VE2
etag: "ec3abdb8d0197cadcca071f4b5292eb1"
vary: Origin
x-goog-hash: crc32c=t3D7nA==, md5=7Dq9uNAZfK3MoHH0tSkusQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Thu, 27 Feb 2020 12:51:42 GMT

GET
H2 200 25VIRUS-CDC-videoLarge.jpg
static01.nyt.com/images/2020/02/25/science/25VIRUS-CDC/ 53 KB
54 KB 38ms
37ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/25/science/25VIRUS-CDC/25VIRUS-CDC-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 76d0384a8ac4dd7125055deb1de3a090b076829712e35fbaa87e7f00f4dac9fa

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 389877
status: 200
x-guploader-uploadid: AEnB2Ur8_oH5kT1DxZwggIRkXhzz4sXyP6EPweZaJU0JGPSrkyR7rv46MG3Zq1u5_yiNGvTayt69L_1ssUhkXG2S5HtBL7J3Gw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 54510
x-served-by: cache-iad2123-IAD, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 25 Feb 2020 18:19:20 GMT
server: UploadServer
x-timer: S1583045068.537797,VS0,VE1
etag: "71cc0e5e86582fcd946b4e4f53286f44"
vary: Origin
x-goog-hash: crc32c=LZ4Qng==, md5=ccwOXoZYL82Ua05PUyhvRA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 25 Feb 2020 18:26:30 GMT

GET
H2 200 29sc-ledeall-top-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/01/us/politics/29SUBJPsc-ledeall-print/ 17 KB
17 KB 38ms
37ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/01/us/politics/29SUBJPsc-ledeall-print/29sc-ledeall-top-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2bbbfb7f78873863f31213290ee423e643cc9b141b5ae3a881e608e79a4ec41a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 9562
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=14426 idim=210x140 ifmt=jpeg ofsz=17070 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 17, 1
fastly-stats: io=1
content-length: 17070
x-served-by: cache-bwi5136-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.545872,VS0,VE1
etag: "ef+trpd03SSrw9OZNHlj5NDwfYHRjjGODQQstdPFqhM"
vary: Accept
x-goog-hash: crc32c=uqqE+A==, md5=WqCMf8DXtLKFb/0PsOxdqA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Upn_nM5LPSyWsARUsTF9lqu2jHOKIxodtubvuV-nCjnQFs4u90DA5GWxk8EbWzL8Ou-PV6WHssw2PY9fi6pLn1TqOuPDQ
expires: Sun, 01 Mar 2020 04:05:05 GMT

GET
H2 200 00steyer-out-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/politics/00steyer-out/ 10 KB
10 KB 38ms
37ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/politics/00steyer-out/00steyer-out-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 576a672720a6cb33d2f41cd47be8d134eb99ddafbeb2b2d2103067c50cac1750

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 15726
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=10855 idim=210x140 ifmt=jpeg ofsz=10038 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 10038
x-served-by: cache-bwi5132-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.550654,VS0,VE1
etag: "BPJw4YjnksoMy+wsoAS9V3P/7q0hRBq/oN1RJOcXOoQ"
vary: Accept
x-goog-hash: crc32c=OCCXtA==, md5=ZjE6u4vMk0T+yidUftk4Xw==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Uo54wUJffaD83QbIomSci4B2IDYrWQUAboh93f4XlH1IQgRQ-v7O0kKIDUVF-KrcQEC7TSWaRoak4AkMwYvd80CdriZfA
expires: Sun, 01 Mar 2020 02:22:21 GMT

GET
H2 200 merlin_169661970_a7eaf924-0187-4f04-907f-70438666f13b-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/politics/29buttigieg-blackvoters/ 11 KB
12 KB 38ms
38ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/politics/29buttigieg-blackvoters/merlin_169661970_a7eaf924-0187-4f04-907f-70438666f13b-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 155052362cfc5f74fc84affe999b432d494074559473e0698270d9f5a87d3a52

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 17829
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=11384 idim=210x140 ifmt=jpeg ofsz=11740 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 11740
x-served-by: cache-bwi5134-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.569464,VS0,VE1
etag: "FBBWnXvuzbr3OyLq7PlhiPbRFNFQ+R0vhVNLo0rUT6I"
vary: Accept
x-goog-hash: crc32c=NWyeUw==, md5=BhkiOQCknD2UEKPMu+GmXg==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UrPWjFF4eUIgJOYfUcrXCxzRWMkj1yBpRor0xCsrOH7ZHrBvRrL9ijmQTS7Q4Gdo87EpmcHqGzkWtRAOYCW4QUaqMUksg
expires: Sun, 01 Mar 2020 01:47:19 GMT

GET
H2 200 merlin_169784451_e9514643-6aef-4c25-a894-5144068b7f4d-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/politics/29sc-assess1/ 22 KB
22 KB 38ms
38ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/politics/29sc-assess1/merlin_169784451_e9514643-6aef-4c25-a894-5144068b7f4d-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 497bba68b045aa7b22756bcc05b31435dc841534f2b7f56582d210fa3bd715cd

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 18297
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=18185 idim=210x140 ifmt=jpeg ofsz=22224 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 3, 1
fastly-stats: io=1
content-length: 22224
x-served-by: cache-bwi5149-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.571622,VS0,VE1
etag: "b5SiyVJzue0mIhU0iTCO5C6Wq4W2xu9r6efwPsN4Bmo"
vary: Accept
x-goog-hash: crc32c=rmKhlg==, md5=q3wIxHcJTBUH1kiPlkILRw==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UoEKzciKedeGTY62vBQPyO2U9_yGM2zFhX43nbAWMNN4F2DIiRpZUNwD0rfy_cQ2ruIweVvV8UW_DlE-gdeEGExFdV7uw
expires: Sun, 01 Mar 2020 01:39:30 GMT

GET
H2 200 29xp-attack-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/29xp-attack/ 16 KB
17 KB 105ms
105ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/29xp-attack/29xp-attack-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c8e624ac69de1962a0ef5b0878b0da8e583885a5e9f8db2af396a2f09050e34b

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 18297
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=14424 idim=210x140 ifmt=jpeg ofsz=16892 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
fastly-stats: io=1
content-length: 16892
x-served-by: cache-bwi5142-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.572981,VS0,VE37
etag: "bf8736dpg8DFAtHZ07q57yFwJagqbj8SV1fLJDpykRU"
vary: Accept
x-goog-hash: crc32c=C4mkyQ==, md5=yEp0b/P4sxdCmfeHz6tbbQ==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UrePXbdiKBVAxmnQ3pAe8YaeejKKO0OIvCCg052JktJYoSCTXop-PwydzvIh3LPPlfW6doZCtUKV4gnMWhx27cGtdpcGA
expires: Sun, 01 Mar 2020 01:39:30 GMT

GET
H2 200 merlin_169802907_9c92ec29-dd42-41f6-8888-4ac2553ebe9d-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/politics/29vid-sc-primary-sanders/ 16 KB
17 KB 39ms
39ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/politics/29vid-sc-primary-sanders/merlin_169802907_9c92ec29-dd42-41f6-8888-4ac2553ebe9d-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ec7b15e26c58108e767ca9adeb056d9631a3250957053d767e8e488bc0d9a0ae

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 19683
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=14885 idim=210x140 ifmt=jpeg ofsz=16744 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 6, 1
fastly-stats: io=1
content-length: 16744
x-served-by: cache-bwi5121-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.575864,VS0,VE1
etag: "qNBDyzcERTyg4BlUGjVy3MJTuRnO8Q/1ErAmfxeCY7s"
vary: Accept
x-goog-hash: crc32c=aiOIQg==, md5=fnpPJTPAx2GmNtQJrGbwEw==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Upe1_ZS_D7z9hY5i8LnFKZ1DEC5a_wb1Kn7_t9M2symlZta2w7cGDmHIzPU97PoU-fSkhExAXea-3kPdawTBnKIqzpP4Q
expires: Sun, 01 Mar 2020 01:16:24 GMT

GET
H2 200 merlin_169738482_f97326b6-03b2-4365-b351-a58dc575990f-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/politics/29vid-sc-primary-biden/ 11 KB
12 KB 37ms
37ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/politics/29vid-sc-primary-biden/merlin_169738482_f97326b6-03b2-4365-b351-a58dc575990f-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3fe674c3e0d599c4cf5cc95d99f32847e5ec86397e4082123e9a097f0706e933

