urlscan.io logo urlscan.io
SecurityTrails logo

www.nytimes.com Open in urlscan Pro
151.101.65.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://movies.nytimes.com/movie/205753/Catherine-Cookson-s-The-Man-Who-Cried/details
Effective URL: https://www.nytimes.com/reviews/movies
Submission: On December 12 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 8 countries across 60 domains to perform 255 HTTP transactions. The main IP is 151.101.65.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3174.
TLS certificate: Issued by Thawte RSA CA 2018 on March 22nd 2023. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 68 151.101.65.164 54113 (FASTLY)
1 18.67.94.139 16509 (AMAZON-02)
2 142.250.66.232 15169 (GOOGLE)
6 50.112.118.45 16509 (AMAZON-02)
3 18.67.93.58 16509 (AMAZON-02)
3 13.35.151.131 16509 (AMAZON-02)
7 142.250.76.98 15169 (GOOGLE)
1 13.35.147.31 16509 (AMAZON-02)
1 54.184.86.91 16509 (AMAZON-02)
1 44.226.14.255 16509 (AMAZON-02)
2 13.35.147.128 16509 (AMAZON-02)
1 2 18.67.111.113 16509 (AMAZON-02)
2 18.67.114.43 16509 (AMAZON-02)
3 172.217.167.65 15169 (GOOGLE)
3 69.173.158.65 26667 (RUBICONPR...)
1 67.199.150.87 62713 (AS-PUBMATIC)
3 11 172.64.151.101 13335 (CLOUDFLAR...)
4 8 103.43.90.21 29990 (ASN-APPNEX)
1 35.186.253.211 15169 (GOOGLE)
2 13.251.189.145 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
3 172.253.118.84 15169 (GOOGLE)
2 4 142.251.221.70 15169 (GOOGLE)
1 13.35.150.126 16509 (AMAZON-02)
2 172.67.72.66 13335 (CLOUDFLAR...)
10 10 15.197.193.217 16509 (AMAZON-02)
14 18 142.251.221.66 15169 (GOOGLE)
13 19 69.173.158.64 26667 (RUBICONPR...)
8 8 18.143.106.89 16509 (AMAZON-02)
2 23.206.242.194 20940 (AKAMAI-ASN1)
2 15 52.46.143.56 16509 (AMAZON-02)
1 3.208.135.151 14618 (AMAZON-AES)
1 20.50.2.28 8075 (MICROSOFT...)
3 142.250.66.194 15169 (GOOGLE)
4 142.251.221.65 15169 (GOOGLE)
2 172.217.167.98 15169 (GOOGLE)
5 13.35.147.64 16509 (AMAZON-02)
4 23 35.71.178.8 16509 (AMAZON-02)
1 1 52.64.207.62 16509 (AMAZON-02)
1 18.244.214.85 16509 (AMAZON-02)
1 13.35.147.100 16509 (AMAZON-02)
1 5 23.52.225.82 16625 (AKAMAI-AS)
2 23.198.59.89 16625 (AKAMAI-AS)
2 23.52.255.186 16625 (AKAMAI-AS)
1 6 34.98.64.218 396982 (GOOGLE-CL...)
1 35.155.216.52 16509 (AMAZON-02)
14 184.24.241.42 16625 (AKAMAI-AS)
2 207.65.33.83 62713 (AS-PUBMATIC)
3 7 35.213.12.39 15169 (GOOGLE)
1 1 211.120.53.202 4694 (IDCF IDC ...)
2 2 13.224.181.56 16509 (AMAZON-02)
2 2 18.235.212.218 14618 (AMAZON-AES)
2 2 18.238.192.29 16509 (AMAZON-02)
1 1 198.8.71.131 54312 (ROCKETFUEL)
3 5 35.244.154.8 15169 (GOOGLE)
1 4 207.65.33.82 62713 (AS-PUBMATIC)
1 18.141.34.226 16509 (AMAZON-02)
1 1 35.214.224.182 15169 (GOOGLE)
1 1 54.159.180.193 14618 (AMAZON-AES)
1 1 45.137.176.88 60350 (VP)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 13.250.159.222 16509 (AMAZON-02)
1 2 119.9.108.211 45187 (RACKSPACE...)
3 67.199.150.86 62713 (AS-PUBMATIC)
1 1 35.236.220.17 396982 (GOOGLE-CL...)
2 3 54.254.21.143 16509 (AMAZON-02)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 115.178.9.18 17457 (YAHOO-AP ...)
2 13.107.42.14 8068 (MICROSOFT...)
1 52.95.115.255 16509 (AMAZON-02)
2 2 54.250.211.206 16509 (AMAZON-02)
1 1 52.72.221.118 14618 (AMAZON-AES)
1 2 69.175.41.15 32475 (SINGLEHOP...)
1 1 18.161.180.118 16509 (AMAZON-02)
1 2 13.35.147.80 16509 (AMAZON-02)
1 52.77.135.86 16509 (AMAZON-02)
2 2 35.213.93.179 15169 (GOOGLE)
1 2 182.161.73.146 55569 (CRITEO-AS...)
2 207.65.33.76 62713 (AS-PUBMATIC)
2 2 89.207.22.105 ()
2 2 18.136.5.195 ()
1 1 35.186.193.173 15169 (GOOGLE)
1 2 185.84.60.20 ()
1 1 192.96.203.13 ()
1 2 151.101.130.49 54113 (FASTLY)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 ()
255 65
68    151.101.65.164 (United States)

ASN54113 (FASTLY, US)
movies.nytimes.com
www.nytimes.com
g1.nyt.com
static01.nyt.com
samizdat-graphql.nytimes.com
mwcm.nytimes.com
a1.nyt.com
nytimes.com
mwcm.nyt.com
1    18.67.94.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-94-139.syd62.r.cloudfront.net
www.datadoghq-browser-agent.com
2    142.250.66.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net
www.googletagmanager.com
6    50.112.118.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-118-45.us-west-2.compute.amazonaws.com
a.et.nytimes.com
als-svc.nytimes.com
3    18.67.93.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-58.syd62.r.cloudfront.net
rumcdn.geoedge.be
3    13.35.151.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-151-131.syd1.r.cloudfront.net
c.amazon-adsystem.com
7    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.35.147.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-31.syd1.r.cloudfront.net
config.aps.amazon-adsystem.com
1    54.184.86.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-86-91.us-west-2.compute.amazonaws.com
purr.nytimes.com
1    44.226.14.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-14-255.us-west-2.compute.amazonaws.com
a.nytimes.com
2    13.35.147.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-128.syd1.r.cloudfront.net
dd.nytimes.com
2    18.67.111.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-113.syd62.r.cloudfront.net
sb.scorecardresearch.com
2    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
3    172.217.167.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f1.1e100.net
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
3    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    67.199.150.87 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
11    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    103.43.90.21 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    13.251.189.145 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-189-145.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
3    172.253.118.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f84.1e100.net
accounts.google.com
4    142.251.221.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f6.1e100.net
5290727.fls.doubleclick.net
ad.doubleclick.net
1    13.35.150.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-150-126.syd1.r.cloudfront.net
static.chartbeat.com
2    172.67.72.66 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
10    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
18    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
cm.g.doubleclick.net
19    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.206.242.194 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-242-194.deploy.static.akamaitechnologies.com
hb.yahoo.net
15    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    3.208.135.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-135-151.compute-1.amazonaws.com
pnytimes.chartbeat.net
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
3    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
adservice.google.com
pagead2.googlesyndication.com
4    142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
tpc.googlesyndication.com
2    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
www.googletagservices.com
5    13.35.147.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-64.syd1.r.cloudfront.net
ib.3lift.com
23    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    52.64.207.62 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-207-62.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.244.214.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-85.sfo53.r.cloudfront.net
static.adsafeprotected.com
1    13.35.147.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-100.syd1.r.cloudfront.net
img.3lift.com
5    23.52.225.82 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-225-82.deploy.static.akamaitechnologies.com
cs.media.net
contextual.media.net
2    23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.52.255.186 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-255-186.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
jp-u.openx.net
us-u.openx.net
nytimes-d.openx.net
1    35.155.216.52 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-216-52.us-west-2.compute.amazonaws.com
nrb.ybp.yahoo.com
14    184.24.241.42 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-241-42.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    207.65.33.83 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    211.120.53.202 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.224.181.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-56.syd1.r.cloudfront.net
cr-p3.ladsp.com
2    18.235.212.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-212-218.compute-1.amazonaws.com
i.liadm.com
2    18.238.192.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-192-29.sfo53.r.cloudfront.net
live.rezync.com
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    207.65.33.82 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    18.141.34.226 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-34-226.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    35.214.224.182 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 182.224.214.35.bc.googleusercontent.com
csync.loopme.me
1    54.159.180.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-180-193.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    13.250.159.222 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-159-222.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.211 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    67.199.150.86 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
3    54.254.21.143 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-21-143.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    115.178.9.18 (Sydney, Australia)

ASN17457 (YAHOO-AP Internet Content Provider, AU)
PTR: e1-ha.ycpi.aue.yahoo.com
s.yimg.com
beap-bc.yahoo.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.250.211.206 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-211-206.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    52.72.221.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-221-118.compute-1.amazonaws.com
sync.ipredictive.com
2    69.175.41.15 (Park Ridge, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
1    18.161.180.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-180-118.kul50.r.cloudfront.net
live.primis.tech
2    13.35.147.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-80.syd1.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    52.77.135.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    207.65.33.76 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    89.207.22.105 (None, )

ASN- ()
medianet-match.dotomi.com
2    18.136.5.195 (None, )

ASN- ()
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    185.84.60.20 (None, )

ASN- ()
c1.adform.net
1    192.96.203.13 (None, )

ASN- ()
sync.aralego.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
Apex Domain
Subdomains		 Transfer
48 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 9094
static01.nyt.com — Cisco Umbrella Rank: 7033
a1.nyt.com — Cisco Umbrella Rank: 7505
mwcm.nyt.com — Cisco Umbrella Rank: 23850
712 KB
31 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
ib.3lift.com — Cisco Umbrella Rank: 1707
eb2.3lift.com — Cisco Umbrella Rank: 372
img.3lift.com — Cisco Umbrella Rank: 3291
136 KB
30 nytimes.com
movies.nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 3174
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 6345
a.et.nytimes.com — Cisco Umbrella Rank: 5692
als-svc.nytimes.com — Cisco Umbrella Rank: 7335
purr.nytimes.com — Cisco Umbrella Rank: 7184
a.nytimes.com — Cisco Umbrella Rank: 6439
dd.nytimes.com — Cisco Umbrella Rank: 8656
mwcm.nytimes.com — Cisco Umbrella Rank: 12697
nytimes.com — Cisco Umbrella Rank: 2769
1 MB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 8695
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
199 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
40 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
82 KB
14 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com Failed
px.moatads.com — Cisco Umbrella Rank: 594
227 KB
14 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image8.pubmatic.com — Cisco Umbrella Rank: 661 Failed
image4.pubmatic.com — Cisco Umbrella Rank: 1224
32 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
nrb.ybp.yahoo.com — Cisco Umbrella Rank: 4088
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
beap-bc.yahoo.com — Cisco Umbrella Rank: 1562
7 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
7 KB
10 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 557
match.adsrvr.org — Cisco Umbrella Rank: 331
5 KB
9 googlesyndication.com
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
32 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
7 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
3 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 672
jp-u.openx.net — Cisco Umbrella Rank: 15595
us-u.openx.net — Cisco Umbrella Rank: 491
nytimes-d.openx.net — Cisco Umbrella Rank: 14205
2 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
cs.media.net — Cisco Umbrella Rank: 1381
contextual.media.net — Cisco Umbrella Rank: 665
4 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
944 B
4 google.com
accounts.google.com — Cisco Umbrella Rank: 23
adservice.google.com — Cisco Umbrella Rank: 93
81 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2872
collector.brandmetrics.com — Cisco Umbrella Rank: 3177
20 KB
3 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3375
175 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
879 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
767 B
2 adform.net
c1.adform.net
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 dotomi.com
medianet-match.dotomi.com
751 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
947 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2269
967 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
575 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
static.adsafeprotected.com — Cisco Umbrella Rank: 602
703 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
676 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
183 KB
1 linksynergy.com
tags.rd.linksynergy.com
405 B
1 aralego.com
sync.aralego.com
473 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
444 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
280 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
556 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
493 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 630
14 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
656 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
680 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
290 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1380
181 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
1 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
854 B
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 7123
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
24 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1445
48 KB
0 mathtag.com Failed
sync.mathtag.com Failed
255 60
Domain Requested by
30 static01.nyt.com www.nytimes.com
23 eb2.3lift.com 4 redirects 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
ib.3lift.com
eb2.3lift.com
18 cm.g.doubleclick.net 14 redirects u.openx.net
s.amazon-adsystem.com
eb2.3lift.com
15 s.amazon-adsystem.com 2 redirects rumcdn.geoedge.be
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
13 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
12 px.moatads.com 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
12 g1.nyt.com www.nytimes.com
g1.nyt.com
11 www.nytimes.com www.nytimes.com
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
9 match.adsrvr.org 9 redirects
8 ups.analytics.yahoo.com 8 redirects
8 ib.adnxs.com 4 redirects www.datadoghq-browser-agent.com
s.amazon-adsystem.com
eb2.3lift.com
www.nytimes.com
7 x.bidswitch.net 3 redirects u.openx.net
eb2.3lift.com
www.nytimes.com
ads.pubmatic.com
7 securepubads.g.doubleclick.net www.nytimes.com
rumcdn.geoedge.be
www.datadoghq-browser-agent.com
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
www.googletagservices.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
www.nytimes.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 samizdat-graphql.nytimes.com www.nytimes.com
www.datadoghq-browser-agent.com
5 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 ib.3lift.com rumcdn.geoedge.be
ib.3lift.com
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
5 a.et.nytimes.com www.nytimes.com
4 simage2.pubmatic.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 mwcm.nyt.com www.nytimes.com
4 cs.media.net 1 redirects www.nytimes.com
4 tpc.googlesyndication.com 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
rumcdn.geoedge.be
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 accounts.google.com rumcdn.geoedge.be
www.datadoghq-browser-agent.com
3 fastlane.rubiconproject.com www.datadoghq-browser-agent.com
3 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
3 c.amazon-adsystem.com www.nytimes.com
www.datadoghq-browser-agent.com
3 rumcdn.geoedge.be www.nytimes.com
rumcdn.geoedge.be
2 pippio.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 dis.criteo.com 1 redirects eb2.3lift.com
2 a.sportradarserving.com 2 redirects
2 pagead2.googlesyndication.com www.googletagservices.com
2 ce.lijit.com 1 redirects s.amazon-adsystem.com
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com s.amazon-adsystem.com
eb2.3lift.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 image6.pubmatic.com ads.pubmatic.com
2 z.moatads.com ib.3lift.com
s.yimg.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 ad.doubleclick.net 1 redirects 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
2 www.googletagservices.com 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
rumcdn.geoedge.be
2 hb.yahoo.net www.nytimes.com
s.amazon-adsystem.com
2 cdn.brandmetrics.com www.googletagmanager.com
rumcdn.geoedge.be
2 a1.nyt.com www.nytimes.com
www.googletagmanager.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 tlx.3lift.com www.datadoghq-browser-agent.com
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
2 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
2 sb.scorecardresearch.com 1 redirects www.nytimes.com
2 dd.nytimes.com www.nytimes.com
www.datadoghq-browser-agent.com
2 www.googletagmanager.com www.nytimes.com
www.googletagmanager.com
1 image4.pubmatic.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 sync.aralego.com 1 redirects
1 nytimes-d.openx.net www.nytimes.com
1 contextual.media.net www.nytimes.com
1 cm.ctnsnet.com 1 redirects
1 dsum.casalemedia.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 beap-bc.yahoo.com s.yimg.com
1 match.sharethrough.com s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 sync.ipredictive.com 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 s.yimg.com nrb.ybp.yahoo.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 csync.loopme.me 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 us-u.openx.net u.openx.net
1 tg.socdm.com 1 redirects
1 nrb.ybp.yahoo.com ib.3lift.com
1 img.3lift.com 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
1 static.adsafeprotected.com 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
1 pixel.adsafeprotected.com 1 redirects
1 nytimes.com 1 redirects
1 adservice.google.com 5290727.fls.doubleclick.net
1 collector.brandmetrics.com cdn.brandmetrics.com
1 pnytimes.chartbeat.net www.nytimes.com
1 insight.adsrvr.org 1 redirects
1 static.chartbeat.com www.nytimes.com
1 mwcm.nytimes.com www.datadoghq-browser-agent.com
1 prebid.media.net www.datadoghq-browser-agent.com
1 rtb.openx.net www.datadoghq-browser-agent.com
1 htlb.casalemedia.com www.datadoghq-browser-agent.com
1 hbopenbid.pubmatic.com www.datadoghq-browser-agent.com
1 a.nytimes.com www.datadoghq-browser-agent.com
1 purr.nytimes.com www.datadoghq-browser-agent.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 als-svc.nytimes.com www.nytimes.com
1 www.datadoghq-browser-agent.com www.nytimes.com
1 movies.nytimes.com 1 redirects
0 image8.pubmatic.com Failed www.nytimes.com
ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 mb.moatads.com Failed z.moatads.com
255 114