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 22914
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=11503 idim=210x140 ifmt=jpeg ofsz=11662 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 11662
x-served-by: cache-bwi5122-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.583404,VS0,VE1
etag: "lNdVtgZoky7KgrEb3tkiu8BY6wl4XPLG8FSXbILf4I4"
vary: Accept
x-goog-hash: crc32c=8Gc2bQ==, md5=soWFivegP6ilUvGAs2Qz/g==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Uo0NnHX03cUmbTcB47Qk-iFlPOI85XYZ-oMkEADApWqgJMzrvn4q_aLWzch02S0lK2SKBAWDTyHw-5ATj0k03wc9mG7fw
expires: Sun, 01 Mar 2020 00:22:33 GMT

GET
H2 200 merlin_169727157_3e158cb1-3a2a-49c2-baee-9d0ed5107047-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/02/29/us/29virus-testing/ 14 KB
15 KB 38ms
37ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/us/29virus-testing/merlin_169727157_3e158cb1-3a2a-49c2-baee-9d0ed5107047-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0686126592ff2163009bfe10b99c800a9dc94615e2fdbfbac0e9288689f7312d

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 25991
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=13597 idim=210x140 ifmt=jpeg ofsz=14390 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 14390
x-served-by: cache-bwi5129-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.589308,VS0,VE1
etag: "ooaHXUlLtk5pmgTYaDbvG/eCdCtfloN+Y6ZwFLv0N7w"
vary: Accept
x-goog-hash: crc32c=50ngdQ==, md5=sBTnsoYE+B3WqSks1GeB1A==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UpAk-CRmHh3vJlvPShOXAi1an-0B9sCJfeH-qkPuLsmv7RltpCAF8-iXvpB_AOpWEV5WWqfI5ByjHqpTIvG_XrorhqTmQ
expires: Sat, 29 Feb 2020 23:31:15 GMT

GET
H2 200 29ihw-afghan3-mediumThreeByTwo210-v2.jpg
static01.nyt.com/images/2020/02/29/multimedia/29ihw-afghan3/ 17 KB
18 KB 38ms
38ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/29/multimedia/29ihw-afghan3/29ihw-afghan3-mediumThreeByTwo210-v2.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 82d60a6e13f6fe68b0e4a59da0d458aef5856b8584ca7af30eaad6ef36c99cab

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 32143
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=14294 idim=210x140 ifmt=jpeg ofsz=17610 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 2
fastly-stats: io=1
content-length: 17610
x-served-by: cache-bwi5120-BWI, cache-hhn4056-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583045068.608806,VS0,VE0
etag: "MBoSFPeDu5t1/7QxWUD+9ZapthWYP+nBaZQ/cn3Lbuc"
vary: Accept
x-goog-hash: crc32c=pLUtAQ==, md5=qcXNROM7U12SxUKALOfDFA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UoEwdMWlgr3gdBTDsgiz3aWEBAC1AHA-aQkGns6dMhYDjdWcdX-FzUl80do_yCaIfoK22J502YEX-68MXpluUPMCet21w
expires: Sat, 29 Feb 2020 21:48:44 GMT

GET
H2 200 vendor-af4ece1529932f717d31.js Show response
www.nytimes.com/vi-assets/static-assets/ 807 KB
252 KB 43ms
41ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb71626a34be4f2c6159597e984a506ad6eeb622e927efc06629be1a0deaf944

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 138852
x-guploader-uploadid: AEnB2UrmWjKJed9ul9J2-z6H-r7lmh3yPyn6908i-NsgX6u0rPlQZhLz9ESsGCxtwVX1D42sd86RIX536dVLbyCMLog-C5Fd-g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:35 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583045067.490373,VS0,VE1
etag: "1fbb72ae7a54576c5818acec60aeede3"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=RNKL0w==, md5=H7tyrnpUV2xYGKzsYK7t4w==
x-goog-generation: 1582904255610610
expires: Sat, 27 Feb 2021 16:10:15 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 826000
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 257046
content-type: application/javascript
x-cache-hits: 490

GET
H2 200 collections-7d3782ed458d47bce88a.js Show response
www.nytimes.com/vi-assets/static-assets/ 435 KB
115 KB 40ms
38ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/collections-7d3782ed458d47bce88a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

244d6f7fb2c90144ed282f16dc6fa7a47ea302bb415a05ff2e9a973b4da68903

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 138837
x-guploader-uploadid: AEnB2UrgbzcIf1kS0YvDeBdK8GnfEoW7I0U9lJey9R6-Yz28yinyknbumSWUjVO5K0XCLufdOlJP35VU4kr8boc56K0ssjrOUQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:50 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 14:59:03 GMT
server: UploadServer
x-timer: S1583045067.490348,VS0,VE0
etag: "275e804dfe1c132c1a0ac823e5d016e3"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=MUC/sA==, md5=J16ATf4cEywaCsgj5dAW4w==
x-goog-generation: 1582901943495155
expires: Sat, 27 Feb 2021 16:10:30 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 445445
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 117100
content-type: application/javascript
x-cache-hits: 3616

GET
H2 200 main-d9338936524886deb17e.js Show response
www.nytimes.com/vi-assets/static-assets/ 463 KB
125 KB 44ms
42ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

945014dcd60469e50bf03305fe4c18e28ef319f6b750b9be7d5894d7f54823fd

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 138852
x-guploader-uploadid: AEnB2UpWR-kAblClamMOhVw8SreLgJqE6C8WdMauoyhYkEvsFxIlYvp1ec1Nrc_DHoiJB7DkjO_RGjwze46iFLSb_cFYZsyz8g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:35 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583045067.490347,VS0,VE1
etag: "dbdba7f953447c6e78b156091699a276"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=T85L2g==, md5=29un+VNEfG54sVYJFpmidg==
x-goog-generation: 1582904255449391
expires: Sat, 27 Feb 2021 16:10:15 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 473600
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 127504
content-type: application/javascript
x-cache-hits: 8343

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
55 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8da4bce296f4043ff4924211a785f59ccdc59b83ae3d8cadd2c29ccf5e95f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56140
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
106ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

OPTIONS
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 0
549 B 123ms
40ms XHR
text/plain 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.65 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 google, 1.1 varnish
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-nyt-meridiem: AM
age: 142
x-cache: HIT
status: 200
samizdat-x-instance: a8e0066
x-samizdat-query-exe-id: a0c9ef572220207b
content-length: 0
x-served-by: cache-fra19168-FRA
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-0.5.65
x-timer: S1583045068.565350,VS0,VE0
x-nyt-continent: EU
access-control-max-age: 300
access-control-allow-methods: GET, POST
x-nyt-region: BNH
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: GB
accept-ranges: bytes
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
x-cache-hits: 1

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 126 KB
38 KB 41ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b88a134c2074fd95d71f1892e200df8c3f2269768b391a02dfe2d1b2a02003d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Feb 2020 22:38:18 GMT
server: sffe
age: 2600
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38230
x-xss-protection: 0
expires: Sun, 01 Mar 2020 06:51:07 GMT

GET
H2

200

adsbygoogle.js Show response
www.nytimes.com/ads/google/
Redirect Chain

https://nytimes.com/ads/google/adsbygoogle.js
https://www.nytimes.com/ads/google/adsbygoogle.js

28 B
808 B

42ms
37ms

Script
text/javascript

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/google/adsbygoogle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 120057
status: 200
x-guploader-uploadid: AEnB2UqSzdoT2XYwRS7aQ5nVbHyiFGq5zidlieOPxqu0Yrq-KV-ykDEp4bK0A6mABGifXPe4S_fWKf8UzPxAhEKtGfq7fnM_sCvBcQVK1nywyJ1Kgbqlc20
x-cache: HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 4381
x-origin-time: 2020-02-21 21:23:29 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 23 Mar 2018 21:06:07 GMT
server: UploadServer
x-timer: S1583045068.607818,VS0,VE1
etag: "45047d08e5481aa5674276ae1810c88d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=A0srKQ==, md5=RQR9COVIGqVnQnauGBDIjQ==
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-route: ads-static-assets
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 48
expires: Fri, 21 Feb 2020 21:23:29 GMT

Redirect headers

date: Sun, 01 Mar 2020 06:44:27 GMT
server: Varnish
x-api-version: F-0
location: https://www.nytimes.com/ads/google/adsbygoogle.js
x-cache: HIT
status: 301
x-nyt-route: ads-static-assets
x-cache-hits: 0
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lon4250-LON

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 139ms
66ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-df60c69ae832943d22c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

02fd353036efc54c262acfd88bb24bee21c097a14dfea55c7c77f858a01b10ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "443 / 821 of 1000 / last-modified: 1582920924"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14502
x-xss-protection: 0
expires: Sun, 01 Mar 2020 06:44:27 GMT

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 120ms
42ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 21730
age: 12321088
status: 200
x-guploader-uploadid: AEnB2Uoh-FZIB60X7pEIJhZnxc1peMNLDms9A4npbEVsbtNF36urKU4_57CnBeNkhfIXzXej1i6ePZC_znn1AD7K3FBJ8y8tjA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 19836
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583045068.605235,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
vary: Origin
x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
x-goog-generation: 1570567625340998
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:12:59 GMT

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 152ms
74ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 21657
age: 11163209
status: 200
x-guploader-uploadid: AEnB2UqUeeFIROyrZRCDrGAW8qF3q8SmjUgl94SxslGB2YpYWastNJFA8vL01JOibp9wKvbixIFsJXiC0JnunCNzELCIbprm9IYd35lGRDC3zpE8IX2U8gU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 20312
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583045068.605423,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
vary: Origin
x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
x-goog-generation: 1570567625401061
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 23 Oct 2020 01:50:59 GMT

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 153ms
75ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 10991
age: 5191364
status: 200
x-guploader-uploadid: AEnB2UoKeaarF7SOO4G6_8y9wT2j4TCBm3czShZNXLf458huxLaKhOtZI4DiPWmCqXOlebv-tJ1zA-_CcHh4KpxWYob58m3JdCpZZMkkO-7-QXlGEk1NtAE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28276
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583045068.605625,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
vary: Origin
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
x-goog-generation: 1570567624458394
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28276
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 31 Dec 2020 04:41:43 GMT

GET
H2 200 imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
28 KB 175ms
97ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 2313
age: 12321046
status: 200
x-guploader-uploadid: AEnB2UrKpJ5QhM7u0Alo4Kxv_tetyz_Q-mnWHnWwaLAXATdzmr7BZTr7LF__dVLBzyj31seUDINw3D7KuXcn2em-RJU1PA_z2A6MzIcx45mEVAWzA534Cfw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28252
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583045068.605634,VS0,VE0
etag: "40c94ccc25e2212b8946a7d732251d86"
vary: Origin
x-goog-hash: crc32c=L+c2+A==, md5=QMlMzCXiISuJRqfXMiUdhg==
x-goog-generation: 1570567625851656
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28252
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:13:40 GMT

GET
H2 200 cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 174ms
97ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 16547
age: 2174151
status: 200
x-guploader-uploadid: AEnB2Uqn7g_8sDpkD5XLCElzGvj_6DmzZbBHZ_UgojElUcTemIZ6Ct1Poo2ztNFIHXibM_yHgknQ4Ksw_Q5HRWMpSCFfxgwB4Q
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28604
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583045068.605654,VS0,VE0
etag: "a22ae3ed1e775ce90ced16f1822f4ddc"
vary: Origin
x-goog-hash: crc32c=zgCcGg==, md5=oirj7R53XOkM7Rbxgi9N3A==
x-goog-generation: 1570567624224052
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28604
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 04 Feb 2021 02:48:36 GMT

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 152ms
75ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 19435
age: 4775473
status: 200
x-guploader-uploadid: AEnB2UrBHhfC8T87BCWZleK-joiGZQSkpv4eQiiLdYsf9quX_aJAHptqdHQsn6fzBATP9RrEUf5l65lQZzFXWFGfDAcUcJldr8pr2fY6VpjmEXT03i3yhZE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 29076
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583045068.605622,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
vary: Origin
x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
x-goog-generation: 1570567624300845
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29076
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 05 Jan 2021 00:13:14 GMT

GET
H2 200 imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
29 KB 152ms
75ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-cache-hits: 19124
age: 11158578
status: 200
x-guploader-uploadid: AEnB2UrRYW0rJewh9VC6wBA7ivsefbynISZ2T7qpKm5Mq8Mvpk2LLrqnA4Q7rKI1GN7KuaR4oSMQz3GBy0xuJqEPmZEe22ijhw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 29016
x-served-by: cache-fra19126-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583045068.605594,VS0,VE0
etag: "2531995fefd3b997f9c4d564ebe89268"
vary: Origin
x-goog-hash: crc32c=1n93EQ==, md5=JTGZX+/TuZf5xNVk6+iSaA==
x-goog-generation: 1570567625845342
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29016
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 23 Oct 2020 03:08:08 GMT

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 97 B
584 B 144ms
143ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.65 /
Resource Hash: 5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647

Request headers

Origin: https://www.nytimes.com
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/section/us
nyt-app-version: 0.0.5
Sec-Fetch-Dest: empty

Response headers

x-samizdat-query-sup-code
date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-nyt-meridiem: AM
age: 0
x-cache: MISS
status: 200
samizdat-x-instance: a8e0066
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 4382d82e824dfe2a
content-length: 98
x-served-by: cache-fra19172-FRA
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: BNH
server: samizdat-graphql-0.5.65
x-timer: S1583045068.620558,VS0,VE105
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: GB
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 payframe
pay.google.com/gp/p/ui/ Frame 5C53 0
0 129ms
71ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S7M8dH1seyndhKpv/HStnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-S7M8dH1seyndhKpv/HStnA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
expires: Sun, 01 Mar 2020 06:44:27 GMT
date: Sun, 01 Mar 2020 06:44:27 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-S7M8dH1seyndhKpv/HStnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-S7M8dH1seyndhKpv/HStnA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=199=BcJJ_n0BTpFsTridJu2mXSV2W14ueLfWyl3_NLOz60ilzWxLDXjc0OkHHGn9U4CUaLqCFqwAyutSwMFQXZF99UqlweGl9rr12ZgdUflprqxmP8afmmsWrK5kaB-eMchVK1LJo5i7RniXgSZQ1kSO9yz07EV76jmOjJMVtjO56Z4; expires=Mon, 31-Aug-2020 06:44:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 01 Mar 2020 06:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 1594
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5809
x-xss-protection: 0
expires: Sun, 01 Mar 2020 07:07:53 GMT

GET
H2 200 serviceiframe
news.google.com/swg/_/ui/v1/ Frame 3D48 0
0 81ms
80ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=439734

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rrKNAaWInEPm0Mqu0qGjbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-rrKNAaWInEPm0Mqu0qGjbg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=439734
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Mar 2020 06:44:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-rrKNAaWInEPm0Mqu0qGjbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-rrKNAaWInEPm0Mqu0qGjbg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=199=JwxUabuCV8HWohLycrg7ArYU4Gr68DTkcdFOybhYbi-Nlsr0_jgLQpYvOhGBNQgt3DAqgmWxYMM2bHF4AlSgWw6HRSfacnNb5yqLM6rZmSpRd_jjEvyIQ3hYfnGsucFIgk2O0AKXNmEtcRSV9hlXFFOvkhMoHXp7rHuVxknHV8E; expires=Mon, 31-Aug-2020 06:44:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 25ms
24ms Other
image/svg+xml 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Sun, 01 Mar 2020 06:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 21:24:31 GMT
server: sffe
age: 2586
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
expires: Sun, 01 Mar 2020 06:51:21 GMT

GET
H2 200 pay
pay.google.com/gp/p/ui/ 0
0 100ms
76ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/gp/p/ui/pay?_=439734
Requested by: Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2

200

m=b2,aist,ist,qst
www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/
Redirect Chain

https://payments.google.com/payments/v4/js/integrator.js?ss=md
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

0
82 KB

6ms
6ms

Other
text/javascript

2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 16:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 16:16:35 GMT
server: sffe
age: 222433
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 83696
x-xss-protection: 0
expires: Fri, 26 Feb 2021 16:57:15 GMT