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.imdb.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
Subject Issuer Validity Valid
nytimes.com
Thawte RSA CA 2018		 2023-03-22 -
2024-04-21		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.et.nytimes.com
R3		 2023-11-12 -
2024-02-10		 3 months crt.sh
als-svc.nytimes.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
purr.nytimes.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
a.nytimes.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-08 -
2024-04-06		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 25 frames:

Primary Page: https://www.nytimes.com/reviews/movies
Frame ID: FEF5209E5697EEA67174E36270EFBA02
Requests: 106 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 476E752C21716429F65D9D65876040F0
Requests: 1 HTTP requests in this frame

Frame: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46F1FEEF7124073EBA55B8F3F94C08C6
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Frame ID: 0676D9E7A9DE304EADA0530F7CC8DDD3
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: 434229ACBECA252F916BBB17AA07B44B
Requests: 1 HTTP requests in this frame

Frame: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24AA2A97EC17C0623A26915E22FDEBF8
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 570E374DB1060DC5585E187D74A459CC
Requests: 2 HTTP requests in this frame

Frame: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A13A43ADF41E64388C42BB950AF3BD9
Requests: 49 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Frame ID: 94EA4E93948A8B7C2E9A07CD9AFFBF55
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: A1BFB805258DC7E793D193B84F84A048
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 567276BF35ECA40138BC211AE2DEF0CA
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 8A02AA5AC4DF996EFFE42B55CCA679FE
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mTko3UE14RTJ1S0dQeGoyMlljemtFdk9Ib3BMZEZERX5B
Frame ID: F36308D91B431879407E153F3D7F29AB
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 31F57C0C843D7F80E57661BA7FC5C1F4
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4621841246197247284&ex=appnexus.com
Frame ID: FEF9657494D5E538EFB5B27C881CFBAB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2065822686924262870328
Frame ID: 0ACE71FBEE96AAA47E6CCE637FEE48F0
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 8085D49B4E45977ECAA64CACACCB1962
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0211BF34-854D-473A-B570-C603ECEFBD3A
Frame ID: B16B8B0CDD52CF60EE9AA84F18AA8177
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=89366
Frame ID: DB9126D71983C3F17FFF5753A74F7334
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
Frame ID: 021B1B1A0903F927ADCE24AB1A09E8FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4621841246197247284&gdpr=0&gdpr_consent=
Frame ID: 818805CF6AA4792FAC1CC30BDB561CCC
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=445&user_id=293f4c80-f4eb-372d-981e-e4b18bcbe28d&ssp=pubmatic&bsw_param=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e
Frame ID: 49182CA5821F0E09CBF97060C3BEFDD3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 36AFA9DE61937B432D4057F21E256FCE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXf2nAAGURBlYgBH
Frame ID: 71EDE04D2AE9752C89B47294B3377198
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0211BF34-854D-473A-B570-C603ECEFBD3A
Frame ID: 04A6025F91AD0C20FE00978F5AFF7B90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie Reviews - The New York Times

Page URL History Show full URLs

  1. http://movies.nytimes.com/movie/205753/Catherine-Cookson-s-The-Man-Who-Cried/details HTTP 301
    https://www.nytimes.com/reviews/movies Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

255
Requests

76 %
HTTPS

0 %
IPv6

60
Domains

114
Subdomains

65
IPs

8
Countries

3217 kB
Transfer

8182 kB
Size

126
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://movies.nytimes.com/movie/205753/Catherine-Cookson-s-The-Man-Who-Cried/details HTTP 301
    https://www.nytimes.com/reviews/movies Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1702360727286&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1702360727286&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
Request Chain 88
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Request Chain 93
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1967738130 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDk1NDU4ZmMtMjNiNS00NzU1LTliZjEtMjQ3OGNmMGRkODc4&gdpr=0&gdpr_consent=&ttd_tdid=d95458fc-23b5-4755-9bf1-2478cf0dd878 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=ZDk1NDU4ZmMtMjNiNS00NzU1LTliZjEtMjQ3OGNmMGRkODc4&gdpr=0&gdpr_consent=&ttd_tdid=d95458fc-23b5-4755-9bf1-2478cf0dd878&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d95458fc-23b5-4755-9bf1-2478cf0dd878&google_gid=CAESEHEuLgzYW4Pf7mtPslzD-iI&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d95458fc-23b5-4755-9bf1-2478cf0dd878&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d95458fc-23b5-4755-9bf1-2478cf0dd878&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&gdpr=0&ovsid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dpid=55953
Request Chain 94
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 110
  • https://nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250 HTTP 301
  • https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Request Chain 122
  • https://pixel.adsafeprotected.com/rfw/st/959004/67498950/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=nytimes.com&ias_dspID=30&ias_campId=337120&ias_pubId=88&ias_chanId=88&ias_placementId=2365566&bidurl=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&adsafe_par&ias_impId=v4~~941951552847659170 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=nytimes.com
Request Chain 123
  • https://ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/B27263222.353840941;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/B27263222.353840941;dc_pre=CMC_oPSbiYMDFTiIZgIdHtII0g;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 128
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453623282889884000V10
Request Chain 129
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 132
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mTko3UE14RTJ1S0dQeGoyMlljemtFdk9Ib3BMZEZERX5B
Request Chain 133
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 134
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4621841246197247284&ex=appnexus.com
Request Chain 135
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2065822686924262870328
Request Chain 157
  • https://match.adsrvr.org/track/cmf/openx?oxid=546a601c-e83c-3c74-592b-b6241c4e0915&gdpr=0 HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Request Chain 158
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXf2mcCo5tEAAK8f3rgAAAAA
Request Chain 159
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdusAB6s97wHks8AEDxkC2UbfM8AAAGMXJtHZA
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgRySulTuxfDKJCLC1J9CI&google_cver=1
Request Chain 162
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXf2mbIq.Ryb7qwf6ETiXgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH2mtXZxbbpNPZE-Y-wS32s&google_cver=1&google_hm=2
Request Chain 163
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXf2mbIq.Ryb7qwf6ETiXgAA%264806&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXf2mbIq.Ryb7qwf6ETiXgAA%264806&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b2689b6c096c4c3ba6743e11a03f8742 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b2689b6c-096c-4c3b-a674-3e11a03f8742 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=adb90d67-8c1c-4746-8672-704ee3aafbd7%3A1702360730.7087266&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dadb90d67-8c1c-4746-8672-704ee3aafbd7%253A1702360730.7087266%26_%3D1702360730.7115643&cb=1702360730.7115977 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1920574149783918962&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dadb90d67-8c1c-4746-8672-704ee3aafbd7%253A1702360730.7087266%26_%3D1702360730.7115643 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=adb90d67-8c1c-4746-8672-704ee3aafbd7%3A1702360730.7087266&_=1702360730.7115643 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdhZGI5MGQ2Ny04YzFjLTQ3NDYtODY3Mi03MDRlZTNhYWZiZDc6MTcwMjM2MDczMC43MDg3MjY2EAAaDQib7d-rBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFG7NKx3-jr4ivSY3v0ZZOY&google_cver=1
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXf2mbIq-Ryb7qwf6ETiXgAAEsYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIC3ghd3VcaibAX3sat4iCI&google_cver=1
Request Chain 165
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
Request Chain 167
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=856b31f0-627f-497c-b0ed-614972aa7e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 168
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Request Chain 169
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AhG_NIVNRzq1cMYD7O-9Og%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 182
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0211BF34-854D-473A-B570-C603ECEFBD3A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0211BF34-854D-473A-B570-C603ECEFBD3A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c414eda0-b2cb-4622-8751-9936dff4dfed%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&ttd_puid=c414eda0-b2cb-4622-8751-9936dff4dfed%2C%2C
Request Chain 183
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=&ct=y
Request Chain 184
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0211BF34-854D-473A-B570-C603ECEFBD3A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0211BF34-854D-473A-B570-C603ECEFBD3A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDIxMUJGMzQtODU0RC00NzNBLUI1NzAtQzYwM0VDRUZCRDNB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDTRgexiWA4c0jw9Piu-1fA&google_cver=1
Request Chain 187
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8751AAD5AAF048AE8AB9A99B16C330E6
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
Request Chain 190
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQ1XMH1S-1A-87YV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
Request Chain 192
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA3NWYyOGM1OThkNTZiN2I4YWQ4NTJhYTNjY2E2ZTkyM2U4NmM3Ng
Request Chain 193
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1XMH1S-1A-87YV
Request Chain 194
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7s3pQclwq2bzQFfXhHvzdsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.R9kTExE2oLH6kkiYHuz5cl1BZJX4zsHz7GBYg--~A
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELx9xOUyCrEC76UQNE7Q2To&google_cver=1
Request Chain 196
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=irYoXveVQuWMiamsVyonGA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=irYoXveVQuWMiamsVyonGA
Request Chain 197
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFExWE1IMVMtMUEtODdZVg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENxfqDziuGSvHonHDqYZXOA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWE1IMVMtMUEtODdZVg==&google_push=
Request Chain 199
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=&expires=30
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
Request Chain 201
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADtPU7K7-0AABUeVaZMdQ&expires=30
Request Chain 202
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a910bb3c-c9d1-44e0-95c8-f577eaaafa84&expires=30
Request Chain 203
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ1XMH1S-1A-87YV HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ1XMH1S-1A-87YV&dnr=1
Request Chain 204
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ1XMH1S-1A-87YV HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ1XMH1S-1A-87YV HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ1XMH1S-1A-87YV&ckls=true&ci=uyGxgwW4BW&nc=false&trid=1556472975
Request Chain 205
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1XMH1S-1A-87YV
Request Chain 206
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ1XMH1S-1A-87YV&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ1XMH1S-1A-87YV&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&ovsid=LQ1XMH1S-1A-87YV&dpid=58160
Request Chain 207
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1XMH1S-1A-87YV
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 220
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA2NTgyMjY4NjkyNDI2Mjg3MDMyOA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIzcUhCGIX_PdpEl72gsY-g&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 222
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA2NTgyMjY4NjkyNDI2Mjg3MDMyOA%3D%3D
Request Chain 224
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2065822686924262870328?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CpV_tqFE2oQ_W4.0jshH4_1cyoOVDJMl9M5eh87Jjg--~A&dongle=0883
Request Chain 225
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2065822686924262870328&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2065822686924262870328&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f01260ca-0c87-4c9c-87b8-375c53954888&ssp=triplelift
Request Chain 227
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4621841246197247284&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 238
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=67bfc53562832277&is_secure=true&version=1&networkId=57734&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT%7D&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL7ZVhMNybrAMlYVJRAAAAAAA&expiration=1702447133&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
Request Chain 241
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=a9vkEUFO1RcVNa5
Request Chain 242
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=db6d197bd9b745da87a6226a59e613e4&expiration=1704952732
Request Chain 243
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0ed60a01-6fbf-4d08-92c0-e6a643948a02&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Request Chain 244
  • https://image8.pubmatic.com/AdServer/ImgSync?p=163427 HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7464933464805045332&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 246
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2065822686924262870328
Request Chain 247
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
Request Chain 248
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4621841246197247284&gdpr=0&gdpr_consent=
Request Chain 249
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=293f4c80-f4eb-372d-981e-e4b18bcbe28d&ssp=pubmatic&bsw_param=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e
Request Chain 250
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ReibJxXrlXRe7sohQe6BIBbpzXVe6pkiQu4wKmZq HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 251
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXf2nAAGURBlYgBH
Request Chain 253
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0211BF34-854D-473A-B570-C603ECEFBD3A HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8dbbc6e7557a14694c01984d68f4c17ed5d8d66277cd00549f57060f1eaea9e2791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4ZGJiYzZlNzU1N2ExNDY5NGMwMTk4NGQ2OGY0YzE3ZWQ1ZDhkNjYyNzdjZDAwNTQ5ZjU3MDYwZjFlYWVhOWUyNzkxNDI2YjU0MTdkY2UyMRAAGgwInO3fqwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4ZGJiYzZlNzU1N2ExNDY5NGMwMTk4NGQ2OGY0YzE3ZWQ1ZDhkNjYyNzdjZDAwNTQ5ZjU3MDYwZjFlYWVhOWUyNzkxNDI2YjU0MTdkY2UyMRAAGgwInO3fqwYSBAgCEABCAEoA&google_gid=CAESEG6Q96ZVQ-mrQwbUMB2U2HY&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=aa2051c5-d0f2-4fc0-9c59-d2b6706d6f49
Request Chain 254
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3574104861733647444&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 255
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0211BF34-854D-473A-B570-C603ECEFBD3A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TXrZzzNE2uXnS8qd3UofTj6PK3k6I9o-~A&gdpr=0