Redirect headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 301
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 269
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-JjiZTsx+D6JQ4qNX/ZdodA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gr_full_2.0.6.js
clients2.google.com/gr/ 0
9 KB 39ms
6ms Other
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients2.google.com/gr/gr_full_2.0.6.js

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Sun, 01 Mar 2020 05:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
age: 3341
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8665
x-xss-protection: 0
expires: Sun, 01 Mar 2020 06:48:46 GMT

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
829 B 75ms
73ms Fetch
application/json 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nz2n5D2xiVIXeyf8xsNFnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-nz2n5D2xiVIXeyf8xsNFnQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-nz2n5D2xiVIXeyf8xsNFnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-nz2n5D2xiVIXeyf8xsNFnQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vi_article.js Show response
cdn.optimizely.com/public/3013110282/s/ 384 KB
117 KB 21ms
7ms Script
text/javascript 2a02:26f0:f1:18e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/3013110282/s/vi_article.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:18e::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d247b1d1593bd99f20a224e2dfeb16c6838906bd292589770ced6b4c6713d137

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: dvDpXF4Zip3MGQLRUPRBddiE4H_qqgOs
content-encoding: gzip
x-amz-request-id: 06793609A0F05387
status: 200
access-control-max-age: 86400
date: Sun, 01 Mar 2020 06:44:27 GMT
x-amz-replication-status: PENDING
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:f1:18e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 119082
x-amz-id-2: HTsspxLOc8tucM76TjeuhqH1wL0jxGKwrztH3J6yhNmgedLlACvwN1YgTYf8gVmOUPvoaR44Z3w=
last-modified: Thu, 27 Feb 2020 19:40:27 GMT
server: AmazonS3
etag: "6bfb76e02e11aed7f9954e279562892a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 11981
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ip_seg_v2.rep Show response
cigsvc.nytimes.com/r1/jp/ 170 B
501 B 239ms
232ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?&callback=callback
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 01 Mar 2020 06:44:27 GMT
via: 1.1 varnish
x-timer: S1583045068.752996,VS0,VE195
x-served-by: cache-fra19172-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: no-cache, no-cache="set-cookie"
x-cache-hits: 0
accept-ranges: bytes
content-length: 170
expires: 0

GET
H2 200 vendors~audio~capsule~cityguides~collections~home~liveblog~paidpost~slideshow~story~video-a0858e7019e1cacc56e5.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
11 KB 68ms
66ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~cityguides~collections~home~liveblog~paidpost~slideshow~story~video-a0858e7019e1cacc56e5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

366e4c8ace6dc121105fc314b7f16460c4b4104d9332df35dada900f13b73d94

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 138848
x-guploader-uploadid: AEnB2UoFldL5gLZo4G7iPeYM4RsvZUkQ38QtHuJ-8iLvZ22V7WK4KfUPEdxG7mpil_9-bnq6XX_1F4oSD_urF-ad3pwY7Ve1SA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:40 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583045068.803488,VS0,VE1
etag: "15ea2c11caaeb29731c5a05e605e22a4"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=330J8w==, md5=FeosEcquspcxxaBeYF4ipA==
x-goog-generation: 1582904255574957
expires: Sat, 27 Feb 2021 16:10:19 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 50949
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 10820
content-type: application/javascript
x-cache-hits: 7811

GET
H2 200 vendors~collections~search-ea1b23ff3c707b0e23b6.js Show response
www.nytimes.com/vi-assets/static-assets/ 44 KB
10 KB 67ms
66ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~collections~search-ea1b23ff3c707b0e23b6.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7183c7c50e8cff0e4cb7344483d5f69ec786ef306383c7a3a2d2b1ced6a54b7f

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 724859
x-guploader-uploadid: AEnB2Upq7kj9jTI1DJ3RZvsFCqCLSNLE8ZNqULLQr1yrQKWmI0XPwFdwI4tSLhMONR-V1nAgcu8Q4B6403GP6SINOmyq6ErPMdsdBfiDUmK2Dshe1ehPMBc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-21 21:23:28 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 20:53:45 GMT
server: UploadServer
x-timer: S1583045068.803513,VS0,VE1
etag: "293774f25a0a2afac04168ec8195b52d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=YImd6A==, md5=KTd08loKKvrAQWjsgZW1LQ==
x-goog-generation: 1582318425300280
expires: Sat, 20 Feb 2021 21:23:28 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 44694
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 9886
content-type: application/javascript
x-cache-hits: 4082

GET
H2 200 vendors~collections-2504d14f604a7a4963cd.js Show response
www.nytimes.com/vi-assets/static-assets/ 28 KB
9 KB 67ms
65ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~collections-2504d14f604a7a4963cd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2f1854fe522e040274f3f7ff6099b5ad70baf11f08aa79e9481eaa4818a9d2f9

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-api-version: F-X
age: 227957
x-guploader-uploadid: AEnB2UoL4IKFcugZas7B45LFD5z0tSY3qQtUFVmkqeu4PLHeRCAKCHIhLpN5_snlADx8XnDuUizdbqCpDC3XDGrU3tvgJgQx1ci7ja_7Hmol2eiIcEMi10o
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-27 15:25:11 UTC
x-served-by: cache-hhn4056-HHN
accept-ranges: bytes
last-modified: Thu, 27 Feb 2020 12:51:25 GMT
server: UploadServer
x-timer: S1583045068.803668,VS0,VE0
etag: "de39c6ede84c26e052d3946caf97ec2d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=ZiyRuw==, md5=3jnG7ehMJuBS05Rsr5fsLQ==
x-goog-generation: 1582807885776308
expires: Fri, 26 Feb 2021 15:25:11 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 28375
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 8126
content-type: application/javascript
x-cache-hits: 3523

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
106ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 633 B
1 KB 464ms
150ms XHR
application/json 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: b68fa26eb3e7f34d17d1b10f773dcbde60095b452d46bdccd5e0b41046670327

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Sun, 01 Mar 2020 06:44:28 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 633
Content-Type: application/json

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
js.datadome.co/ 128 KB
22 KB 145ms
57ms Script
text/javascript 143.204.101.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: zlth.xyz
URL: http://zlth.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.22 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-22.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

ed8ab4b5ad016ad6b66cd70b80eebb79b8da7c98ad5e385a1ff45b8a9f70a141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 2180
x-cache: Hit from cloudfront
status: 200
date: Sun, 01 Mar 2020 06:08:18 GMT
content-length: 22430
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 09:08:06 GMT
server: Apache
etag: "20144-59f8b0f249752-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 5M2muBvXEAG6t9wNbdaDNcLpzuMswPX8W0Mr4j4Ny_PlM9augfuqGg==
expires: Sun, 01 Mar 2020 07:08:08 GMT

GET
H/1.1 200
OK pixel.gif
et.nytimes.com/ 0
0 418ms
119ms Image
application/json 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.nytimes.com/pixel.gif?subject=ab-expose&test=DFP_als&variant=1_als&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-361-Production&et2_pageview_id=dmXatBOKA4VOt_4W7bsZORBl
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 200
OK pixel.gif
et.nytimes.com/ 0
0 415ms
115ms Image
application/json 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.nytimes.com/pixel.gif?subject=ab-expose&test=dfp_adslot4v2&variant=1_external&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-361-Production&et2_pageview_id=dmXatBOKA4VOt_4W7bsZORBl
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 109 B
778 B 28ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020022401.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 43ms
43ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

6d941ee14efe29bc4859114b4d6c93bd58d9843249a4e9d7603d6f80edb4eadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Feb 2020 14:08:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62028
x-xss-protection: 0
expires: Sun, 01 Mar 2020 06:44:27 GMT

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 513 B
1 KB 238ms
183ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referer=http%3A%2F%2Fzlth.xyz%2F
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.35.241 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 691ffeea94169753626300f1c852b2a3b6e1ef6074c5d5386499198b389ca51d

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 513

GET
H2 200 preferences
purr.nytimes.com/v1/ 0
0 135ms
114ms Fetch
text/html 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/preferences
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
server: Google Frontend
status: 200
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 45096d7db43a1e747e8a74bcac48c344
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Sun, 01 Mar 2020 06:44:28 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1 KB
2 KB 712ms
690ms XHR
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=http%3A%2F%2Fzlth.xyz%2F&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: dfc978bace897bfd1a6708340a584a09542c8d34c715cda6b546f2071db2b02d