255 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request movies
www.nytimes.com/reviews/
Redirect Chain
  • http://movies.nytimes.com/movie/205753/Catherine-Cookson-s-The-Man-Who-Cried/details
  • https://www.nytimes.com/reviews/movies
309 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cc49cebbf0c66e7c0d5a31aaa6a616f592e224b659dae7dad8edf51aa5118bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2039
cache-control
s-maxage=600,no-cache
content-encoding
gzip
content-length
71218
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 05:58:46 GMT
last-modified
Tue, 12 Dec 2023 05:24:47 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/reviews/movies
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
966a2c1b1c764ea8aeaefbe288b8fd3f
x-cache
HIT, HIT
x-cache-hits
21, 1
x-content-type-options
nosniff
x-frame-options
DENY
x-gdpr
0
x-nyt-app-webview
0
x-nyt-data-last-modified
Tue, 12 Dec 2023 05:24:47 GMT
x-nyt-edge-cache
HIT-HIT
x-nyt-route
vi-collection
x-origin-time
2023-12-12 05:28:57 UTC
x-pagetype
vi-reviews
x-served-by
cache-lga21963-LGA, cache-bne12527-BNE
x-timer
S1702360727.651260,VS0,VE2
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Connection
keep-alive
Date
Tue, 12 Dec 2023 05:58:46 GMT
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-bne12526-BNE
X-Timer
S1702360726.793899,VS0,VE814
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=iso-8859-1
location
https://www.nytimes.com/reviews/movies
server
envoy
transfer-encoding
chunked
x-API-Version
F-GL
x-envoy-decorator-operation
legacy-www.web-platforms-legacy-www.nyti.nyt.net:443/*
x-envoy-upstream-service-time
70
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 14:27:01 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
28222305
x-guploader-uploadid
ADPycdsU6_tjJiYfs2JHbga4nfjIQD3xIZGm3U8bCqupBZnlxkl2yg0vbxOeZDy-f_f2dcanes4yrr_45-TfR00aGnX9-Q
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-bne12527-BNE
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1702360727.678116,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
Accept-Encoding
x-goog-generation
1673991774978541
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
68863
global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
5234926
x-guploader-uploadid
ADPycdte66B6XupAL6ZCcTMUYrRsfu-3Ya1qDNGvkoOqDKH1vAM0hZWvGOoUS1JB2dFfM0oL3fFooyON7SMq8_qkLqLuvzy0TwHe
x-goog-stored-content-encoding
identity
x-origin-time
2022-10-12 15:50:37 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.672503,VS0,VE1
etag
"e74f8b7c668251280cf3e52e20455a1c"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1665527733750150
content-type
text/css; charset=utf-8
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
74370
expires
Thu, 12 Oct 2023 15:50:05 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1968
last-modified
Wed, 12 Oct 2022 15:40:50 GMT
server
UploadServer
x-goog-hash
crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr
0
x-goog-stored-content-length
5656
accept-ranges
bytes
datadog-rum.js
www.datadoghq-browser-agent.com/us1/v4/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.94.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-94-139.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:57:54 GMT
content-encoding
br
via
1.1 a63f63c0130cd2db055700cdbe2c6c88.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:24:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
55
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
mLhNGc5DMj7JdM0oBK2KZjNHvbHRz7vxt3sHN6e7rD5iYesLMbKGsQ==
adslot-9682e4930b73f574c86b.js
www.nytimes.com/vi-assets/static-assets/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-9682e4930b73f574c86b.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c4bbc583aaed302599700b32c627128eaf272499efdc8458f816b4cb7911e1c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
55529
x-guploader-uploadid
ABPtcPqpQZf15S2XehBcWIsj6_1z1wIe-_EItTGOfG1l37gZdxWbwQoBJAj8b_EFC0LWVTJLog
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-11 14:33:17 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.725562,VS0,VE1
etag
"4dd52b4691bae33f209b9b83dfb3552a"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702305139844123
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9682e4930b73f574c86b.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
3132
expires
Tue, 10 Dec 2024 14:33:17 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7974
last-modified
Mon, 11 Dec 2023 14:32:19 GMT
server
UploadServer
x-goog-hash
crc32c=Td43VQ==, md5=TdUrRpG64z8gm5uD37NVKg==
x-gdpr
0
x-goog-stored-content-length
23084
accept-ranges
bytes
07POOR-THINGS-REVIEW-mhqv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07POOR-THINGS-REVIEW-mhqv/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07POOR-THINGS-REVIEW-mhqv/07POOR-THINGS-REVIEW-mhqv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
704e29a496dffcd529bf0518158c396756abf458723af40bb54273c931c8de65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 14:28:39 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
315007
x-guploader-uploadid
ABPtcPp4cshvHTcHGJTFVEWB09EoIFpv-e8Q69zVO57ubx0qCUvkswT9HJFN65N75KDNVqU8aEQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15492
x-served-by
cache-iad-kiad7000108-IAD, cache-bne12527-BNE
last-modified
Fri, 08 Dec 2023 14:26:27 GMT
server
UploadServer
x-timer
S1702360727.700963,VS0,VE1
etag
"e0b2f1568d88b5d0cf9c724c92b007e3"
x-goog-generation
1702045587939828
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=ChXH2w==, md5=4LLxVo2ItdDPnHJMkrAH4w==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15492
x-amz-checksum-crc32c
ChXH2w==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4, 1
07intotheweeds-review-pghm-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/07/multimedia/07intotheweeds-review-pghm/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/07/multimedia/07intotheweeds-review-pghm/07intotheweeds-review-pghm-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6df254c03f837c5b9b44276033af04266c7efc991abd6af3c2cdd4becb653dfa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410022
x-guploader-uploadid
ABPtcPrAsDbN78puXjF2bHHWm3QACF5ohTF838d2dN759AEAAyZ6dxes3Gf4r82LoUKxz-ggZB8
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
10230
x-served-by
cache-iad-kjyo7100136-IAD, cache-bne12527-BNE
last-modified
Thu, 07 Dec 2023 12:00:07 GMT
server
UploadServer
x-timer
S1702360727.700951,VS0,VE0
etag
"caadf83d49da72f15ec59c7683715c9d"
x-goog-generation
1701950407521421
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=y08Jrw==, md5=yq34PUnacvFexZx2g3FcnQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10230
x-amz-checksum-crc32c
y08Jrw==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
42, 56
07ourson-review-qpcv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07ourson-review-qpcv/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07ourson-review-qpcv/07ourson-review-qpcv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1cf44638fc3bdd07abd9b6f74f2d77ef8f93ab6d40c7aec55a95b9764b30ab14
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 04:54:44 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
349442
x-guploader-uploadid
ABPtcPrzC1evXqBQZfsYABU5xTdKCkQWmlAumHcmjPYD9KLqaReUEkl8u3NCBoSluqmjtnkFQuLJ8g5ZcA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16284
x-served-by
cache-iad-kiad7000034-IAD, cache-bne12527-BNE
last-modified
Fri, 08 Dec 2023 04:54:13 GMT
server
UploadServer
x-timer
S1702360727.723880,VS0,VE0
etag
"5d354adb3c83558805dd7653a28ccfc4"
x-goog-generation
1702011253057779
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=t5cCHg==, md5=XTVK2zyDVYgF3XZToozPxA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
16284
x-amz-checksum-crc32c
t5cCHg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
32, 51
waitress1-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/04/arts/waitress1/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/04/arts/waitress1/waitress1-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6d7b5bbbb9dd319bafc96404c80302a96b5e9025e8fe580d3ef00d7a872e5d27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410021
x-guploader-uploadid
ABPtcPqum5YeycHHGQV2uthKemTgdfINFjfs0jGZxfoxPUdCxw7cNNtvU_Rcl3XZaSphzSKOT0k
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9943
x-served-by
cache-iad-kcgs7200172-IAD, cache-bne12527-BNE
last-modified
Mon, 04 Dec 2023 21:10:32 GMT
server
UploadServer
x-timer
S1702360727.725791,VS0,VE0
etag
"940f6560e2f6b31e5a06c0b80f02bd27"
x-goog-generation
1701724231971397
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=I0bvdQ==, md5=lA9lYOL2sx5aBsC4DwK9Jw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9943
x-amz-checksum-crc32c
I0bvdQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
41, 183
concrete1-wpfl-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/04/multimedia/concrete1-wpfl/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/04/multimedia/concrete1-wpfl/concrete1-wpfl-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
87bcf4d71e214d38de6aad272a5f585178805e687ed91aca58533530fe0c678c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410021
x-guploader-uploadid
ABPtcPplitSpvjLCpfUV_nqanVnzUXRNt04CaVQrq8VsDxUIGq6uEaleZirN0jak-vcHQc0xYGc
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
10835
x-served-by
cache-iad-kcgs7200027-IAD, cache-bne12527-BNE
last-modified
Mon, 04 Dec 2023 22:11:50 GMT
server
UploadServer
x-timer
S1702360727.725183,VS0,VE0
etag
"ef69c7f2fbdee696ed9518fd92259e8b"
x-goog-generation
1701727910479241
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Bdjcog==, md5=72nH8vve5pbtlRj9kiWeiw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10835
x-amz-checksum-crc32c
Bdjcog==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
41, 182
totaltrust1-zfvp-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/06/multimedia/totaltrust1-zfvp/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/06/multimedia/totaltrust1-zfvp/totaltrust1-zfvp-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c1b82e758fd230ef611be3a397612d94ded6b2643d22199733db9a1d05d3a361
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410021
x-guploader-uploadid
ABPtcPrrTYZWQmoha9Svv8737NsfNlctJPlDypuNbZ-EQ-rwEMMcSPHxe4zfEWGZM3woiXxWxzQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9941
x-served-by
cache-iad-kiad7000082-IAD, cache-bne12527-BNE
last-modified
Wed, 06 Dec 2023 19:14:26 GMT
server
UploadServer
x-timer
S1702360727.724773,VS0,VE0
etag
"e2f9adfd75e04a8159f37c9d2c6bf422"
x-goog-generation
1701890066723627
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=V3IOvg==, md5=4vmt/XXgSoFZ83ydLGv0Ig==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9941
x-amz-checksum-crc32c
V3IOvg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
41, 181
anselm1-mpqh-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/04/multimedia/anselm1-mpqh/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/04/multimedia/anselm1-mpqh/anselm1-mpqh-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
038b0e2fa00e5a0229b1703e199a5a635621d629dea5c116e65cccaf1d28f192
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 10:12:22 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
416784
x-guploader-uploadid
ABPtcPrmErxIsUvyJpCuMhz8K8fx1irsEf_HyZAkz3ufZwxzXkQnGhimr4UbMkc4D4uULXHwA_g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
10211
x-served-by
cache-iad-kjyo7100161-IAD, cache-bne12527-BNE
last-modified
Thu, 07 Dec 2023 10:01:30 GMT
server
UploadServer
x-timer
S1702360727.724800,VS0,VE1
etag
"b3c30ece87aa6f19b09b8ef10e2f1765"
x-goog-generation
1701943290936490
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Qp1NUg==, md5=s8MOzoeqbxmwm47xDi8XZQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10211
x-amz-checksum-crc32c
Qp1NUg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 1
07origin-review-fbmj-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07origin-review-fbmj/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07origin-review-fbmj/07origin-review-fbmj-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a17f20bbfa5057cf3aeb81d0c9ee465f8d612a38293fdf6e4a4f97fe3a2bef12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 04:41:38 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
350228
x-guploader-uploadid
ABPtcPonzC1C04lMZGc_GcMB_2B35C_VKXdzGOrXyNaLG-BbDnu5Hjvek3NiIRjlYepijyVok9U
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15057
x-served-by
cache-iad-kcgs7200140-IAD, cache-bne12527-BNE
last-modified
Fri, 08 Dec 2023 04:40:06 GMT
server
UploadServer
x-timer
S1702360727.724744,VS0,VE1
etag
"74c6fa2c013c417b5f3f30fecdea83d9"
x-goog-generation
1702010406171668
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=VGf/bg==, md5=dMb6LAE8QXtfPzD+zeqD2Q==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15057
x-amz-checksum-crc32c
VGf/bg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
39, 1
07leavetheworldbehind-2-vpwk-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/07/multimedia/07leavetheworldbehind-2-vpwk/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/07/multimedia/07leavetheworldbehind-2-vpwk/07leavetheworldbehind-2-vpwk-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a2ff29e2cc3d9c833beb07f7d14d2051a1b16bcce6294d9dc5cafd74be4f8b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 10:12:22 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
416784
x-guploader-uploadid
ABPtcPoNUTQ0i45ylXgf4kuHTwdS097XFa_jk8uqpcYeA0yNyu0YJm2AcxO_J8tF8QrSm-ci6dFeGd916g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15427
x-served-by
cache-iad-kiad7000119-IAD, cache-bne12527-BNE
last-modified
Wed, 06 Dec 2023 17:02:52 GMT
server
UploadServer
x-timer
S1702360727.744722,VS0,VE1
etag
"05f73d47f4147617ddf58a889bc9e967"
x-goog-generation
1701882172307736
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=cBmGDA==, md5=Bfc9R/QUdhfd9YqIm8npZw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15427
x-amz-checksum-crc32c
cBmGDA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 1
07ARCHIES-REVIEW-PIX-lzfc-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07ARCHIES-REVIEW-PIX-lzfc/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07ARCHIES-REVIEW-PIX-lzfc/07ARCHIES-REVIEW-PIX-lzfc-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dee2c2bf669b3d2a92787b7c72f77d03f842499ddde93fdd471466c27ede1eb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 16:44:40 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
393246
x-guploader-uploadid
ABPtcPqCbqbEerkBS5iK8GtMz4LFmPjQFOFbWZNNcmQ39Ymyi-2bxAEGyVCgYpRRJIHksVOPHDTVR7MMsA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12902
x-served-by
cache-iad-kjyo7100077-IAD, cache-bne12527-BNE
last-modified
Thu, 07 Dec 2023 16:44:00 GMT
server
UploadServer
x-timer
S1702360727.745012,VS0,VE0
etag
"e5ec162aaa99ea122d75a31b13e6f43b"
x-goog-generation
1701967439971188
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=p/RdEA==, md5=5ewWKqqZ6hItdaMbE+b0Ow==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12902
x-amz-checksum-crc32c
p/RdEA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
47, 175
05werner-herzog-review-hmqv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/05/multimedia/05werner-herzog-review-hmqv/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/05/multimedia/05werner-herzog-review-hmqv/05werner-herzog-review-hmqv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bf2a2e1214400d052638e4990e3ff758d9f60e08b8d411a3ffb44346679a637d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 12:08:32 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
582614
x-guploader-uploadid
ABPtcPrY9_31G-49m75qL9Ayr4q6nnJUZaB-iylkV_fEDWuSZ6ZfFsUWQa8jiKUnkveXqAudbg4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15779
x-served-by
cache-iad-kjyo7100154-IAD, cache-bne12527-BNE
last-modified
Tue, 05 Dec 2023 12:00:13 GMT
server
UploadServer
x-timer
S1702360727.745946,VS0,VE0
etag
"e7d2c842d61fcdd04a1862933d5e3686"
x-goog-generation
1701777613000163
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=kEfgSw==, md5=59LIQtYfzdBKGGKTPV42hg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15779
x-amz-checksum-crc32c
kEfgSw==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9, 114
renaissance-2-jkqg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/01/multimedia/renaissance-2-jkqg/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/01/multimedia/renaissance-2-jkqg/renaissance-2-jkqg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
285f2e7f03b0a84bf4100707c1dce09102ff382566438a513774b3a0d5017ab5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 02 Dec 2023 00:09:49 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
577379
x-guploader-uploadid
ABPtcPpbm8HyUJFOXQ-psXbBry-Ip55Z42Rje2jf-bracZbZFjdT4ouHoYJmHsVoljNwAL_nQqU
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12336
x-served-by
cache-iad-kcgs7200133-IAD, cache-bne12527-BNE
last-modified
Sat, 02 Dec 2023 00:06:14 GMT
server
UploadServer
x-timer
S1702360727.746489,VS0,VE2
etag
"4b41aafb0f79610243618094b62c9981"
x-goog-generation
1701475574068539
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=WHOznQ==, md5=S0Gq+w95YQJDYYCUtiyZgQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12336
x-amz-checksum-crc32c
WHOznQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17, 1
30syndicaliste-review-cjpf-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/30/multimedia/30syndicaliste-review-cjpf/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/30/multimedia/30syndicaliste-review-cjpf/30syndicaliste-review-cjpf-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8b53ef3431f4d54b21ac676fd38e0a45425ca800c1e0d453bc8f3c3e966b809f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 18:23:44 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
355798
x-guploader-uploadid
ABPtcPqXwnzjnVADKPLTMIhY69IUeGNVc2o_rIpHum5o7xKXhn4NF5SnX1404Ls7GPZ1M9tWSYU
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14105
x-served-by
cache-iad-kcgs7200164-IAD, cache-bne12527-BNE
last-modified
Thu, 30 Nov 2023 18:17:11 GMT
server
UploadServer
x-timer
S1702360727.746733,VS0,VE1
etag
"7e2b40b16ae40400b233d8689a6c12b2"
x-goog-generation
1701368231422269
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=mjeDZQ==, md5=fitAsWrkBACyM9hommwSsg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
14105
x-amz-checksum-crc32c
mjeDZQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23, 1
29southblackpower-review-zhfc-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/29southblackpower-review-zhfc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/29southblackpower-review-zhfc/29southblackpower-review-zhfc-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
76e946e2c41355e093b26b984ce6558902c2b53f3235c73ce5e45465fc2645a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 17:05:34 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
391974
x-guploader-uploadid
ABPtcPrjsekvjoY7zP8sLeV0dENv443SBarD5T1FzDPvSHNam13HLNGxRwgBKF2sA7_LJsMbRQg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15470
x-served-by
cache-iad-kcgs7200163-IAD, cache-bne12527-BNE
last-modified
Thu, 30 Nov 2023 16:57:55 GMT
server
UploadServer
x-timer
S1702360727.756568,VS0,VE0
etag
"add4fefae6b27a0d5a6dbbf4564f313a"
x-goog-generation
1701363475005481
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=yK0ydw==, md5=rdT++uayeg1abbv0Vk8xOg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15470
x-amz-checksum-crc32c
yK0ydw==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10, 55
eileen1-tfpg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/30/multimedia/eileen1-tfpg/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/30/multimedia/eileen1-tfpg/eileen1-tfpg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b154fc6abe114f3ca580758bcd03328f51eb9d3564838bc9575cc547a170db56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 19:56:57 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
319372
x-guploader-uploadid
ABPtcPoxCOLcvUva7zkcVL3UMG36DrDJMwF-j7Kqwgs3Fvt1yP_7UoHSozNvOlSXHhbmx077hH4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13706
x-served-by
cache-iad-kcgs7200140-IAD, cache-bne12527-BNE
last-modified
Tue, 28 Nov 2023 15:18:40 GMT
server
UploadServer
x-timer
S1702360727.775605,VS0,VE2
etag
"04c6749eca9a1772070b4e5d9373487f"
x-goog-generation
1701184720891171
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=GkxJEQ==, md5=BMZ0nsqaF3IHC05dk3NIfw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13706
x-amz-checksum-crc32c
GkxJEQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10, 1
silentnight1-cbml-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/01/multimedia/silentnight1-cbml/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/01/multimedia/silentnight1-cbml/silentnight1-cbml-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6ac43e68ea5836f342a79906bb4a50ad83d6abab8ee89de953a8a6f623f9bdf9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1015051
x-guploader-uploadid
ABPtcPojxatK9-lsuBk_8UwSpUM4Cbl2iq8_N071JjochKAJI6AW6NO5Mp0XA92xTN6sjkebN14
x-cache
HIT, MISS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11071
x-served-by
cache-iad-kjyo7100042-IAD, cache-bne12527-BNE
last-modified
Thu, 30 Nov 2023 12:00:09 GMT
server
UploadServer
x-timer
S1702360727.775755,VS0,VE229
etag
"c2bf8e237008297742a39ae4e309be23"
x-goog-generation
1701345609229279
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=ZjkpHA==, md5=wr+OI3AIKXdCo5rk4wm+Iw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
11071
x-amz-checksum-crc32c
ZjkpHA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27000, 0
godzilla1-bjpk-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/godzilla1-bjpk/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/godzilla1-bjpk/godzilla1-bjpk-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5f4f1e81df489f3f780a530efdb335cbe594d4c6104c174d7a3222900ba0f4b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 22:13:10 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
459923
x-guploader-uploadid
ABPtcPonOnyERQOmSOPqHARUr7AnN3R2ZpJjzk_fcz19FkCNJax1aSxbZNRPMcxbGXmvH9r6AQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14139
x-served-by
cache-iad-kiad7000130-IAD, cache-bne12527-BNE
last-modified
Wed, 29 Nov 2023 17:47:20 GMT
server
UploadServer
x-timer
S1702360727.776274,VS0,VE0
etag
"5d7fe0a53399cb042c16effed096b94a"
x-goog-generation
1701280040086147
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=5CFucg==, md5=XX/gpTOZywQsFu/+0Ja5Sg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
14139
x-amz-checksum-crc32c
5CFucg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10, 1004
30AMERICAN-SYMPHONY-pix-htlz-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/30/multimedia/30AMERICAN-SYMPHONY-pix-htlz/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/30/multimedia/30AMERICAN-SYMPHONY-pix-htlz/30AMERICAN-SYMPHONY-pix-htlz-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
daa4ac0962ba278be8aa5b9e6d94b4b32c7f9d56e9cf69aabbcaf5b874d50bb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410241
x-guploader-uploadid
ABPtcPpGQgMqXQTwmQErhFdAGGNbdAubQTks1jFv5lNucZ8iPVyalivhyyojddp3Upr3OABDFj8
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12335
x-served-by
cache-iad-kiad7000151-IAD, cache-bne12527-BNE
last-modified
Thu, 30 Nov 2023 12:00:05 GMT
server
UploadServer
x-timer
S1702360727.777073,VS0,VE0
etag
"d608bc4591336f72a384e07f0676ef11"
x-goog-generation
1701345605296614
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=p/eU4g==, md5=1gi8RZEzb3KjhOB/BnbvEQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12335
x-amz-checksum-crc32c
p/eU4g==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9, 57
MAY-DECEMBER-REVIEW-ztkf-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/MAY-DECEMBER-REVIEW-ztkf/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/MAY-DECEMBER-REVIEW-ztkf/MAY-DECEMBER-REVIEW-ztkf-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c97bc6a34b621bdf788b8517c610b84546a94ae5dc63ca12bca410bc56cabaaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410241
x-guploader-uploadid
ABPtcPpPesDYYCXALORGSG7eINKmlJUoO4BKbA6HXx3T6U8fQ2LPi9gCgqp7Bh4-M-3zIscHj30
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12497
x-served-by
cache-iad-kcgs7200055-IAD, cache-bne12527-BNE
last-modified
Thu, 30 Nov 2023 12:00:08 GMT
server
UploadServer
x-timer
S1702360727.776876,VS0,VE0
etag
"cc94dbca17a10b347c90ad8a6e1560d2"
x-goog-generation
1701345608195454
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=2m6P4Q==, md5=zJTbyhehCzR8kK2KbhVg0g==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12497
x-amz-checksum-crc32c
2m6P4Q==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9, 57
whowebecome1-mzqv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/whowebecome1-mzqv/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/whowebecome1-mzqv/whowebecome1-mzqv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3f7f6c5ca73e0ea765589cb559c1ac72908b05004a5805cc9face54eb1d89d6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410241
x-guploader-uploadid
ABPtcPrS7u5rLCCBVJ_ZS8elkHy2qvgYd5K5Jf2gGdmr1IRgf4l3DnFzsfBxmdXcTqKMz8DKYLvGeJdlhg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13529
x-served-by
cache-iad-kjyo7100066-IAD, cache-bne12527-BNE
last-modified
Wed, 29 Nov 2023 15:58:12 GMT
server
UploadServer
x-timer
S1702360727.776837,VS0,VE0
etag
"a8a335cc41591f5710d99b2706a2f03d"
x-goog-generation
1701273492796344
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Xw0e3A==, md5=qKM1zEFZH1cQ2ZsnBqLwPQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13529
x-amz-checksum-crc32c
Xw0e3A==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9, 57
sweeteast1-zwkt-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/sweeteast1-zwkt/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/sweeteast1-zwkt/sweeteast1-zwkt-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0132703d78380e865750ae1766b6c0dc52a12744d86ec104c6e62f55e37b3abd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:16 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
405177
x-guploader-uploadid
ABPtcPpeCDOMeI5y0bY4liPmNqEnSe4vMw5qhsKjUjpF_2uM5wlQyBeaB0LNokqLoeHzZ2o5AIE
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9803
x-served-by
cache-iad-kiad7000072-IAD, cache-bne12527-BNE
last-modified
Wed, 29 Nov 2023 17:03:35 GMT
server
UploadServer
x-timer
S1702360727.796441,VS0,VE1
etag
"b29777441616c73ed3869ac8dbfe850d"
x-goog-generation
1701277415719562
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=/8iVmA==, md5=spd3RBYWxz7ThprI2/6FDQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9803
x-amz-checksum-crc32c
/8iVmA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9, 1
badpress1-gmpv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/badpress1-gmpv/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/badpress1-gmpv/badpress1-gmpv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
96da56b9234149ef5651f6257fa372471d8637d97e24e3d1d70e24df80598a42
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:16 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
319371
x-guploader-uploadid
ABPtcPrTCUp9C6gG-PTR100ZigPQ0WjkwkqDoG7VHQIqgp_mMBTI9izUIbVye_orAgCW0yTkExE
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
10357
x-served-by
cache-iad-kcgs7200140-IAD, cache-bne12527-BNE
last-modified
Wed, 29 Nov 2023 19:53:06 GMT
server
UploadServer
x-timer
S1702360727.796418,VS0,VE2
etag
"77662ed988ce1d3f7c598e9ca2d2c1c3"
x-goog-generation
1701287586498398
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=sCyq4w==, md5=d2Yu2YjOHT98WY6cotLBww==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10357
x-amz-checksum-crc32c
sCyq4w==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9, 1
29FAMIKLY-SWITCH-REVIEW-pix-mlpg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/29FAMIKLY-SWITCH-REVIEW-pix-mlpg/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/29FAMIKLY-SWITCH-REVIEW-pix-mlpg/29FAMIKLY-SWITCH-REVIEW-pix-mlpg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc1d90421ae9ef59c90961bbe87b3067254e05bc7bed6ae8683e450fe7b06a4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 04:13:13 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
438324
x-guploader-uploadid
ABPtcPoV1C5i8AD2yTDMmsZDuRE3f_A-WrZP-q27XsLtSN1hEdIEsxGndWyCCiMSoRWtJzHUycY
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
20462
x-served-by
cache-iad-kjyo7100150-IAD, cache-bne12527-BNE
last-modified
Thu, 30 Nov 2023 04:11:04 GMT
server
UploadServer
x-timer
S1702360727.796970,VS0,VE1
etag
"c54f9fd47ccd28785d24f81538ceaa73"
x-goog-generation
1701317464593832
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=P4tqhg==, md5=xU+f1HzNKHhdJPgVOM6qcw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
20462
x-amz-checksum-crc32c
P4tqhg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
43, 1
23smokesauna-review-zmpg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/23/multimedia/23smokesauna-review-zmpg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/23/multimedia/23smokesauna-review-zmpg/23smokesauna-review-zmpg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6ddc63a229a8099f2ba20fd1afc235ee0dc6feb4eca5d5b062fa8637bd33a455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 12:04:30 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
490937
x-guploader-uploadid
ABPtcPqXqpgXXf6Pu2QMjfr0JFGlQ5Gi2UIMoyq1mRrd5HSy-YiHEGwVnKytK5ZIYrq2Mj65WePRcfoEug
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
7622
x-served-by
cache-iad-kjyo7100137-IAD, cache-bne12527-BNE
last-modified
Thu, 23 Nov 2023 12:00:08 GMT
server
UploadServer
x-timer
S1702360727.796956,VS0,VE1
etag
"2fa03734ac6b55fa0e1839ee15890db6"
x-goog-generation
1700740808421800
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=sUGHeg==, md5=L6A3NKxrVfoOGDnuFYkNtg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
7622
x-amz-checksum-crc32c
sUGHeg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27, 1
23against1-jlvz-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/23against1-jlvz/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/23against1-jlvz/23against1-jlvz-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8f15d98f79fbe164f176ab67f494bc053de52751a8cb4253ae5357913913d92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 12:04:30 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
585955
x-guploader-uploadid
ABPtcPo4BDBGa38Si7WOXdEnv-FNmsV6EMSgG6yorb4n9S4GEPQqPGHXucLol9s6fdW_UwxZQ_Y
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16153
x-served-by
cache-iad-kcgs7200165-IAD, cache-bne12527-BNE
last-modified
Thu, 23 Nov 2023 12:00:05 GMT
server
UploadServer
x-timer
S1702360727.796939,VS0,VE1
etag
"8783d05f1bf7c842d69e99e912cbf67c"
x-goog-generation
1700740805080884
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=XwoEww==, md5=h4PQXxv3yELWnpnpEsv2fA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
16153
x-amz-checksum-crc32c
XwoEww==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
28, 1
23frybread1-wzvh-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/23frybread1-wzvh/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/23frybread1-wzvh/23frybread1-wzvh-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3aadfe219dcb558e321a797516f4b2a58d1a224ba083f6b54f66ed43db7ba042
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 12:04:30 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
410021
x-guploader-uploadid
ABPtcPoEEz82bUjCukMxoLcCLPE64HsX5mnB9p6ilKkwqDwRACXTTGyugWZ-RHsyAX5l0jqtYA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16315
x-served-by
cache-iad-kiad7000022-IAD, cache-bne12527-BNE
last-modified
Thu, 23 Nov 2023 12:00:04 GMT
server
UploadServer
x-timer
S1702360727.816309,VS0,VE6
etag
"78e614a8a2ca71eba919fe6e85b1b22c"
x-goog-generation
1700740804275521
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=5ycbuA==, md5=eOYUqKLKceupGf5uhbGyLA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
16315
x-amz-checksum-crc32c
5ycbuA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27, 1
22napoleon-review-ptkg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/22/multimedia/22napoleon-review-ptkg/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/22/multimedia/22napoleon-review-ptkg/22napoleon-review-ptkg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5b750ad75528313992ee4ce406d00306b1697afe1ff0a189529d7f7a479f3e08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 22:55:25 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
457319
x-guploader-uploadid
ABPtcPoc1lxj3WiVrHGNb9_Q58dDwTZ8Sca_guuSqJgNVdjr5wpf0EiEDXXEU0VDJrW3TDckoJY
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13634
x-served-by
cache-iad-kcgs7200023-IAD, cache-bne12527-BNE
last-modified
Wed, 22 Nov 2023 22:52:54 GMT
server
UploadServer
x-timer
S1702360727.816567,VS0,VE0
etag
"26498c34d835a40d81a831d8bb66ef95"
x-goog-generation
1700693574609468
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=6z5y0g==, md5=JkmMNNg1pA2BqDHYu2bvlQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13634
x-amz-checksum-crc32c
6z5y0g==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
48, 67
menu-plaisir-review-kghc-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/22/multimedia/menu-plaisir-review-kghc/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/22/multimedia/menu-plaisir-review-kghc/menu-plaisir-review-kghc-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
55c1c58d71465846b68c38303b47228dd7c2b44b9126a3a52008187af6229b5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 19:01:31 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
471416
x-guploader-uploadid
ABPtcPpwXuGPLA4ymlZliizZSI0Z_aLB4mWTmifjQfBr8y9MGU1T_cRLULzSmS_1BWBMgRaz_K4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12671
x-served-by
cache-iad-kcgs7200131-IAD, cache-bne12527-BNE
last-modified
Wed, 22 Nov 2023 18:59:36 GMT
server
UploadServer
x-timer
S1702360727.816757,VS0,VE0
etag
"77c0c26a74d06319a0897c05dca82c6e"
x-goog-generation
1700679576482192
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=GWAH+Q==, md5=d8DCanTQYxmgiXwF3Kgsbg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12671
x-amz-checksum-crc32c
GWAH+Q==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
64, 73
22monster-review-cmbl-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/22monster-review-cmbl/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/22monster-review-cmbl/22monster-review-cmbl-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b3bdf64ab3c7970c3e968d6bad647be95e6c8d83d52de3996a2d0abe91043854
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 21:43:50 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
375288
x-guploader-uploadid
ABPtcPokfzMNeapMY1fR3RtDG4D35mcJBWAULTzzxJhEu6_DtztTtS5364ky7pjQKNqzc3U9QOo
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14262
x-served-by
cache-iad-kjyo7100086-IAD, cache-bne12527-BNE
last-modified
Thu, 23 Nov 2023 21:41:31 GMT
server
UploadServer
x-timer
S1702360727.816757,VS0,VE1
etag
"e862e9a52f0b146bd73d8a1a09eb1e63"
x-goog-generation
1700775691324962
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=DmWVEg==, md5=6GLppS8LFGvXPYoaCeseYw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
14262
x-amz-checksum-crc32c
DmWVEg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
52, 1
23cypher1-cqlm-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/23cypher1-cqlm/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/23cypher1-cqlm/23cypher1-cqlm-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a4e7ef88b1c616dd5844d62352f9650661f423012f86966920eea4a1ff734772
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 21:43:50 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
511208
x-guploader-uploadid
ABPtcPpNGulQQaZiOhHy4_EKdhuMpXw9N5MTaU1reYFRCNwiCnKSNGIc58D1fLXViQ0yrDIUzYg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11676
x-served-by
cache-iad-kiad7000136-IAD, cache-bne12527-BNE
last-modified
Thu, 23 Nov 2023 21:43:22 GMT
server
UploadServer
x-timer
S1702360727.816929,VS0,VE1
etag
"9c462472b78de9f692fda476df908eba"
x-goog-generation
1700775802629269
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=dJCPhQ==, md5=nEYkcreN6faS/aR235COug==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
11676
x-amz-checksum-crc32c
dJCPhQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
51, 1
vendor-7799bfe3d9a78d57c093.js
www.nytimes.com/vi-assets/static-assets/ 		173 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1237433
x-guploader-uploadid
ABPtcPr9_KWHCmwR09yPy6XdhcpQP3ySTqiaED6NJu8Evuj2NpSFgA2hZH__U2Yxy95QYchhRuY
x-goog-stored-content-encoding
identity
x-origin-time
2023-11-27 22:14:53 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.724729,VS0,VE1
etag
"b5e3f2c1b76554752bb8d61689b81dc5"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701122630852416
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
42075
expires
Tue, 26 Nov 2024 22:14:53 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
50434
last-modified
Mon, 27 Nov 2023 22:03:51 GMT
server
UploadServer
x-goog-hash
crc32c=DUs3dw==, md5=tePywbdlVHUruNYWibgdxQ==
x-gdpr
0
x-goog-stored-content-length
176881
accept-ranges
bytes
reviews-3f1514394a71ba60722d.js
www.nytimes.com/vi-assets/static-assets/ 		148 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/reviews-3f1514394a71ba60722d.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f48d88558cff5d54c034183e64e36562c997faa25f89a2493818dde8d3c2e13b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
43603
x-guploader-uploadid
ABPtcPogR4EkRd9AbTOa2UHyVsQarFLVsnHDt6MNjcWDd0nKx3YtVOXrz_AHammS-OzrTS4Bpw
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-11 17:54:04 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.724715,VS0,VE1
etag
"27373cac9996d95162ae3fc939fd17f1"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702317077845388
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/reviews-3f1514394a71ba60722d.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1115
expires
Tue, 10 Dec 2024 17:52:03 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
39257
last-modified
Mon, 11 Dec 2023 17:51:17 GMT
server
UploadServer
x-goog-hash
crc32c=PQv7SA==, md5=Jzc8rJmW2VFirj/JOf0X8Q==
x-gdpr
0
x-goog-stored-content-length
151261
accept-ranges
bytes
main-35ef6f999b3a8eba9474.js
www.nytimes.com/vi-assets/static-assets/ 		2 MB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-35ef6f999b3a8eba9474.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2e8d3d94804cb18f10af813e0ffec73594193d4ab6df11ff947c13e4f617a218
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
35033
x-guploader-uploadid
ABPtcPpheKC_NTZrUjCJ5HM9uGmv-D6WduvI2SqUyWLQSYQ6nPb5GaGrGaB2qQwArxx9Dm4PNw
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-11 20:15:36 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.724687,VS0,VE1
etag
"4da04b3f0b3f5f99f737783e1741ab06"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702325176318609
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-35ef6f999b3a8eba9474.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
4
expires
Tue, 10 Dec 2024 20:14:53 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
516976
last-modified
Mon, 11 Dec 2023 20:06:16 GMT
server
UploadServer
x-goog-hash
crc32c=HgM5kw==, md5=TaBLPws/X5n3N3g+F0GrBg==
x-gdpr
0
x-goog-stored-content-length
1815058
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		444 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
59d15884794903474a4399fe2db7fa7e9255ca9aa762c5d84caa3d6253069f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123486
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
740
content-length
0
date
Tue, 12 Dec 2023 05:58:47 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
26
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
51
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
DE
x-samizdat-query-exe-id
8e6c1cf19bb707e7
x-samizdat-query-field-errors
0
x-served-by
cache-bfi-kbfi7400067-BFI
x-timer
S1702360727.054165,VS0,VE0
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
v2
samizdat-graphql.nytimes.com/graphql/ 		149 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
0
age
25
x-samizdat-query-field-errors
0
x-samizdat-query-cache
H
x-samizdat-query-exe-id
27c062166f7141de
samizdat-x-canary
false
x-served-by
cache-bne12527-BNE
x-graphiti-gateway
411667ba
x-nyt-country
US
x-timer
S1702360727.131375,VS0,VE1
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
DE
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
HIT
x-samizdat-query-op-id
project-vi.v2.UserQuery
x-cache-hits
2
x-samizdat-query-sup-code
date
Tue, 12 Dec 2023 05:58:47 GMT
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
HIT
samizdat-x-instance
244d1050
x-envoy-upstream-service-time
122
x-samizdat-query-personalized
content-length
125
last-modified
Tue, 12 Dec 2023 05:58:21 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1, 1
x-samizdat-query-surrogates-size
0
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
als
als-svc.nytimes.com/ 		307 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://als-svc.nytimes.com/als?url=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
316f7cb53a823b627ed33009d3a21fa806ac7c1183105c146753cd7f22101840
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 google
content-encoding
gzip
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
als-svc.nytimes.com:443/*
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
61
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
grumi-ip.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-58.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d05ae9b253cab83099387db0d3a4ec1c2be203c3738e2dcb74927c1fd6bc626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:36 GMT
x-amz-version-id
hqOVgn0HjZQPcs0LFfvBLxiyjrh2UzkI
content-encoding
br
last-modified
Sun, 10 Dec 2023 11:33:19 GMT
server
AmazonS3
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"8a0c1c442967d757a46b3bb7a75ef66d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
12
x-amz-cf-id
XuwjwlvgO2Nb-uhtdiAYYu-IpKwdh6QM4ZJWB_Dbepv3CpZG8hSbkg==
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:30:06 GMT
content-encoding
gzip
via
1.1 e677c49086c9d85b00b0230e47b36ec0.cloudfront.net (CloudFront), 1.1 9910b161083ec8200ad24e6d6beec168.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD1-C1
age
1721
x-amz-server-side-encryption
AES256
etag
W/"ccfaf15c322e197d2e6d0d6bd5642adc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
c2bxcNnU0jiXtLAVN_Ujc2aUGIICVhoWJmX8YC4cTEx07aYnmjuTmA==
prebid8.25.0.js
www.nytimes.com/ads/ 		315 KB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/ads/prebid8.25.0.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid
ABPtcPoNuVQPfSCSEizuPUMvvbMQne7ERNZMtniK9kdRYhN-NdjfJD7FtYwh_FAua7FowpNHeqdra93wkg
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-12 05:58:46 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.736361,VS0,VE216
etag
"78c86859abaee40f233a9a8c96540124"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701363099682984
content-type
text/javascript
access-control-allow-origin
*
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.25.0.js
x-nyt-route
ads-static-assets
cache-control
private, max-age=0
x-nyt-app-webview
0
x-nyt-edge-cache
MISS
x-amz-checksum-crc32c
b1VVOA==
x-cache-hits
0
expires
Tue, 12 Dec 2023 05:58:46 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
MISS
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
content-length
322837
last-modified
Thu, 30 Nov 2023 16:51:39 GMT
server
UploadServer
x-goog-hash
crc32c=b1VVOA==, md5=eMhoWauu5A8jOpqMllQBJA==
x-gdpr
0
x-goog-stored-content-length
322837
accept-ranges
bytes
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:50:34 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20347673
x-guploader-uploadid
ADPycdut3exAeyJLMLnswh26VG_z-3M2nKY2tEoMO3m5ajEsHicy7BgEytOCEe9i2EV840chuMS_dfmjE9FqWPHkU2Thkg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-bne12528-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702360727.780076,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation
1650460180610251
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
24807
karnak-normal-400.b2143e2f1890f4d516078da14aebab03.woff2
g1.nyt.com/fonts/family/karnak/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/karnak/karnak-normal-400.b2143e2f1890f4d516078da14aebab03.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cf270229e004cc9e09e49f17fd5f5de7b0785b9352875f7f9ce4338837b491dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 24 Sep 2024 18:44:42 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
6693243
x-guploader-uploadid
ADPycdsnLOusDVNjLomR7SF3pqAglHqhy54H1NW4qrJdW8R19yv0ljPckPjhlA1Ffz9AsD3nZSg1of-mgezKbOBjHrKfQg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27004
x-served-by
cache-bne12528-BNE
last-modified
Tue, 17 Jan 2023 21:42:57 GMT
server
UploadServer
x-timer
S1702360727.780466,VS0,VE0
etag
"b2143e2f1890f4d516078da14aebab03"
x-goog-generation
1673991777104472
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=3pdvdA==, md5=shQ+LxiQ9NUWB42hSuurAw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
27004
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1859
karnak-normal-900.7552fe3fdd9952aeda91e6c5a2adc59f.woff2
g1.nyt.com/fonts/family/karnak/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/karnak/karnak-normal-900.7552fe3fdd9952aeda91e6c5a2adc59f.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1fe37d55e6324e8660e627fdf1cd545c9a84f80963bc07f3a564434043650a09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 02 Jul 2024 15:21:58 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
13963008
x-guploader-uploadid
ADPycduE5tK1NJEhNjkxSbe9NBpQPMqTGmNiGR_0oNAbnwmDkMMIRPaLVp8-vUXGbunJq7Ck-kVGSJj6WqLunf55YfrgMDPw0pJ3
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21288
x-served-by
cache-bne12528-BNE
last-modified
Tue, 17 Jan 2023 21:42:57 GMT
server
UploadServer
x-timer
S1702360727.780050,VS0,VE0
etag
"7552fe3fdd9952aeda91e6c5a2adc59f"
x-goog-generation
1673991777178724
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=5QA+9Q==, md5=dVL+P92ZUq7akebFoq3Fnw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
21288
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
3796
cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 08 Jun 2022 11:21:56 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
16137408
x-guploader-uploadid
ABg5-Uzj2l_Q2AYc7g5xp4Sq9mPJtACHNCFnIHoVsYjoNP3OH3fWlQbNBVAXLLbdKqLzFfOM2Frc5eIm2Esrj_FSefs
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29076
x-served-by
cache-bne12528-BNE
last-modified
Tue, 06 Apr 2021 21:11:52 GMT
server
UploadServer
x-timer
S1702360727.780516,VS0,VE0
etag
"a3ed7afe3eaa0a873f3fbd379f8c491b"
x-goog-generation
1617743511931481
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
29076
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
13557
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:52:03 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20347596
x-guploader-uploadid
ADPycdsXwgys8aj3ZPmvtiOu0IVs0bwyR9UOKUCwDGJ8cCoGlhRrbTjJjb1VhDZfiwaE6JvaXa9frs9HrbF4CkPhRrU3eA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-bne12528-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702360727.780543,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation
1650460180561781
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
25454
franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:50:38 GMT
date
Tue, 12 Dec 2023 05:58:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20347672
x-guploader-uploadid
ADPycdvy3vW2MEIK2pYaeqEu4pYI8dH48bioj10UGt9GP4pErjyahIEBRdwpNgaC4K2VO8jV2kWxEs4hQ6opEaH4LKzqBg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-bne12528-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702360727.780887,VS0,VE0
etag
"a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation
1650460180541296
x-goog-hash
crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20136
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
20925
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-9682e4930b73f574c86b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
c2807993647a01f5c36fa8bd9e4130f8bb18922cff7f20ffad1118fd4172a102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29099
x-xss-protection
0
server
cafe
etag
486 / 19703 / 31080021 / config-hash: 11999804698944333348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:58:47 GMT
3030
config.aps.amazon-adsystem.com/configs/ 		714 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3030
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-31.syd1.r.cloudfront.net
Software
CloudFront /
Resource Hash
3f770f537145bf6ca53f22706f1befe600243936bd5eb48eb4b18456cfca5fb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:24:37 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
2049
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
714
x-amz-cf-id
swQocznjvoZOhO1gXto-K_kguZCL4JpYKkP6XG1oRHi_X48tnirY3A==
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fwww.nytimes.com
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:59:36 GMT
via
1.1 9910b161083ec8200ad24e6d6beec168.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD1-C1
age
10749
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
G8W-Qo9fuplaHsO2ecEyTHTaE1W9snHf1sKhUmCQxFWZir-iujZieA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:16:42 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
31325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PruMfBH_KJAWVTS2tY1HI-F_0fqY2ehZ51kFjuRd1KUqKC69gGuL8g==
vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
www.nytimes.com/vi-assets/static-assets/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f8018ac0d5ade5c992dccb83915d04af94d42283dadbe071b57f058c27d126ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
45074
x-guploader-uploadid
ABPtcPrLHF9-PkLuI5y5_E-s6yQKMeR1EsacObx1lMxhsd3M0-fQ3YPEGQf7QpAzkW7gICla_A
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-11 17:27:33 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.010711,VS0,VE1
etag
"7fc801944914d461ed548dbdb2411530"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702315542546878
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
2494
expires
Tue, 10 Dec 2024 17:27:33 GMT
date
Tue, 12 Dec 2023 05:58:47 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
9822
last-modified
Mon, 11 Dec 2023 17:25:42 GMT
server
UploadServer
x-goog-hash
crc32c=j1VBkQ==, md5=f8gBlEkU1GHtVI29skEVMA==
x-gdpr
0
x-goog-stored-content-length
48898
accept-ranges
bytes
vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-bbffd7120a1da353b622.js
www.nytimes.com/vi-assets/static-assets/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-bbffd7120a1da353b622.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0102b77021ad22f935391cbe950f1b531542f95b054accf1ab91c0822f979866
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
549772
x-guploader-uploadid
ABPtcPp2VToE0a_J45DS6uefj9nkIpSebmnFeKz5NWFyojDyux5Ke2F_WSyRalI0Oy3kcRebSR9GSuhXRw
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-05 21:15:54 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.011161,VS0,VE1
etag
"54d109a33cb657934bc02bd91f902fd5"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701810905524032
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-bbffd7120a1da353b622.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
10253
expires
Wed, 04 Dec 2024 21:15:54 GMT
date
Tue, 12 Dec 2023 05:58:47 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
14352
last-modified
Tue, 05 Dec 2023 21:15:05 GMT
server
UploadServer
x-goog-hash
crc32c=v9imrw==, md5=VNEJozy2V5NLwCvZH5Av1Q==
x-gdpr
0
x-goog-stored-content-length
46798
accept-ranges
bytes
markets~reviews~timeswire~your-list-73b748233a82766dde97.js
www.nytimes.com/vi-assets/static-assets/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/markets~reviews~timeswire~your-list-73b748233a82766dde97.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e77556be87322bade8e837ccfae45cd8e787d9edef78dc03bf5ae7bac8607819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1246720
x-guploader-uploadid
ABPtcPowupcdg38qbpPoZf5ceVm7gfjcnXp4LLkGjV8SqAyldY_ofk4tiBSUkOY3j64_qECsSzbGiCvMnw
x-goog-stored-content-encoding
identity
x-origin-time
2023-11-27 19:41:44 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360727.011162,VS0,VE1
etag
"7dd251c2d0c0f0c8cc22d062e5de2d6a"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701113982218003
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/markets~reviews~timeswire~your-list-73b748233a82766dde97.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
14439
expires
Tue, 26 Nov 2024 19:40:07 GMT
date
Tue, 12 Dec 2023 05:58:47 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
8000
last-modified
Mon, 27 Nov 2023 19:39:42 GMT
server
UploadServer
x-goog-hash
crc32c=/gV5/Q==, md5=fdJRwtDA8MjMItBi5d4tag==
x-gdpr
0
x-goog-stored-content-length
24203
accept-ranges
bytes
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 476E 		258 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-58.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8b599735a638777b6112736e792c3a9c45836f24d93056283c9ae7ad030a811