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: gzip
status: 200
x-appengine-log-flush-count: 1
content-length: 681
expires: Sun, 01 Mar 2020 06:44:29 GMT
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: e145d5e32ec45d67990aa5cc06c22daa
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
x-jkidd-testing-keys: regi=; ip=[2a01:4f8:192:5414::2]:80; agent=fLa_GquyoogNEMYNPvl_uR; asset=https://www.nytimes.com/section/us;

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3137
date: Sun, 01 Mar 2020 05:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sun, 01 Mar 2020 07:52:11 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 101 B
805 B 100ms
100ms XHR
application/json 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: 686b62038a0cf63a6d778b4c41e2e9914a4156374a55f6ead9e251574c5bd653

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Sun, 01 Mar 2020 06:44:44 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 101
Content-Type: application/json

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 418 B
734 B 109ms
108ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163227780784359&correlator=1074020707827555&output=ldjh&impl=fif&adsid=NT&eid=21064370%2C21064713%2C21065304&vrg=2020022401&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200301&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1318&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583044758234%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dgs_health_misc%252Cgs_health%252Cneg_bofa%252Cneg_fcli%252Cneg_virus%252Cgs_politics%252Cneg_mastercard%252Cneg_ibmtest%252Cgs_politics_misc%252Cneg_google%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cmkt_dfp_ods_2_test%26page_view_id%3DdmXatBOKA4VOt_4W7bsZORBl%26sov%3D3%26aid%3DfLa_GquyoogNEMYNPvl_uR&cookie_enabled=1&bc=31&abxe=1&lmt=1583044758&dt=1583045068643&dlt=1583045067321&idt=1289&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=64&adks=634834303&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fzlth.xyz%2F&dssz=39&icsg=213887984&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0&msz=1585x0&ga_vid=1636311138.1583045069&ga_sid=1583045069&ga_hid=599409511&fws=4&ohw=1585&btvi=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

44af4e3e1e04730359145ad07dfd8c2e0fdfc3db5973be82672e8b3bea255d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020022401.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 43ms
43ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

816709e9295a4116a9f1648dcdca148a141e0ee263887b39f474a923380e4310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Feb 2020 14:08:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24743
x-xss-protection: 0
expires: Sun, 01 Mar 2020 06:44:28 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 18ms
5ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 415 B
399 B 101ms
101ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163227780784359&correlator=1074020707827555&output=ldjh&impl=fif&adsid=NT&eid=21064370%2C21064713%2C21065304&vrg=2020022401&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200301&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1337&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583044758234%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dgs_health_misc%252Cgs_health%252Cneg_bofa%252Cneg_fcli%252Cneg_virus%252Cgs_politics%252Cneg_mastercard%252Cneg_ibmtest%252Cgs_politics_misc%252Cneg_google%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cmkt_dfp_ods_2_test%26page_view_id%3DdmXatBOKA4VOt_4W7bsZORBl%26sov%3D3%26aid%3DfLa_GquyoogNEMYNPvl_uR&cookie_enabled=1&bc=31&abxe=1&lmt=1583044758&dt=1583045068656&dlt=1583045067321&idt=1289&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2873317091&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fzlth.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1636311138.1583045069&ga_sid=1583045069&ga_hid=599409511&fws=132&ohw=1585

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

939c8a572405d1ddca9b17893495781d9a1750b299ffbc7046256835943bccae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
396 B 164ms
163ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163227780784359&correlator=1074020707827555&output=ldjh&impl=fif&adsid=NT&eid=21064370%2C21064713%2C21065304&vrg=2020022401&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200301&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dmid1%26pos%3Dmid1%26request_time%3D1344&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583044758234%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dgs_health_misc%252Cgs_health%252Cneg_bofa%252Cneg_fcli%252Cneg_virus%252Cgs_politics%252Cneg_mastercard%252Cneg_ibmtest%252Cgs_politics_misc%252Cneg_google%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cmkt_dfp_ods_2_test%26page_view_id%3DdmXatBOKA4VOt_4W7bsZORBl%26sov%3D3%26aid%3DfLa_GquyoogNEMYNPvl_uR&cookie_enabled=1&bc=31&abxe=1&lmt=1583044758&dt=1583045068664&dlt=1583045067321&idt=1289&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=1132&adks=2341692046&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fzlth.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x142&msz=1585x0&ga_vid=1636311138.1583045069&ga_sid=1583045069&ga_hid=599409511&fws=4&ohw=1585&btvi=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9c9b01f140faf9bf16b8e2e1351ad3684a5ffd63e6fdeb9bf506f25dd14674b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 218
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
398 B 161ms
161ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163227780784359&correlator=1074020707827555&output=ldjh&impl=fif&adsid=NT&eid=21064370%2C21064713%2C21065304&vrg=2020022401&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200301&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C640x480&prev_scp=div%3Dinterstitial%26pos%3Dinterstitial%26request_time%3D1351&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583044758234%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dgs_health_misc%252Cgs_health%252Cneg_bofa%252Cneg_fcli%252Cneg_virus%252Cgs_politics%252Cneg_mastercard%252Cneg_ibmtest%252Cgs_politics_misc%252Cneg_google%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cmkt_dfp_ods_2_test%26page_view_id%3DdmXatBOKA4VOt_4W7bsZORBl%26sov%3D3%26aid%3DfLa_GquyoogNEMYNPvl_uR&cookie_enabled=1&bc=31&abxe=1&lmt=1583044758&dt=1583045068671&dlt=1583045067321&idt=1289&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1591558105&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fzlth.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1636311138.1583045069&ga_sid=1583045069&ga_hid=599409511&fws=644&ohw=1585

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

abe21b4378739c89453b96d1848aa8a62909d582cd0fe731e9371579f2ee4f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
api-js.datadome.co/js/ 2 B
279 B 143ms
36ms XHR
application/json 18.194.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.77.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-77-222.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 01 Mar 2020 06:44:28 GMT
Server: DataDome
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 2
Expires: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=599409511&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fzlth.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_gid=78559878.1583045069&gjid=1781282453&_v=j81&z=1972422322
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_v=j81&z=1972422322
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_v=j81&z=1972422322&slf_rd=1&random=47467519

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_v=j81&z=1972422322&slf_rd=1&random=47467519

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Mar 2020 06:44:28 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Mar 2020 06:44:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=1636311138.1583045069&jid=771710884&_v=j81&z=1972422322&slf_rd=1&random=47467519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 22 KB
4 KB 303ms
302ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=1&ma=1&counted=false&granted=true&us=anon&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: gzip
age: 0, 0
x-cache: MISS
status: 200
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: https://www.nytimes.com
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_anon_new-journey-rollout","dock":"MAG_web_anon_new-journey-rollout","inlineUnit":"MAG_web_anon_new-journey-rollout","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1583045069.777121,VS0,VE262
vary: x-nyt-cig-edu-b2b, x-nyt-user-status, x-nyt-country, x-nyt-device, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 6596290a114fae67cb6a47282e7c3e11
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-params
accept-ranges: bytes, bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
106ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 313 B
438 B 138ms
138ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163227780784359&correlator=1074020707827555&output=ldjh&impl=fif&adsid=NT&eid=21064370%2C21064713%2C21064502%2C21065304&vrg=2020022401&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200301&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=div%3Dmid2%26pos%3Dmid2%26request_time%3D1464&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583044758234%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dgs_health_misc%252Cgs_health%252Cneg_bofa%252Cneg_fcli%252Cneg_virus%252Cgs_politics%252Cneg_mastercard%252Cneg_ibmtest%252Cgs_politics_misc%252Cneg_google%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cmkt_dfp_ods_2_test%26page_view_id%3DdmXatBOKA4VOt_4W7bsZORBl%26sov%3D3%26aid%3DfLa_GquyoogNEMYNPvl_uR&cookie=ID%3Df5542dfd2326f98c%3AT%3D1583045068%3AS%3DALNI_MbYxZBMAO3-wDQ0sf6OkE1Sr_nH_A&cookie_enabled=1&bc=31&abxe=1&lmt=1583044758&dt=1583045068785&dlt=1583045067321&idt=1289&frm=20&biw=1585&bih=1200&oid=3&adxs=1093&adys=1558&adks=4155779674&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fzlth.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AA2WTGPNxr0CeNnB2GY4q-ltPz59%2CAA2WTGPNxr0CeNnB2GY4q-ltPz59&ga_vid=1636311138.1583045069&ga_sid=1583045069&ga_hid=599409511&fws=4&ohw=1585&btvi=1