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:36 GMT
x-amz-version-id
f2xoBYz_sGoepCWXsIJoXkkXwdWfTD_m
content-encoding
br
last-modified
Tue, 12 Dec 2023 05:38:50 GMT
server
AmazonS3
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"f8dc8fed5a6b9a56c33e3656ef110330"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
12
x-amz-cf-id
jSG9kgkg5feHiAIjSzwb4ZlrygVDa-WeHAc_0HpIWASZNVc2SJuJBA==
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
588
content-length
0
date
Tue, 12 Dec 2023 05:58:47 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
12
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
51
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
DE
x-samizdat-query-exe-id
8e0ac9239ca9a311
x-samizdat-query-field-errors
0
x-served-by
cache-bfi-kbfi7400067-BFI
x-timer
S1702360727.272855,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
617370911de8d55b9172bed9bbd0a8d91e4bf89fbe7db6cbfce284f01004cef9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-AU,en;q=0.9
x-nyt-entitlements
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
x-nyt-programming-abtest
nyt-app-type
project-vi
Content-Type
application/json
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
x-nyt-internal-meter-override

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
0
x-nyt-pass-reason
PRVT
x-samizdat-query-field-errors
0
x-samizdat-query-cache
M
x-samizdat-query-exe-id
f97c994105883c9c
samizdat-x-canary
false
x-served-by
cache-bne12527-BNE
x-graphiti-gateway
411667ba
x-nyt-country
US
x-timer
S1702360727.351157,VS0,VE355
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
DE
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
private, no-store
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
MISS
x-samizdat-query-op-id
project-vi.v2.getMessageSelection
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
ce91048b
x-envoy-upstream-service-time
154
x-samizdat-query-personalized
p
last-modified
Tue, 12 Dec 2023 05:58:46 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
x-samizdat-query-surrogates-size
0
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
purr-cache
purr.nytimes.com/v1/ 		0
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 google
x-envoy-decorator-operation
purr.nytimes.com:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
envoy
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
40f8f3dd79e0987408625cc70dc6710a
access-control-allow-credentials
true
x-envoy-upstream-service-time
83
content-length
0
data-layer
a.nytimes.com/svc/nyt/ 		999 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&caller_id=nyt-vi&jkcb=1702360727207&referrer=&sourceApp=nyt-vi
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
158d50699171dcb95dec23bdfa80fcf01815e489e0855d07c1b1b08ebd36244d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nyti-upstream
gke
date
Tue, 12 Dec 2023 05:58:47 GMT
x-envoy-decorator-operation
a.nytimes.com:443/*
via
1.1 google
strict-transport-security
max-age=63072000; preload; includeSubdomains
content-encoding
gzip
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
95
access-control-allow-headers
Content-Type, x-requested-by
gtm.js
www.googletagmanager.com/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
86901290c5d5ec9429e7b83b4ef0e25760ea28442dc2c176f7c51f952af72e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63328
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 05:58:47 GMT
tags.js
dd.nytimes.com/ 		147 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-128.syd1.r.cloudfront.net
Software
Apache /
Resource Hash
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 d84cce98b6433e191cc61635f56f5108.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 05:57:22 GMT
x-amz-cf-pop
SYD1-C1
age
85
x-cache
Hit from cloudfront
content-length
27331
last-modified
Wed, 29 Nov 2023 13:37:06 GMT
server
Apache
etag
"24cd6-60b4aa18fa3ca-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
6NHIvNEI-rhCSqTdhYO3P4umWmIxpdRMMSzVP1RVybkucENV2-tnXg==
expires
Tue, 12 Dec 2023 06:57:22 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1702360727286&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1702360727286&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1702360727286&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Server
18.67.111.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-113.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 428f5fd898b57c76263aa42c4277686a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-amz-cf-id
NaEiYokIVzQoT6YhvGXqfiW9vPyj4uv2E7dokzvNQmVsplHDGXwrSw==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 428f5fd898b57c76263aa42c4277686a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005403&ns__t=1702360727286&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
content-length
0
x-amz-cf-id
EcBX2raKDJJxAi-3bOoZnIP88EsMiBrD0OHFxD1OEcmha19tJbTHBw==
dbe240d6-8bcd-4771-bf39-8b43b4a08c94
https://www.nytimes.com/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nytimes.com/dbe240d6-8bcd-4771-bf39-8b43b4a08c94
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
dd.nytimes.com/js/ 		235 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.nytimes.com/js/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-128.syd1.r.cloudfront.net
Software
DataDome /
Resource Hash
faadd478b7853926bb307277058648cd4883438a93d65d36f4bdd00ea5928b61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 7a7cbcc9a496cf341e54c90ad14e02d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
235
x-amz-cf-id
Bv8GapkiBOoH2thvtWcMCvehNafA1JTcvGdHAaNLqH1h9yv45BEWwg==
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
66078
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Dec 2024 11:37:29 GMT
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
bid
aax.amazon-adsystem.com/e/dtb/ 		191 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&pid=6mbQhN9Mf1Xip&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22mid1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22mid1_sf_web%22%7D%5D&pj=%7B%22si_section%22%3A%22movies%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
4dce82188087b5a879afaed84f7c41579a9ccd759994d30d908879edc355ca62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 3fb6aad2d0d4eb57ef667ceeeeca901a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
lWfVVCd_sim8yJ8tQY_Xqw-8XQBF2M4VQb9s3Q-tIBJ9Jhfo549hYg==
bid
aax.amazon-adsystem.com/e/dtb/ 		191 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&pid=6mbQhN9Mf1Xip&cb=1&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22top_sf_web%22%7D%5D&pj=%7B%22si_section%22%3A%22movies%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
ab58c90a662cf700705e739676c14e82d7ab3e91ec18689f6f30daf88d8a2194