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

85de12795b7b82e20e9736a2f309356eaa4400d0fbf49175fb9527f60e89150e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
407 B 328ms
99ms XHR
text/plain 34.225.200.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.200.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-200-104.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sun, 01 Mar 2020 06:44:29 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.nytimes.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 313 B
207 B 110ms
110ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163227780784359&correlator=1074020707827555&output=ldjh&impl=fif&adsid=NT&eid=21064370%2C21064713%2C21064502%2C21065304&vrg=2020022401&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200301&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=div%3Dmktg%26pos%3Dmktg%26request_time%3D1629&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583044758234%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dgs_health_misc%252Cgs_health%252Cneg_bofa%252Cneg_fcli%252Cneg_virus%252Cgs_politics%252Cneg_mastercard%252Cneg_ibmtest%252Cgs_politics_misc%252Cneg_google%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cmkt_dfp_ods_2_test%26page_view_id%3DdmXatBOKA4VOt_4W7bsZORBl%26sov%3D3%26aid%3DfLa_GquyoogNEMYNPvl_uR&cookie=ID%3Dcce4e90ea4b0b81c%3AT%3D1583045068%3AS%3DALNI_MZVKfzFrB_UzQ8x9KtigUWJNjf_Bg&cookie_enabled=1&bc=31&abxe=1&lmt=1583044758&dt=1583045068949&dlt=1583045067321&idt=1289&frm=20&biw=1585&bih=1200&oid=3&adxs=1093&adys=1366&adks=195518668&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fzlth.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AA2WTGPNxr0CeNnB2GY4q-ltPz59%2CAA2WTGPNxr0CeNnB2GY4q-ltPz59%2CAA2WTGPNxr0CeNnB2GY4q-ltPz59%2CAA2WTGPNxr0CeNnB2GY4q-ltPz59&ga_vid=1636311138.1583045069&ga_sid=1583045069&ga_hid=599409511&fws=4&ohw=1585&btvi=2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

53196c09351079cf0394d7398e29cb8148bc5aa461e46dc439466035464601ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 82 B
785 B 106ms
106ms XHR
application/json 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: a7bd6e34627c579df5e230d6ed0a8c25407dea31880a706f92a3408e189b31cd

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain; charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Sun, 01 Mar 2020 06:44:30 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 82
Content-Type: application/json

GET
H2

200

activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;...
5290727.fls.doubleclick.net/ Frame 83BD
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_u...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=...

0
0

52ms
52ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;u8=;u10=http%3A%2F%2Fzlth.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;u8=;u10=http%3A%2F%2Fzlth.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm1vjkbhigq-J-H2p1_7kOcu9xd9qN9GJYG3pRhsuIMSekrPUGdqBLBkrow
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 01 Mar 2020 06:44:29 GMT
expires: Sun, 01 Mar 2020 06:44:29 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 438
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 01 Mar 2020 06:44:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLHzjrjW-OcCFRXjuwgdJSQLqQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8771076348020;gtm=2wg2j0;auiddc=10884629.1583045069;u4=;u5=undefined;u6=undefined;u7=fLa_GquyoogNEMYNPvl_uR;u8=;u10=http%3A%2F%2Fzlth.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 23ms
7ms Script
application/x-javascript 2600:9000:2156:800:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:800:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:01:53 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 2556
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Rq7ZCKpzgkG2ty17DPpEppurnFIh4tGO581bqXKVpGAu5d9VNT5uyw==
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
expires: Sun, 01 Mar 2020 08:01:52 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
665 B 39ms
38ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: gzip
x-cache-hits: 635
age: 46453
status: 200
x-guploader-uploadid: AEnB2UrWczyLDI_vJM37EJX0Zw2WIuF6Hr8eElC74wwZwqm8GUv8jTOBaZmNR4Ust_UplO1hErkTiRblFul2Kwck_NAlIapalwYFYQiE3rARnBNs5FRdR30
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 65
x-served-by: cache-fra19172-FRA
access-control-allow-origin: *
last-modified: Thu, 28 Mar 2019 13:58:23 GMT
server: UploadServer
x-timer: S1583045069.146602,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
x-goog-generation: 1553781503379173
via: 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 13 Jun 2019 17:44:55 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
112ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 40ms
16ms Script
application/javascript 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745cd78d254d001a46755c9620bcc45783131a4bf0362d44e05078fc3297f082

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 20:06:39 GMT
server: cloudflare
age: 386
etag: W/"dfd3824ef58640d4a0c2c803c301ba08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 56d0e8e23b4b177a-FRA
x-amz-request-id: DB18EB0FB37FE6E8
x-amz-id-2: 3/eO8hOFD8zug/mMGF60tJvaP5P9u11o45pjnQFM5vP772aWCZkvyDZRP0DyVOmlawRkjsthFxU=

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=599409511&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fzlth.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aAjAAEAB~&jid=&gjid=&cid=1636311138.1583045069&tid=UA-58630905-2&_gid=78559878.1583045069&gtm=2wg2j0P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd4=U.S.&cd9=9&cd10=zlth.xyz&cd13=zlth.xyz&cd14=national_desk&cd15=earned&cd16=referring_links&cd17=100000004047817&cd21=collection&cd23=U.S.&cd26=2015&cd27=2015-12-09-13&cd28=Wednesday&cd29=13&cd30=1583003859000&cd34=NEWS&cd36=us&cd37=0&cd42=nyt-vi&cd48=December&cd49=blurb_under_100&cd51=nyt-vi&cd52=collection&cd54=national_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=fLa_GquyoogNEMYNPvl_uR&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=fLa_GquyoogNEMYNPvl_uR&cd172=desktop&cd173=desktop&z=1814264167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 01:19:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2179500
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
168 B 314ms
98ms Image
image/gif 52.0.121.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fsection%2Fus&u=DAVb4ZDy0BgdDUwk4G&d=nytimes.com&g=16698&g0=us%2Cnational_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3856&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=http%3A%2F%2Fzlth.xyz%2F&b=1842&t=DuYHQYXPJZqK4xw2BwSF_hL2JQT&V=118&i=U.S.%20News%20-%20The%20New%20York%20Times&tz=-60&_acct=anon&sn=1&sv=DWas0aCR8o8kVPJp4Er6DVCD7n0r&sr=http%3A%2F%2Fzlth.xyz%2F&sd=1&im=06679ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.121.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-121-144.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Sun, 01 Mar 2020 06:44:29 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
241 B 100ms
100ms XHR
text/plain 34.225.200.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.200.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-200-104.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Sun, 01 Mar 2020 06:44:29 GMT
Content-Type: text/plain

GET
H2 200 sdk-prod-c0c249c1f855a09dbee9.js Show response
platform.iteratehq.com/ 810 KB
221 KB 15ms
14ms Script
application/javascript 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-c0c249c1f855a09dbee9.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92a9cd8f714ce5b96883a3eca69b09325119d23a99c08e81f805aaf3ec624b8

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 20:06:34 GMT
server: cloudflare
age: 729190
etag: W/"1e86462adaefd00f70649e16a72a77b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 56d0e8e25b78177a-FRA
x-amz-request-id: F849A6CBF53B15E1
x-amz-id-2: h+acTo3anuEfutK4ejtMzYEGTCSOQCYTB04P30IxydI2NNJS7BjWHP2szlkveZ3xbbkOVULyQQ4=

GET
H2 200 style-678f598e9656ea26a2bab173e40f76a6.css
platform.iteratehq.com/ 135 KB
11 KB 12ms
12ms Stylesheet
text/css 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-678f598e9656ea26a2bab173e40f76a6.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddf90f1b1347fc3b25ec438499c75811b4992e51e3b9d24a4b2bf725e8af19e

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Feb 2020 22:23:37 GMT
server: cloudflare
age: 1066520
etag: W/"678f598e9656ea26a2bab173e40f76a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-ray: 56d0e8e25b7a177a-FRA
x-amz-request-id: 120B4AC0B93E6DB7
x-amz-id-2: jzgVDokRtUlJwK+ShdiO2OKVzYLEtalbCR/V+mp0NiY04Oos9sXbVQ2YWl9fVydB2V34toZh9OM=

GET
H2 200 uek0ylt.css
use.typekit.net/ 2 KB
833 B 107ms
36ms Stylesheet
text/css 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uek0ylt.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-33-211.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cb59ff8622df48faf8b8c06bddee7e40309c16a9c0f5ab19a796505fecf3c263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Sun, 01 Mar 2020 06:44:29 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 633

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 106ms
106ms Script
application/javascript 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fzlth.xyz%2F&clientTimeStamp=1583045069103&totalTime=2&evtUUID=65009d8d-1caa-47b8-ae07-3b0fde0ca1bb&gtm=GTM-P528B3-361-Production&page_view_id=dmXatBOKA4VOt_4W7bsZORBl&performance=%7B%22first-paint%22%3A565%2C%22first-contentful-paint%22%3A565%2C%22domInteractive%22%3A577%2C%22domContentLoaded%22%3A799%2C%22requestStart%22%3A291%2C%22responseStart%22%3A330%2C%22pageLoadTime%22%3A1846%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22meter%22%2C%22context%22%3A%22dd5d041%22%2C%22label%22%3A%220%22%2C%22region%22%3A%22false%22%7D%2C%22priority%22%3Atrue%2C%22subject%22%3A%22impression%22%2C%22gtm%22%3A%22GTM-P528B3-361-Production%22%2C%22sourceApp%22%3A%22nyt-vi%22%7D%5D&et2_pageview_id=dmXatBOKA4VOt_4W7bsZORBl&sourceApp=nyt-vi&callback=window.EventTracker.cb1&datumId=944c370f01160e8c
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: 08b8fe507c0318652169574a48cac6e51453dc52de6c81dde2cccb4125da2045

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 01 Mar 2020 06:44:16 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 108ms
108ms Script
application/javascript 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fzlth.xyz%2F&clientTimeStamp=1583045069103&totalTime=2&evtUUID=65009d8d-1caa-47b8-ae07-3b0fde0ca1bb&gtm=GTM-P528B3-361-Production&page_view_id=dmXatBOKA4VOt_4W7bsZORBl&performance=%7B%22first-paint%22%3A565%2C%22first-contentful-paint%22%3A565%2C%22domInteractive%22%3A577%2C%22domContentLoaded%22%3A799%2C%22requestStart%22%3A291%2C%22responseStart%22%3A330%2C%22pageLoadTime%22%3A1846%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%2C%22subject%22%3A%22impression%22%2C%22gtm%22%3A%22GTM-P528B3-361-Production%22%2C%22sourceApp%22%3A%22nyt-vi%22%7D%5D&et2_pageview_id=dmXatBOKA4VOt_4W7bsZORBl&sourceApp=nyt-vi&callback=window.EventTracker.cb2&datumId=944c370f01160e8c
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: 8fefbedfaa6d02ae5df277459187a3eeccb67b61723de0154e178fc43e90ce32

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 01 Mar 2020 06:44:33 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 111ms
110ms Script
application/javascript 34.233.218.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fzlth.xyz%2F&clientTimeStamp=1583045069103&totalTime=2&evtUUID=65009d8d-1caa-47b8-ae07-3b0fde0ca1bb&gtm=GTM-P528B3-361-Production&page_view_id=dmXatBOKA4VOt_4W7bsZORBl&performance=%7B%22first-paint%22%3A565%2C%22first-contentful-paint%22%3A565%2C%22domInteractive%22%3A577%2C%22domContentLoaded%22%3A799%2C%22requestStart%22%3A291%2C%22responseStart%22%3A330%2C%22pageLoadTime%22%3A1846%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%2C%22subject%22%3A%22impression%22%2C%22gtm%22%3A%22GTM-P528B3-361-Production%22%2C%22sourceApp%22%3A%22nyt-vi%22%7D%5D&et2_pageview_id=dmXatBOKA4VOt_4W7bsZORBl&sourceApp=nyt-vi&callback=window.EventTracker.cb3&datumId=944c370f01160e8c
Requested by: Host: zlth.xyz
URL: http://zlth.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.218.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-218-104.compute-1.amazonaws.com
Software: /
Resource Hash: aa3fb76df134b973cb6b6e4ea5b228842b6e66b803d627fdc0b13cdf4df89751

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 01 Mar 2020 06:44:20 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

OPTIONS
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 0
574 B 195ms
170ms Fetch 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
status: 200
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 56d0e8e349bbc2a9-FRA
access-control-allow-headers: Authorization, Content-Type
content-length: 0

GET
H/1.1 200
OK p.css
p.typekit.net/ 5 B
334 B 6ms
6ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uek0ylt&ht=tk&f=26969.26972&a=37539318&app=typekit&e=css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 01 Mar 2020 06:44:29 GMT
Last-Modified: Mon, 04 Feb 2019 20:56:28 GMT
Server: nginx
ETag: "5c58a6fc-5"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5
Expires: Fri, 03 May 2019 09:19:02 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 259 B
426 B 170ms
170ms Fetch
application/json 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f4dc3e60dbee424d595381261d4e40c6db5427eeca0d55997f31f0bab09ef4b

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 01 Mar 2020 06:44:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 56d0e8e45b7cc2a9-FRA

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news.google.com/	1970-01-19 08:27:17	Name: OTZ Value: 5345684_52_52_123900_48_436380
.pay.google.com/	1970-01-19 07:44:05	Name: _gat_UA1168580691 Value: 1
.pay.google.com/	1970-01-19 07:45:31	Name: _gid Value: GA1.3.1459008929.1583045068
.pay.google.com/	1970-01-20 01:15:17	Name: _ga Value: GA1.3.50602310.1583045068
.nytimes.com/	1970-01-19 07:45:31	Name: walley_gid Value: GA1.2.78559878.1583045069
.nytimes.com/	1970-01-20 01:15:17	Name: walley Value: GA1.2.1636311138.1583045069
.nytimes.com/	1970-01-19 07:45:31	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-19 16:29:41	Name: nyt-purr Value: cfhhpnh
.nytimes.com/	1970-01-19 07:45:31	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-21 03:33:31	Name: nyt-m Value: C64B89D39773E8E3906B3A5B008C1E85&t=i.1&g=i.0&ira=i.0&rc=i.0&vr=l.4.0.0.0.0&iir=i.0&er=i.1583045068&vp=i.0&igu=i.1&prt=i.0&iga=i.0&ird=i.0&e=i.1585699200&ft=i.0&ifv=i.0&imv=i.0&n=i.2&pr=l.4.0.0.0.0&ier=i.0&iru=i.0&cav=i.0&imu=i.1&igf=i.0&fv=i.0&iue=i.0&igd=i.0&s=s.core&v=i.0&ica=i.0&iub=i.0&uuid=s.621d7ec9-1207-4ccb-95a8-5a3d42d7e78a
.nytimes.com/	1970-01-19 07:44:26	Name: nyt-gdpr Value: 1
pay.google.com/	1970-01-19 08:27:17	Name: OTZ Value: 5345684_52_52_123900_48_436380
.nytimes.com/	1970-01-19 17:13:35	Name: purr-cache Value: <K0<r<C_<G_
.nytimes.com/	1970-01-20 01:15:17	Name: __gads Value: ID=8d58743858579de6:T=1583045068:S=ALNI_Mat84LOjV_q1NItHvwDgZxIlCKI5A
.google.com/	1970-01-19 12:07:36	Name: NID Value: 199=WfHUBT4Wj4wSeS7ZNjr1zzQ6jhzTBjoqY_WU-s-2mm_DmpSkBTejw_pwOEIocrri7dmlO-1DsACMTt89NlgvXjAJuED7sa0v9PlZwDxEIaqNxz_ZOcgJYXokGUDWI3pail_tFKdn0m8ko-zfsX7S6ORy4FWBwv2xfqGI3TJRfEY
.nytimes.com/	1970-01-19 07:44:05	Name: _gat_UA-58630905-2 Value: 1
.google.com/	1969-12-31 23:59:59	Name: S Value: billing-ui-v3=lwFF_JWaBma52XH8oeRhkNR01HDYaTAM:billing-ui-v3-efe=lwFF_JWaBma52XH8oeRhkNR01HDYaTAM
.nytimes.com/	1970-01-19 16:29:41	Name: nyt-a Value: fLa_GquyoogNEMYNPvl_uR