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
via
1.1 3fb6aad2d0d4eb57ef667ceeeeca901a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
GJMUFSKS4iwuk8zVXxg_VDp8nBkT5cihZN1VzwxAGGetmGq6wZL6mg==
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=169283818453923&correlator=1439721722287195&eid=31079827%2C31079958%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cmovies%2Cmovieguide&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702360727606&lmt=1702358687&adxs=1100&adys=698&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&vis=1&psz=300x283&msz=300x0&fws=4&ohw=1600&ga_vid=1004363938.1702360728&ga_sid=1702360728&ga_hid=3676900&ga_fc=false&dlt=1702360726665&idt=836&prev_scp=div%3Dmid1%26pos%3Dmid1%26amznbid%3D1%26amznp%3D1%26request_time%3D929&cust_params=als_test_clientside%3Dweb_none_none_20231212055847%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3Ddfp_prebid_0723_3_index_pubmatic%252Cdfp_als_home_1_als%26sov%3D1%26page_view_id%3D_rH2906T6ZtGSNyTqBPwVkue%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser%26gscat%3Dgs_t%26ledemedsz%3Dnone%26artlen%3Dshort%26brandsensitive%3Dfalse&adks=2498871328&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
d4414df88159c10ceef9e7a8e5bdb7883472faf8af5f789594ea8fceaed8d874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13541
x-xss-protection
0
google-lineitem-id
6181152954
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138447923603
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:58:48 GMT
expires
Wed, 11 Dec 2024 05:58:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=169283818453923&correlator=1439721722287195&eid=31079827%2C31079958%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cmovies%2Cmovieguide&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702360727634&lmt=1702358687&adxs=0&adys=75&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1004363938.1702360728&ga_sid=1702360728&ga_hid=3676900&ga_fc=false&dlt=1702360726665&idt=836&prev_scp=div%3Dtop%26pos%3Dtop%26amznbid%3D1%26amznp%3D1%26request_time%3D964&cust_params=als_test_clientside%3Dweb_none_none_20231212055847%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3Ddfp_prebid_0723_3_index_pubmatic%252Cdfp_als_home_1_als%26sov%3D1%26page_view_id%3D_rH2906T6ZtGSNyTqBPwVkue%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser%26gscat%3Dgs_t%26ledemedsz%3Dnone%26artlen%3Dshort%26brandsensitive%3Dfalse&adks=2614277642&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
b934b28a592bc7dd4beb95e8bea1afe3587aaa9c34af1dd8ed65863123a5c0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
72859
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17663
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
751047
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		395 B
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&kw=moviereview%2CNewYorkmovies%2CNYmovies%2CBrooklynmovies%2CManhattanmoviessearch&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tg_i.invCode=nyt_movies_top&tg_i.pbadslot=%2F29390238%2Fnyt%2Fmovies%2Fmovieguide&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=2180d9db8e2af7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F29390238%2Fnyt%2Fmovies%2Fmovieguide&m_ch_mobile=%3F0&slots=1&rand=0.4405195299912208
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f9db809492baad47bcea3f521fe191a38e635c91f63f016f3d5df24290cc69a3

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
395
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&kw=moviereview%2CNewYorkmovies%2CNYmovies%2CBrooklynmovies%2CManhattanmoviessearch&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tg_i.invCode=nyt_movies_mid1&tg_i.pbadslot=%2F29390238%2Fnyt%2Fmovies%2Fmovieguide&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=36c79f033c4ec6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F29390238%2Fnyt%2Fmovies%2Fmovieguide&m_ch_mobile=%3F0&slots=1&rand=0.8477527171737933
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fb35dfc05abcfcf5d9f025b9915df3fdcb9827b88b50bd9c280ab89d48f3376a

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&kw=moviereview%2CNewYorkmovies%2CNYmovies%2CBrooklynmovies%2CManhattanmoviessearch&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tg_i.invCode=nyt_movies_mid2&tg_i.pbadslot=mid2&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=425d9e2a35b6a1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.013215263668760135
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d064e77a5f3651d46b9da043cb313bb0bd2c392cc105f35b5b421a85edd0749d

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6ce959e2940878e8f7e812ff19fd125ae9902f4ed88519765096f2b3c0e02dea

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=995821
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c721299d015690fbec505e6e644b3a34c6a1adcdf0c5b99bdfe0652ddd5bf911

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVAupXM9QZLiDC8VT37yGvQD69uiRRezgt2n1WbwI87GDVguhpH52lzchA3R8Gosgczi3IDDuHZmEAamWHPLO%2BriR0PPA7Z0NBLcv3J%2BISHLXS64kFW7iGlNCwz3PghUtjT4JpYo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8343bcd45db2dfa7-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		360 B
923 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
04bac2fb15bfdab670920aa6998b550352ca90422c5e6ba641aaef82421bebb4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
an-x-request-uuid
2c5a28e9-1700-4a2d-8104-0efdec0bcb1a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
360
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ca4ceb1c4d63087632d480a1221aafee845a5fdb85327593894ffd4a9ef78fec

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 12 Dec 2023 05:58:47 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75
auction
tlx.3lift.com/header/ 		47 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.25.0&referrer=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tmax=10000
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.251.189.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-189-145.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9d21e416f40dc11bf1b0b52526254a077671871de994c683c6866803acfc7d69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
12345
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ddb0729fe320c064d60f9b73ad9a7f1cf54a4675d4f331fe96c089a103b41b14

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:47 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 05:58:47 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
740
content-length
0
date
Tue, 12 Dec 2023 05:58:47 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
27
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
51
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
DE
x-samizdat-query-exe-id
a041d69e3114525e
x-samizdat-query-field-errors
0
x-served-by
cache-bfi-kbfi7400067-BFI
x-timer
S1702360728.814051,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2872a6283f92a0e48691020c8f3b4d021f42c03a7e2d4354c6a33ff8da206fe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
0
age
0
x-samizdat-query-field-errors
0
x-samizdat-query-cache
H
x-samizdat-query-exe-id
f4b901dff6a60586
samizdat-x-canary
false
x-served-by
cache-bne12527-BNE
x-graphiti-gateway
411667ba
x-nyt-country
US
x-timer
S1702360728.892410,VS0,VE266
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
DE
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
MISS
x-samizdat-query-op-id
project-vi.v2.getOffer
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 12 Dec 2023 05:58:48 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
cb3855fc
x-envoy-upstream-service-time
65
x-samizdat-query-personalized
content-length
1183
last-modified
Tue, 12 Dec 2023 05:03:00 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
x-samizdat-query-surrogates-size
0
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
/
mwcm.nytimes.com/capi/metered_assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&gr=OPEN&mr=1&ma=1&counted=false&granted=true&us=anon&context-type=&areas=barOne
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
eccd98f60887db343dda1d6e742eae7c954c554ade7a3d815bddd734a029d3a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache
MISS
x-envoy-upstream-service-time
167
x-served-by
cache-bne12527-BNE
server
envoy
x-cmots-campaign-names
{"barOne":"MAG_bar1_test_subcon"}
x-timer
S1702360728.774342,VS0,VE360
vary
x-nyt-country, x-nyt-user-status, x-nyt-cmots-purr-ad-conf, x-nyt-device, X-NYT-Currency, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
f0007b55d3922d23890001eef31d9dd1
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-muassets
x-nyt-edge-cache
MISS
accept-ranges
bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
client
accounts.google.com/gsi/ 		206 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f84.1e100.net
Software
ESF /
Resource Hash
ba791b4e49120a8cc828b1cc4449b261fc89e26e4628a550df28b00b364390dc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-j3LUK2HjFecob9FLllPn5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-j3LUK2HjFecob9FLllPn5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 12 Dec 2023 05:58:48 GMT
activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;...
5290727.fls.doubleclick.net/ Frame 0676
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=ano...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes....
565 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
c4e62eeb8a56dc248acebfdf731452387339671f10e9be381bdaba975589f3fb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
305
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:58:48 GMT
expires
Tue, 12 Dec 2023 05:58:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:58:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.150.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-150-126.syd1.r.cloudfront.net
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:33:05 GMT
content-encoding
gzip
via
1.1 cab8093de9e922f6aac9f66e51afc0cc.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:16 GMT
server
nginx
x-amz-cf-pop
SYD1-C1
age
19543
etag
W/"655577b0-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
i1gZpp9dSolZyt7HyCGD9VDkPNokhQu7n3F7AZr8AO8T9_bX_cYndw==
expires
Wed, 13 Dec 2023 00:33:05 GMT
show-ads.js
a1.nyt.com/analytics/ 		45 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 09 Jun 2021 09:54:35 GMT
date
Tue, 12 Dec 2023 05:58:47 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
52786
x-guploader-uploadid
ABg5-UzMnSmageULT2OGSj40PuEaMehhfv-pNFogt0eMZi14CxNa61-c9tCTDVEc1XyaQhYlG6yavvjGSTTIWJx4mSI
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
65
x-served-by
cache-bne12527-BNE
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1702360728.811985,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
x-goog-generation
1608239975905841
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
45
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
15922
comscore-streaming.js
a1.nyt.com/analytics/ 		103 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/comscore-streaming.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 09 Jun 2021 09:54:18 GMT
date
Tue, 12 Dec 2023 05:58:47 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
41453
x-guploader-uploadid
ABg5-UwyYmhXRJr9ComHmM2CUDi8HVt95EzOEkzpl_24qISxjrgbch8HolJoB9MZHjZyDtaxc1QcArbU-r0a_VRY2_0
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
18717
x-served-by
cache-bne12527-BNE
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1702360728.811862,VS0,VE0
etag
"04e0b9556a78ce5cedf86a34e5483036"
vary
Accept-Encoding
x-goog-generation
1608239975621789
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
105675
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
14893
nyt.js
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 12 Dec 2023 05:08:36 GMT
server
cloudflare
age
3012
cf-polished
origSize=4821
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdmbrZZC4ZbzTL2XtVgoho2h%2BBIBlXS5D7E0yzcmOWvbYD8atJW7ujbEIsPfde2l%2Fy5iqQGMJ7F%2B5pWbNlBoiv7fV7ms2IFiCzkdfPqYiaq17JdYZyKbZvhrzaYW3LDNQxyEY8wU"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8343bcd6bf43a883-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cksync
hb.yahoo.net/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1967738130
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDk1NDU4ZmMtMjNiNS00NzU1LTliZjEtMjQ3OGNmMGRkODc4&gdpr=0&gdpr_consent=&ttd_tdid=d95458fc-23b5-4755-9bf1-2478c...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=ZDk1NDU4ZmMtMjNiNS00NzU1LTliZjEtMjQ3OGNmMGRkODc4&gdpr=0&gdpr_consent=&ttd_tdid=d95458fc-23b5-4755-9bf1-247...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d95458fc-23b5-4755-9bf1-2478cf0dd878&google_gid=CAESEHEuLgzYW4Pf7mtPslzD-iI&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d95458fc-23b5-4755-9bf1-2478cf0dd878&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d95458fc-23b5-4755-9bf1-2478cf0dd878&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&gdpr=0&ovsid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dpid=55953
53 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&gdpr=0&ovsid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dpid=55953
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 05:58:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 05:58:49 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&gdpr=0&ovsid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dpid=55953
date
Tue, 12 Dec 2023 05:58:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
iu3
s.amazon-adsystem.com/ Frame 4342
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
320 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
320
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 05:58:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
53AH7SCBFWAGQVMZGFZ7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 05:58:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4ZDKAMT5VY92YQX520CW
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ping
pnytimes.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Freviews%2Fmovies&u=Cx8ghqB8hdOG26txJ&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6519&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&b=2374&t=CS3dSSD8nFYrD_CiAfbfHAINl2d9&V=141&i=Movie%20Reviews%20-%20The%20New%20York%20Times&tz=-480&_acct=anon&sn=1&sv=CxUM_GWcn5RBIOFEUJGr7_3uJgM&sd=1&im=06679ff3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.135.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-135-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8659840bbc1d53244181bce2dbc52b32d76c9725150bf4ccb46de198cb16e7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 12 Dec 2023 05:08:39 GMT
server
cloudflare
age
3009
cf-polished
origSize=62706
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AhamXh7aWvK4Wqdx%2B0F8sXJolNQgNIgFu8mGIld%2B1Y6TfYu8RnhXNJiPesqLwGZupbxfCahyz9RpEvUyRPsnypNJk%2BO0vBC%2BfzbdHjfY9NOk2VyUVsYeQ9UzWSYk5KXamintL47"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8343bcd6ef70a883-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
c.js
collector.brandmetrics.com/ 		0
143 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=5897390
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date
Tue, 12 Dec 2023 05:58:48 GMT
content-length
0
content-type
text/javascript;charset=utf-8
dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l...
adservice.google.com/ddm/fls/z/ Frame 0676 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIT24fObiYMDFYXPvQod0o8HAg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6975562100369;auiddc=613469100.1702360728;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5290727.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 24AA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:58:48 GMT
expires
Wed, 11 Dec 2024 05:58:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 24AA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
322962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 07 Dec 2024 12:16:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 24AA 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:58:48 GMT
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YXHznUsZ5htnFUrbvyCPew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YXHznUsZ5htnFUrbvyCPew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 12 Dec 2023 05:58:48 GMT
status
accounts.google.com/gsi/ 		40 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=1005640118348-amh5tgkq641oru4fbhr3psm3gt2tcc94.apps.googleusercontent.com&as=OQUWQYKh0PrnUYOp7%2BNTcQ
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f84.1e100.net
Software
ESF /
Resource Hash
66abecd04a962cce2c8d2eaa5da661baef5274f72eadd1d309612cf50a153c1f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-VQFKLkDVcWTSHYYKn75geA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-VQFKLkDVcWTSHYYKn75geA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 570E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
be93f1db9ecaf03bf179d78cbf7b229c90f223a02ec1f88ba8171ea453b04ecc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2112
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 05:58:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1F7FN4QN0E7WJDRVV97Q
container.html
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A13 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:58:48 GMT
expires
Wed, 11 Dec 2024 05:58:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 7A13 		258 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-58.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8b599735a638777b6112736e792c3a9c45836f24d93056283c9ae7ad030a811

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:36 GMT
x-amz-version-id
f2xoBYz_sGoepCWXsIJoXkkXwdWfTD_m
content-encoding
br
last-modified
Tue, 12 Dec 2023 05:38:50 GMT
server
AmazonS3
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"f8dc8fed5a6b9a56c33e3656ef110330"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
13
x-amz-cf-id
BKv5bbmkefP4wQ76UBWQfDsnb6zuRsrW7FmF8Yqb__qE9ocSoczDDw==
view
securepubads.g.doubleclick.net/pcs/ Frame 24AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmb48vnLnjTlQt-5HXwCvFTIKbejNBFjZpQuWp5cPkyZvhXnO9-sPEkhu08_vZ1ac_e555owZa5KxM8K-HTJowCLPvMaCbfPlblmbJCGsTqgL8B5f3UP2I7SAeHzxs4vP0W0gH_HgrqEnd8TZ3jw6r_Ijdt-7kP0k98rEOc-o9Fs6fpm-KANUqaYU3X6S6QM_UwqtYVXgJ0qrylGJ5ArT1Ve_rWwsUAHK8iMd5aWzlceVJMdPZpZnRZpoDM3bUXOIs1cJBQ2sAVB3PIaihli58dXK11CiDvyNu3o6Fv80KtJ3AcRfappZup60ewLV-CVM_WdWW8NZpgXPN1Jun8otJplrVFg9v6ULOyDtme61ZfvwNMG3hMbf5JoPHNo6rbPXxh6a-ZqSkvfzS_bYob12rbg26VinxMix5PsfX&sai=AMfl-YQ3hoXy0-0yxbWUqwLrI4EucU91Hh3H1jhssDLL2NbjvqRD8gW04dZD9PlB77cVNIkf5f5PO82Kl2at7ItE4FCWupam1ldJioRFoHSPAH_G7E6YbFbYNKFJ0Vrakh39Uzli9CX1oZ5hIxHP45E5zSQ&sig=Cg0ArKJSzDnlfQm1DtYIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pricing_300x250
www.nytimes.com/subscription/ads/MON-595000-Oct2023/ Frame 94EA
Redirect Chain
  • https://nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
  • https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
ad47945e20f5e0c3a0595ae421776734663adb96c2ada74707b672ec46035506
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
3430
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html;charset=UTF-8
date
Tue, 12 Dec 2023 05:58:49 GMT
expires
0
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-595000-Oct2023/pricing_300x250
pragma
no-cache
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding,x-nyt-country, Fastly-SSL
x-api-version
F-X
x-cache
MISS
x-cache-hits
0
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
x-envoy-upstream-service-time
99
x-gdpr
0
x-magnolia-vary
x-nyt-country
x-nyt-app-webview
0
x-nyt-country
US
x-nyt-edge-cache
MISS
x-nyt-route
mwcm-banner-ads
x-origin-time
2023-12-12 05:58:49 UTC
x-served-by
cache-bne12527-BNE
x-timer
S1702360729.880485,VS0,VE287

Redirect headers

accept-ranges
bytes
content-length
0
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
date
Tue, 12 Dec 2023 05:58:48 GMT
location
https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-595000-Oct2023/pricing_300x250
retry-after
0
server
Varnish
strict-transport-security
max-age=63072000; preload
x-api-version
F-0
x-cache
HIT
x-cache-hits
0
x-gdpr
0
x-nyt-app-webview
0
x-nyt-edge-cache
HIT
x-served-by
cache-bne12527-BNE
ttj
ib.3lift.com/ Frame 7A13 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=NYTimes_Desktop_970x250_OB
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-64.syd1.r.cloudfront.net
Software
/
Resource Hash
4eb975b06fa47a59e58618a4b4ed681cf902b2be445ee7fa35124c4a955e49f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:48:33 GMT
content-encoding
gzip
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
624
etag
"cbe4851a848828da63db7d65efb89afd5c70a80d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
content-length
4937
x-amz-cf-id
rQPYo_51Vh8Y44Zgk0uB2I6pP8t-ep4Hg1G_Mqg0uJJg-mtHYtQByQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
14719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A13 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
14719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:29 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7A13 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
322962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 07 Dec 2024 12:16:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7A13 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:58:49 GMT
notify
tlx.3lift.com/s2s/ Frame 7A13 		37 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=ZXf2mAAEmCAAtw1lAAh6NVRUkSzc32dAgvldIg&ts=1702360728&aid=46591657344203373300420&ec=2662_193864_T14629079&n=GucNaHR0cHM6Ly9wbi55YnAueWFob28uY29tL2J3L3RyaXBsZWxpZnQvaW1wL2toWlhwcFNCczFERHhQeGk1MzZHYjNZdUdpWWxKWGhOXzRsbHI3U2hHMkdzUFBtVmJESEVHeUJ4YkdUV0VsUDJRc2dlUDVBcHQzRVJhdktSWUpNNEFGV05wZ05BdmxQSnE0UWYtMVdUTDJLUGFheDFWbzlNeEdBRmUxcEJQQmtkZC1IUkVDcTFVbmxhVGNmQ2lhZ1hELTJVWHFnY0QzaWRCSExOT1BzQUFBOFN1SFlzMzB4RG1WS2dWeEw2RW9uM011MFZzRy1aQXNfSTFacjhuQTNTM2c0SjVKRkJRXzB3eDYzc1l6UEZYX09oSE9KemZScXM0MlRvTFRDMW0zZHJHeGphMTI1WVZDa2ZaR3JXNEg1eXpVOUprZlJkYUFmYmRyczlkakN0cXdGUmtQdFBzY1htc0NMUTZ1dXNiekVKX2ZKR0JWTjBNYVRFekF2cFlFekFZeFJBYXJJc2ZPdW1TRTB1Q1VpTVAtelBTRk00akpsYnlhSGN6UE5abmR6bU4yTFd0TUpvTF9FdlYtU1Rua1hqY2trZ3NvY0hwcWdOZlg3ZjI5SG5qcUotY0dVT1dRNHBhYldlX19Nb1lYZ1JkZkZOcmpQdzFoNTdxaE53VkhDTWFXRWRpay1sT0FCdWU3T2RLU1ZQWmZONElCcW9fSjFSazVBS29KTENUS0dvSDljZTNfSjNPa0hIaTdnN1VBbzlXVVBmMG5uejVZTk83WXBqTDkzU1lxZ2VESUZZRExmMTE1MUU2MjM3X0haRGpfbWdxRTk1a0tWM0gtLVJlSHBrZ1d3UGdleE9td3NxaHloeTEyT1RuVWZpT0EzbVpyaHRJZlYwOUE1ZWJtU3JJMUFDTnZYWC0wcWVVZms3Y1o3ckdhVTcydTNwTVUxYjc2YzdQU05mU3VfSjNVYWhqRVBHUmE3bGNBTzN1bE1iOVRlWGJjamk4Vi1UMzRiYWZDQTBrUS15T3dYRUdSbWpFczlQampMXy1VWUo0RDVEdDFOTHhrUWpaQ3NYTHdfdmZjQ0lBZlNNemNLeTRWZjViSm1PN2hBVlVGM095clotenVnQ1JrLS1SR0Z0cmU0YkFjUnVoRjA1YnRZOEE5Z0Q5NmRNN1Fta1g3RHZYOVBDSkVKbUk1WGJuTmxlcGJScW5BQklvbWtQZjlvWEpyTmFMM3UwTHBXczlBNGtwVVZCU3Ria193WVRvTThsanYtUkxQenlIT3E1bVdmM2dkaHFaakZzY09QbndZOVFURjdfTVFqTXM1b2FzaUhNaGM4M245MXlDUnpIWkx6ajdmdmVZT25LUXdKMW1SYWJKOEd0UFpGNzNIQWVwcG9DaHZqV2dMMWRVMkd6M2o3WGU3dmRfMzYxT1FWQTN2NGl0YklXRDUwM3llT1I4YXVVMXJxV0V5ME9LVW1TMVFkZ0xVWUxxbF9mN1dUc2dBcjdkOWxyMUFHS3F6M3RFUWJDVkh2ZElQN2ZVQm5ncnJHYlMzSU1WeXI1ZEZWY3NSVXdkbzhCMm1pZFIxaFYxX0JWTkpfY2x3MWRjTmlmZGktU3dFYWJrVk1LNjl1azItcTFLZGI3MVJaaGlMb1RHSk94MXg5Q0l0dXp5VmpLQjdMeEM3dmRXMWUyS3BmYy1NSXNzemFUaW45aG5ST1ZhMGZERGNiODNOcFc2Z0doaGFMN0NGSC0zZldSMndRNEExRnRTVHNDaHdrd0NQNldhOEpMRmk5UjZXTkZmSjZDRnVYYXc2ZTVTYUNfSmc1bDB5SzN2TlQ5V0lzY3Eyb0t0cVVpWHI1RzVESDF2V0loWFplUUk5VEF4Z2pKOWpvWTZvZDJsRG81a3k5VklnWngyRnlqSWczWVhMTndTcnhvXy1DSTg4QjJRMVdsWFFaWWNxWUpnUVBTSWpqbFhPTk1WLU9BQ2llQTFLV2RGenN2WXdqWGlRcnpQMUZDQ2xKVVV5R0J2RXVUWEV3OUg5MGVjSnpHa2xRdFpGLU9NWVJGZVk2enlUdDh6NnpmSDQ3bzIwQVhVSFNlalRDNWZSNUkyMndkVFNuZzlVWUJISWNhMlFZbWp0aXFXMU1wbWVkX05Na3RlVVF4U29Ld2d6SFFScTNwUHBRUU14SmJsXzlidWtNeWJ1TjdxLUpoTEZ1UUtaTlRTRUU2aFFZTW9sMUxRUlZfYklhOTlxOXE0Mlk4VDdpV0RFR3JWWkFrVnZHcmF4Z3owMVRic3dnQVI1X3MxTS02akFrSy01ckdlUS9haS80NjU5MTY1NzM0NDIwMzM3MzMwMDQyLTI0L3dwLzAuNTA38gLwAQgAEhc0NjU5MTY1NzM0NDIwMzM3MzMwMDQyMBgAIAEo5hQwyOoLQAFIAFAAYAFoAnDliiKQAdfx%2FAaYAbvM5AagAYi1%2FAaoAbHprQi4ARTAAeMCyAH7A%2FABAPgBxgSAAuMCkQIAAAAAAADwP5kC9ihcj8L12D%2BoAgCwAgHIAgLYAgD4Arc1kAMAmAMAoAMAuAPKCsgDANIDBzU4ODQ5OTbgA%2BXjpTzpA6RwPQrXo8A%2F8APGBPkDAAAAAAAAAACABAmJBPYoXI%2FC9dg%2FwAQY0AQA2gQZNDY1OTE2NTczNDQyMDMzNzMzMDA0MjAgMeAEAPgCBYgDAJIDBDA4ODOYAwCgA4O5FqgDAA%3D%3D
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.251.189.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-189-145.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=1&tid=14629079&peid=0&aid=46591657344203373300420
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
bundle.js
ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/ Frame 7A13 		197 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=NYTimes_Desktop_970x250_OB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-64.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14429c95f709213515e5ca24243b4d1c55127fc8f0873f9c4c1c88b3bf293519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:37:54 GMT
content-encoding
gzip
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
2121654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
63121
last-modified
Fri, 17 Nov 2023 16:37:00 GMT
server
AmazonS3
etag
"f9a3bd01759da2e011ca84f292944b4a"
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
jdA814tYZ5HPRnB5EHoI1xRjokcdwWm2P7IJTB8t77Eqsyaczz_r4w==
truncated
/ Frame 7A13 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b287b3be1e556149bc0b71616947c4bfd006259f8d006ff9f84e91069c29ea20

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
dyn
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=20230221&string1=46591657344203373300420&cb=80526
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
r
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&pr=can%27t%2520access%2520top%2520document&bc=0.507&bmid=2662&biid=6839&sid=193864&tid=14629079&clid=14231099&brid=558437&adid=5884996&crid=126448101&ts=1702360728&bcud=507&ss=5&unid=0&domain=775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.nytimes.com%252F&rr=creative&fid=1&rb=2&g=0&tmplid=251725&cb=60518
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame 7A13
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/959004/67498950/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=nytimes.com&ias_dspID=30&ias_campId=337120&ias_pubId=88&ias_chanId=88&ias_placementId=23...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=nytimes.com
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=nytimes.com
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
44946
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
HQix7ggbkeYki2hQpg9NqIuPQQn4R6p5hdBi6NL7Ih7OFiqTS2sK-w==

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:48 GMT
server
nginx
x-server-name
app10.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=nytimes.com
cache-control
no-cache
content-length
0
B27263222.353840941;dc_pre=CMC_oPSbiYMDFTiIZgIdHtII0g;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=...
ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/ Frame 7A13
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/B27263222.353840941;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/B27263222.353840941;dc_pre=CMC_oPSbiYMDFTiIZgIdHtII0g;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/B27263222.353840941;dc_pre=CMC_oPSbiYMDFTiIZgIdHtII0g;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N6344.3020245OATH.COM/B27263222.353840941;dc_pre=CMC_oPSbiYMDFTiIZgIdHtII0g;dc_trk_aid=544946542;dc_trk_cid=183138335;ord=1306222189919107707;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
img.3lift.com/ Frame 7A13 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.3lift.com/?width=1066&height=600&url=%2F%2Fimages.3lift.com%2F17527985.jpg&logo_exclude=NW,NE,SE,SW&v=15&noCrop=1&color=%23FFFFFF
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-100.syd1.r.cloudfront.net
Software
/
Resource Hash
2b274650f4870b3dff2f5ccca12f60127941f559e5d3f2f4f4ef75326195727f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:00:12 GMT
via
1.1 098fddbcdf00e65b8479d1d17b41d28a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
67334
etag
"c5a41e4c6910fdc1b48ecfe9f4718ee2a6b5e90d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
40940
x-amz-cf-id
H_QCCj3kD107neG7LCrsoTeikuI5Pt7gYwbBWwltKotalrAhVWRG4Q==
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 7A13 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-64.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:44:24 GMT
via
1.1 53c1b15bee05a74bbf23a945358028ec.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
602064
x-amz-cf-pop
SYD1-C1
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
SviUsXUUUrFeEgrkZt5eQN4EXdA9fPAI1DETJYT4bT8M36EO2iUUcQ==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 7A13 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-64.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:50:30 GMT
via
1.1 53c1b15bee05a74bbf23a945358028ec.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
288499
x-amz-cf-pop
SYD1-C1
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
5M7kL5eLJThASk8NhgNQw7-8CIRbJk_EblWRKGrB4yxCehE4s4ET5Q==
ctar
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&cta_render_method=2&cta_render_text=%0ASubscribe%0A&cb=68313
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 570E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453623282889884000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453623282889884000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PT72JVDFXKH03TMNR6KH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:49 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453623282889884000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 05:58:49 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A1BF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c7f696aaebafd68851a0ee960f8121c6d092e13823e032c0d7a95d5fed58b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8343bcdccf7bdfa7-SYD
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 05:58:49 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FHKF6Z13Rk%2FESpPQMTozszfD29Z0nmgnpSgdEkv0pAP1DcoTxAqyTinXaXB2Nj7SixzctCCFIMJ55Pjs2h5fTB26v%2FsUizTo33Ua9RFOMTSe2jdctHOvzHE3gzlPa%2BkeE%2F8NaNog6%2BieA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8343bcdc0eabdfa7-SYD
content-length
0
date
Tue, 12 Dec 2023 05:58:49 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FbkSNS8AFALHi%2B0q%2FGAB%2FZtGQIS%2FIFQe5EqAdw%2B3E1vh0ueHXZ7KNyh9l5Qq4IGZ9r49VKvbMc%2BIF7gmJllcmwv1Knx9rgK9%2F3jm19y1URV%2BZF17HoxxFIdiQ%2BLc06ZFU5SxZJqnl7ZIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5672 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=89086
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 05:58:48 GMT
expires
Wed, 13 Dec 2023 06:43:34 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8A02 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 05:58:48 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame F363
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mTko3UE14RTJ1S0dQeGoyMlljemtFdk9Ib3BMZEZERX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mTko3UE14RTJ1S0dQeGoyMlljemtFdk9Ib3BMZEZERX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 05:58:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
A0AAT1KJXE3TN0WVWDN1

Redirect headers

age
0
content-length
0
date
Tue, 12 Dec 2023 05:58:49 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mTko3UE14RTJ1S0dQeGoyMlljemtFdk9Ib3BMZEZERX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 31F5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
583 B
685 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b924d283218058df1abd66ad1415825084c1393420eb868c9011351341aef33c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
360
content-type
text/html
date
Tue, 12 Dec 2023 05:58:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 05:58:49 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame FEF9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4621841246197247284&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4621841246197247284&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 05:58:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KVZQH7T1K994N43DX27A

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8153c0ed-97dc-484d-92ba-93defafbd56f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 05:58:49 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=4621841246197247284&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 0ACE
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2065822686924262870328
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2065822686924262870328
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 05:58:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3Q0A9DBGCPSCQ9VHWRT8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 05:58:49 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2065822686924262870328
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sce
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2F775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&lvl=2&inv_code=NYTimes_Desktop_970x250_OB&e=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27previousElementSibling%27)
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&pr=can%27t%2520access%2520top%2520document&bc=0.507&bmid=2662&biid=6839&sid=193864&tid=14629079&clid=14231099&brid=558437&adid=5884996&crid=126448101&ts=1702360728&bcud=507&ss=5&unid=0&domain=775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.nytimes.com%252F&rr=creative&fid=1&rb=2&g=0&tmplid=251725&cb=95674
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
native-display
nrb.ybp.yahoo.com/vjs/ Frame 7A13 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrb.ybp.yahoo.com/vjs/native-display?rid=42&sek=4034438753387003283:1702360728409&view_id=tltpvid_2751&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=lddYgrEDVY-eVH0_IK3ZlXawaPkaX9thKY66Z_C3a_z3jwzwY4IVagsrdmAbi7T4NMlE0J4ZBYU-iLQxXZkuoPY2ZUgtDXnUuPsq2nZqX7wQFN08J6xY3hqWdnPDNNVARGbjztgEl8Vss8biaBN9S3ysPT-vIh89hC5o607StLWM667uVjmE_CM29gbpnBYu66we5NRD1HEjVOu8ycjxjit1Ypzk_ARa
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.216.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-216-52.us-west-2.compute.amazonaws.com
Software
ATS /
Resource Hash
882981ea4c95014b94f58710e1cae02855ab3b08f071b9e05e0109486e2f0c61
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=14400
content-length
1217
expires
Tue, 12 Dec 2023 09:58:49 GMT
moatad.js
z.moatads.com/triplelift879988051105/ Frame 7A13 		325 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/triplelift879988051105/moatad.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6254a92d9d7102ec40d8797116e4c6c3823ce55867797d2c3988399a28dec826