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 29) Message: Subscriptions Runtime: 0.1.22.94
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js(Line 1) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Invalid GPT size specification: []
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'defineSizeMapping' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js(Line 6) Message: Invalid GPT size specification: []
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js(Line 1) Message: Service Worker: content is cached

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.co.uk
adservice.google.com
api-js.datadome.co
cdn.optimizely.com
cigsvc.nytimes.com
clients2.google.com
errors.client.optimizely.com
et.nytimes.com
g1.nyt.com
iteratehq.com
js.datadome.co
meter-svc.nytimes.com
mwcm.nytimes.com
news.google.com
nytimes.com
p.typekit.net
pay.google.com
payments.google.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
zlth.xyz
143.204.101.22
151.101.113.164
151.101.13.164
151.101.193.164
167.99.26.105
18.194.77.222
216.58.206.2
216.58.208.38
23.37.33.211
2600:9000:2156:800:18:1fcd:349:ca21
2606:4700:3032::6812:216c
2606:4700:3036::6812:206c
2a00:1450:4001:809::2002
2a00:1450:4001:814::2013
2a00:1450:4001:815::2003
2a00:1450:4001:818::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a00:1450:4001:825::2004
2a00:1450:400c:c00::5c
2a00:1450:400c:c00::9d
2a00:1450:400c:c0a::5c
2a02:26f0:6c00:28d::19fd
2a02:26f0:f1:18e::13b8
34.225.200.104
34.233.218.104
35.241.35.241
52.0.121.144
026e2bff82da9f182e40c97ac9d5b4f0b3a9cbb027fea857c30175d62209bb86
02fd353036efc54c262acfd88bb24bee21c097a14dfea55c7c77f858a01b10ee
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0686126592ff2163009bfe10b99c800a9dc94615e2fdbfbac0e9288689f7312d
08b8fe507c0318652169574a48cac6e51453dc52de6c81dde2cccb4125da2045
0be57c2174cbdb4650aeb4857520f69a421f6b5282b0816a9ee7f9d043ede1fe
155052362cfc5f74fc84affe999b432d494074559473e0698270d9f5a87d3a52
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
244d6f7fb2c90144ed282f16dc6fa7a47ea302bb415a05ff2e9a973b4da68903
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd
280dbf2e73a64c89631e0e3bcded0ac5b07270e166e9d25698849ded2e3dfa4b
2bbbfb7f78873863f31213290ee423e643cc9b141b5ae3a881e608e79a4ec41a
2f1854fe522e040274f3f7ff6099b5ad70baf11f08aa79e9481eaa4818a9d2f9
33f5577f85b711d60e9e17c43bc1cbec52618293306f736e092e4d44c67a0181
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
366e4c8ace6dc121105fc314b7f16460c4b4104d9332df35dada900f13b73d94
3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2
3ddf90f1b1347fc3b25ec438499c75811b4992e51e3b9d24a4b2bf725e8af19e
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
3fe674c3e0d599c4cf5cc95d99f32847e5ec86397e4082123e9a097f0706e933
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44af4e3e1e04730359145ad07dfd8c2e0fdfc3db5973be82672e8b3bea255d5f
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
497bba68b045aa7b22756bcc05b31435dc841534f2b7f56582d210fa3bd715cd
4e0f32d4e30e0a6e969beef61ec0faff6051e64ddf950c08fb85b495811da9c2
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
53196c09351079cf0394d7398e29cb8148bc5aa461e46dc439466035464601ba
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
576a672720a6cb33d2f41cd47be8d134eb99ddafbeb2b2d2103067c50cac1750
5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647
61a7468d9c3fea786610c320aa118fe7a6cac1627c71cfd8fcaf17cac94d4fc0
632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e
675654854a14af3aa644717269456469e2964f2076f79197a462b4453509c01a
686b62038a0cf63a6d778b4c41e2e9914a4156374a55f6ead9e251574c5bd653
691ffeea94169753626300f1c852b2a3b6e1ef6074c5d5386499198b389ca51d
6b447402078e50e134f19153aa3cdd24b4b27224ee8b7c37a0622e3a8a7a9448
6d941ee14efe29bc4859114b4d6c93bd58d9843249a4e9d7603d6f80edb4eadf
6d9f1c86122a1a020f144f77d5e84e0f5c191021348c8eed5610d51d38c413d6
6ea392e67e347ccb12084ab19c6361c7ff0d6030ffd0a340e54de2365b4b3032
7183c7c50e8cff0e4cb7344483d5f69ec786ef306383c7a3a2d2b1ced6a54b7f
745cd78d254d001a46755c9620bcc45783131a4bf0362d44e05078fc3297f082
746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122
76d0384a8ac4dd7125055deb1de3a090b076829712e35fbaa87e7f00f4dac9fa
816709e9295a4116a9f1648dcdca148a141e0ee263887b39f474a923380e4310
82d60a6e13f6fe68b0e4a59da0d458aef5856b8584ca7af30eaad6ef36c99cab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85de12795b7b82e20e9736a2f309356eaa4400d0fbf49175fb9527f60e89150e
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8caaa5804579ecaf2bda61945bfe4e5795fe46a1098970367c5f8d4e83759b37
8e357ddbc0eddfcc062510b13f7ccf8fe11feae7e9b61818c9187115c11c708b
8fefbedfaa6d02ae5df277459187a3eeccb67b61723de0154e178fc43e90ce32
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
93040244b31bb1e355b9217dd3a680d4c97aebbbf0e9ba7c5204496e574c2f4a
939c8a572405d1ddca9b17893495781d9a1750b299ffbc7046256835943bccae
945014dcd60469e50bf03305fe4c18e28ef319f6b750b9be7d5894d7f54823fd
9c9b01f140faf9bf16b8e2e1351ad3684a5ffd63e6fdeb9bf506f25dd14674b5
9f4dc3e60dbee424d595381261d4e40c6db5427eeca0d55997f31f0bab09ef4b
a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be
a7bd6e34627c579df5e230d6ed0a8c25407dea31880a706f92a3408e189b31cd
aa3fb76df134b973cb6b6e4ea5b228842b6e66b803d627fdc0b13cdf4df89751
abe21b4378739c89453b96d1848aa8a62909d582cd0fe731e9371579f2ee4f0f
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd
b68fa26eb3e7f34d17d1b10f773dcbde60095b452d46bdccd5e0b41046670327
b88a134c2074fd95d71f1892e200df8c3f2269768b391a02dfe2d1b2a02003d9
b92a9cd8f714ce5b96883a3eca69b09325119d23a99c08e81f805aaf3ec624b8
c8e624ac69de1962a0ef5b0878b0da8e583885a5e9f8db2af396a2f09050e34b
cb59ff8622df48faf8b8c06bddee7e40309c16a9c0f5ab19a796505fecf3c263
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d247b1d1593bd99f20a224e2dfeb16c6838906bd292589770ced6b4c6713d137
dc1bef527d74b76efafddf47f2334a7fc1613bb27c51a3a1a01d5b76c85cdcf1
dfc978bace897bfd1a6708340a584a09542c8d34c715cda6b546f2071db2b02d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8da4bce296f4043ff4924211a785f59ccdc59b83ae3d8cadd2c29ccf5e95f73
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7b15e26c58108e767ca9adeb056d9631a3250957053d767e8e488bc0d9a0ae
ed8ab4b5ad016ad6b66cd70b80eebb79b8da7c98ad5e385a1ff45b8a9f70a141
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb71626a34be4f2c6159597e984a506ad6eeb622e927efc06629be1a0deaf944
fd5d68c2ad95c95fb7d7fec7b83cb486f928d224383d04e2c9940df5e5e368f4
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

97 %HTTPS

59 %IPv6

17 Domains

39 Subdomains

28 IPs

5 Countries

3791 kBTransfer

7454 kBSize

18 Cookies

21 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

97 %
HTTPS

59 %
IPv6

17
Domains

39
Subdomains

28
IPs

5
Countries

3791 kB
Transfer

7454 kB
Size

18
Cookies

110 HTTP transactions
0 data transactions