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:48 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 10:29:12 GMT
server
AmazonS3
x-amz-request-id
13PGJVPPY5S86DZD
etag
"44a129810e49343317e4a9c66a7fc66e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24185
accept-ranges
bytes
content-length
112617
x-amz-id-2
wTGLGWQgqT7n2VXXEe1WGQQktWt2vTPs6vJsPjdITzY3HSHthmiRj6ALJOXN4sgZNROubql6v+M=
tpvpx
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/tpvpx?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&pid=367747&unid=0&vid=1&sr=10&cb=37916
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dr
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dr?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=15959
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
36.js
ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/ Frame 7A13 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/36.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-64.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f71daeccc94d4eaab0c1d50cbd96a5f0f1a91f2b77ef90eae7bd6cc8530b58a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:14:08 GMT
content-encoding
gzip
via
1.1 53c1b15bee05a74bbf23a945358028ec.cloudfront.net (CloudFront)
age
971081
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1586
last-modified
Fri, 17 Nov 2023 16:37:00 GMT
server
AmazonS3
etag
"42bc6ceb8a46fa7d4851f2a63f4b208e"
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
OEJFp_03HveQJjVXLSnL6JjnBtM2-L-rIAzbkcaDXD8pWK5D3fSgdg==
usync.js
eus.rubiconproject.com/ Frame 8A02 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1d6b0e78469e718009964db0145f165d66f3b8fa19d7166fbc00cf15dfd08d03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 05:58:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 21:06:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54433
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 21:06:01 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5672 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37733635&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1cef8bdf6921c91be970442ab9b800d23cbee6bac43d7e211282c2d55e050d6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 05:58:49 GMT
content-length
1672
content-type
text/html; charset=UTF-8
ev1
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&pr=ZXf2mAAEmCAAtw1lAAh6NVRUkSzc32dAgvldIg&bc=0.507&bmid=2662&biid=6839&sid=193864&tid=14629079&clid=14231099&brid=558437&adid=5884996&crid=126448101&ts=1702360728&bcud=507&ss=5&unid=0&cepos=0&ceid=17527985&cb=37363
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
khaos.json
token.rubiconproject.com/ Frame 8A02 		7 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 24AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxld1BZogUVzJhugPNKl5DxH7tvYUx_wjyDNSze2hhFzIXVjcyrFyL5hB7ypM2dXhdzeZbYANT8BvnRcdi5zyjFB3D0fXNXhHI4M8ODYzs9QJtxgpa1fiDefm8cMu0Iwznngo61BEv-aLdabN2Z_t-DkF127WVwyMMo3ITbn-XDLxm8zNeKZ3azP-LVl6gOXlQrvQig89W7eWf2GX4BAmR1LPsEcM4EJ65U1EF9xycahcIYKkGf7AAJYZAVA0WQbaqlpzpUDD_TR9LQ3P8Hq-EB517u8Zu5E0YTGr8sq05-vZk41u9qoKfXhp0ZRXhRAi9ypBCCQR7FHa7m2aIJyu2K4KnwfUBiDF5sAdGpY4kx0ebVIMyweEiUP9x7-zSp-d4sg&sai=AMfl-YTVTEmo8vOyNypxDe4Ty83U_0LuTmOdTH62ZnBEthnTBGcgZCstixrkkGXy12G93w5dOy5IzmsJf8uPUiv_0s52wfhk8W2ZlaXAbmnh-FcjIds7GE2MZDIrSsU2FeeZAk5PbsJTArcinJhscHf-pHI&sig=Cg0ArKJSzGh3S9JdpOAUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:58:49 GMT
n.js
mb.moatads.com/ Frame 7A13 		0
0
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&m=0&ar=45436f5f584-clean&iw=3c7bb66&q=3&cb=0&ym=0&cu=1702360729079&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=746%3A367747%3A14231099%3A1&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&bo=2662&bd=nytimes.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A87%3A87%3A59%3A37&jm=-1&fs=205170&na=1848353633&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:49 GMT
truncated
/ Frame 24AA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f279001dd3f5b6f6de39022035c2684332cebd98cce0c07d751948a7b5da2f7a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/freeFormContent/css/ Frame 94EA 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/freeFormContent/css/main.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a9f047a48ab0844642f41164918fcd7bfe5e7dc62795258d7948491dcf82dcc7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
via
1.1 varnish
age
398592
x-cache
HIT
x-envoy-upstream-service-time
252
content-length
2141
x-served-by
cache-bne12527-BNE
server
envoy
x-timer
S1702360729.237264,VS0,VE0
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
1455
common.js
mwcm.nyt.com/.resources/mkt-wcm/dist/ Frame 94EA 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b515c0bec9eb7fd64bdaf8c0655c6b1e1ce7c0fa970e5b6a57d22abf7cb5021c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
via
1.1 varnish
age
398591
x-cache
HIT
x-envoy-upstream-service-time
263
content-length
46140
x-served-by
cache-bne12527-BNE
server
envoy
x-timer
S1702360729.237243,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
1740
main.js
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/freeFormContent/js/src/ Frame 94EA 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/freeFormContent/js/src/main.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
dc40b1c014869c9e93e6e8b8230f195c868cac6db35c62c916e5897cd9ff0e75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
via
1.1 varnish
age
398592
x-cache
HIT
x-envoy-upstream-service-time
64
content-length
883
x-served-by
cache-bne12527-BNE
server
envoy
x-timer
S1702360729.281534,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
1454
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ Frame 94EA 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 14:27:01 GMT
date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
28222308
x-guploader-uploadid
ADPycdsU6_tjJiYfs2JHbga4nfjIQD3xIZGm3U8bCqupBZnlxkl2yg0vbxOeZDy-f_f2dcanes4yrr_45-TfR00aGnX9-Q
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-bne12527-BNE
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1702360729.233521,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
Accept-Encoding
x-goog-generation
1673991774978541
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
68864
NYT-white-logo.svg
mwcm.nyt.com/dam/banners/mon_595000/images/ Frame 94EA 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/banners/mon_595000/images/NYT-white-logo.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-595000-Oct2023/pricing_300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b25d98c13422f7b057331d566b7c9eacd4144ad5795bf61a3b66f744afe19157
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
via
1.1 varnish
age
496
x-cache
HIT
x-envoy-upstream-service-time
62
content-length
4880
x-served-by
cache-bne12527-BNE
server
envoy
x-timer
S1702360729.237250,VS0,VE0
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-magnolia-uuid
8232a2a2-ff29-449f-a754-d8a82f910ac1
x-cache-hits
2
ecm3
s.amazon-adsystem.com/ Frame 31F5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=0cbc1c61-f496-878e-9925-34b3747dc2f5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9NSAG5FFXN1EYVKV6AFR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
syncd
x.bidswitch.net/ Frame 31F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=546a601c-e83c-3c74-592b-b6241c4e0915&gdpr=0
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 05:58:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
date
Tue, 12 Dec 2023 05:58:49 GMT
server
Kestrel
content-length
413
sd
jp-u.openx.net/w/1.0/ Frame 31F5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXf2mcCo5tEAAK8f3rgAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXf2mcCo5tEAAK8f3rgAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 12 Dec 2023 05:58:49 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.162","key":"ZXf2mcCo5tEAAK8f3rgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad220"}
X-SO-Key
ZXf2mcCo5tEAAK8f3rgAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad220
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXf2mcCo5tEAAK8f3rgAAAAA
Cache-Control
private
X-SO-HostName
m-ad220.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-IP
66.203.112.162
sd
jp-u.openx.net/w/1.0/ Frame 31F5
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdusAB6s97wHks8AEDxkC2UbfM8AAAGMXJtHZA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdusAB6s97wHks8AEDxkC2UbfM8AAAGMXJtHZA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 e91a1a5479163989c489fc34ab5e2c78.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdusAB6s97wHks8AEDxkC2UbfM8AAAGMXJtHZA
cache-control
no-cache
content-length
0
x-amz-cf-id
4EPZdcwA-zhsSGAzfyWnJSwgUGppiagxGpXP0D_LPFkj8F9pw2TGNw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 31F5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwNWIzZDYtMjE0Yi02MmQwLTRjY2ItZWM5ZGQ2YWNjNzc1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 31F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgRySulTuxfDKJCLC1J9CI&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgRySulTuxfDKJCLC1J9CI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgRySulTuxfDKJCLC1J9CI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A1BF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXf2mbIq.Ryb7qwf6ETiXgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH2mtXZxbbpNPZE-Y-wS32s&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH2mtXZxbbpNPZE-Y-wS32s&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t17%2Bg%2BT3hofvxYHo8X5oWt%2BIqZXIyhf7Cein0Kl9pNFV2Hc%2FAv9jj4Cp0Yc%2BeEVwSRrmB%2FH4NwEUD5rWwKICfDYA6RA3XHUX3J5KRMOeZqP6BI8Y0abzsnpTQo2vshPklYc5getepI87bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343bcdf1aefa86a-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH2mtXZxbbpNPZE-Y-wS32s&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame A1BF
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXf2mbIq.Ryb7qwf6ETiXgAA%264806&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXf2mbIq.Ryb7qwf6ETiXgAA%264806&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b2689b6c096c4c3ba6743e11a03f8742
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b2689b6c-096c-4c3b-a674-3e11a03f8742
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=adb90d67-8c1c-4746-8672-704ee3aafbd7%3A1702360730.7087266&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dadb90d67-8c1c-4746-8672-704ee3a...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1920574149783918962&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dadb90d67-8c1c-4746-86...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=adb90d67-8c1c-4746-8672-704ee3aafbd7%3A1702360730.7087266&_=1702360730.7115643
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdhZGI5MGQ2Ny04YzFjLTQ3NDYtODY3Mi03MDRlZTNhYWZiZDc6MTcwMjM2MDczMC43MDg3MjY2EAAaDQib7d-rBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFG7NKx3-jr4ivSY3v0ZZOY&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFG7NKx3-jr4ivSY3v0ZZOY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFG7NKx3-jr4ivSY3v0ZZOY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A1BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXf2mbIq-Ryb7qwf6ETiXgAAEsYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIC3ghd3VcaibAX3sat4iCI&google_cver=1
43 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIC3ghd3VcaibAX3sat4iCI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKgbEfbLK0x9HDVGusm7cEhGxasVOtzM2H3JAtiW8dDnE1zTbsOyOZrue9upruHGm%2FjByFv%2F%2FwN%2FvZ18SmUd%2Bvpa6uugAr%2BBKPWViXLqkAAqOqK2u6mApD29ZTNYu4mB%2FOL34%2BlD4Fkl4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343bcde9a8ea86a-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIC3ghd3VcaibAX3sat4iCI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A1BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
42 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 11 Dec 2023 22:15:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 05:58:49 GMT
server
Kestrel
content-length
355
tp_out
d.adroll.com/cm/index/ Frame A1BF 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.34.226 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-34-226.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame A1BF
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=856b31f0-627f-497c-b0ed-614972aa7e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=856b31f0-627f-497c-b0ed-614972aa7e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwhERSzBqOTAQJdv4ZNjaJOYGQSFBbHTW32eErmendvOI4GwMx6Ec4vfhWnFqACjhf7LICO9kJnPiRZtfjZesjwMm3hg0JieQLPdTIwVFodknILUJEt9hE84L1mPtuggZz3%2B9GXTa%2BnkKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343bce38eafa86a-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=856b31f0-627f-497c-b0ed-614972aa7e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 12 Dec 2023 05:58:49 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame A1BF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz5nxycTfBOAVdeo%2FxBY134BZgQ4fnwgUCgMRkbbxhA%2FdAzR34g6wUJ8ySBaiHyS%2F2ONzTTKR7gs2AHSpdBHSyk6Kg07hwqUfesIxQvAeS0uzD%2B90N%2FP5GjJS3ldE5NovnnRyWBs07yraA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343bce2ce09a86a-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Date
Tue, 12 Dec 2023 05:58:49 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame A1BF
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INADy3v7Gyb3PUp0qtdEcXkYyUsJP7hoPsaGIxmZ7U53sgkHSWJjmgmB3WtlFOSBz1FSLiLxA%2FNqv40JW%2B4YzY6CugcvTw5e%2F5D%2FzuPKWstveHApNht6s7rnSbYPMyaExNsWmF4xWTOaJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343bce32e6da86a-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 12 Dec 2023 05:58:49 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A1BF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZXf2mbIq-Ryb7qwf6ETiXgAAEsYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9TJ2ZNYN538HYPYHKE5N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fimg.3lift.com%2F%3Fwidth%3D1066%26height%3D600%26url%3D%252F%252Fimages.3lift.com%252F17527985.jpg%26logo_exclude%3DNW%2CNE%2CSE%2CSW%26v%3D15%26noCrop%3D1%26color%3D%2523FFFFFF&i=TRIPLELIFT1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&cu=1702360729079&m=120&ar=45436f5f584-clean&iw=3c7bb66&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A87%3A87%3A59%3A37&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=54&cd=0&ah=54&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=746%3A367747%3A14231099%3A1&bo=2662&bd=nytimes.com&gw=triplelift879988051105&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&ti=0&ih=2&jm=-1&tc=0&fs=205170&na=1629676602&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7A13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2mfgmPZ3ZaCwEuWa3LUPtfShqAnukrWTXL-ihcfkBcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00MTc3ODYyODM2NTU1OTM0yAEJ4AIAqAMByAMCqgStAk_Q4AyXBD-5hunJ1Ld4m-CClnW5Nd4U3FajXFz6i5l-w2mzKpNSSGFg5iNbWAQug0qf7lOJbZxEUsE7GRZMBh_rvS1ccYcCMgExDidvQoXvXfYA0LMCeXQkQ2vUwCsZFyMEo8NBAyuOJaIHFQjPsk0JN2_7cPDahuZIgG6SEt8djlK91iCTx--zOK9nmMvzQZjtexEs3QSwrxpWWd8iIDX3NeToqgRWabYEd80xwsd5hK12xQfLbbZu-iZVCeFzET03WITYOwWvybK3UvsDRj4xAJz-pgjrGe2I10E0k5myN9ysLk0N_LR79gU6-EhvwIfTrzqS0wGqhKABPX0KPtdpSaNs9zUac9a0Cn3gwPOp0EEziwl0_0BZ7U02DTrPsmFgNnQceisoXe0Yy3_gBAGABrf_5OrRsP6RLaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliA4tDzm4mDA4AKA_oLAggBgAwB4g0TCMyW0fObiYMDFWUNtwAdNXoIldAVAYAXAbIXHAoaEhRwdWItNDE3Nzg2MjgzNjU1NTkzNBie5xU&sigh=kErlh7_1Me8&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNhkPWEVY624CFp_54vJhdITWps68e6P_-lvce8rzyo9s2P9hBgEyfm8t4CS0CRoDqzPoW0sMfSafKImIu41U6zq2-dblzTTICew8YAQ&cbvp=2&vis=1
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
g1.nyt.com/fonts/family/karnak/ Frame 94EA 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/karnak/karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 07 May 2024 17:27:42 GMT
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
18793864
x-guploader-uploadid
ADPycdtODZIRz-LvXIlYywL170tfNvBbVWRN_5QjA2QPyVQqN4mXldcqchYnX9w8WXxolRULuuXcPXFu8NWqOWUEwGQYEw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23400
x-served-by
cache-bne12528-BNE
last-modified
Tue, 17 Jan 2023 21:42:57 GMT
server
UploadServer
x-timer
S1702360729.290495,VS0,VE0
etag
"4a0c7e79ac2f009f12f9106482c961c4"
x-goog-generation
1673991777120718
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=a9fAaA==, md5=Sgx+eawvAJ8S+RBkgslhxA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
23400
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
8038
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ Frame 94EA 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:50:34 GMT
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20347675
x-guploader-uploadid
ADPycdut3exAeyJLMLnswh26VG_z-3M2nKY2tEoMO3m5ajEsHicy7BgEytOCEe9i2EV840chuMS_dfmjE9FqWPHkU2Thkg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-bne12528-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702360729.290825,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation
1650460180610251
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
24808
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ Frame 94EA 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:52:03 GMT
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20347598
x-guploader-uploadid
ADPycdsXwgys8aj3ZPmvtiOu0IVs0bwyR9UOKUCwDGJ8cCoGlhRrbTjJjb1VhDZfiwaE6JvaXa9frs9HrbF4CkPhRrU3eA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-bne12528-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702360729.290820,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation
1650460180561781
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
25455
franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ Frame 94EA 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:50:38 GMT
date
Tue, 12 Dec 2023 05:58:49 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20347675
x-guploader-uploadid
ADPycdvy3vW2MEIK2pYaeqEu4pYI8dH48bioj10UGt9GP4pErjyahIEBRdwpNgaC4K2VO8jV2kWxEs4hQ6opEaH4LKzqBg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-bne12528-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702360729.291471,VS0,VE0
etag
"a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation
1650460180541296
x-goog-hash
crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20136
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
20926
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&cu=1702360729079&m=260&ar=45436f5f584-clean&iw=3c7bb66&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=0&ad=74&cn=0&gk=74&gl=0&ik=74&ic=74&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=54&cd=54&ah=54&am=54&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=746%3A367747%3A14231099%3A1&bo=2662&bd=nytimes.com&gw=triplelift879988051105&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=205170&na=531454090&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:49 GMT
ev3
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=46591657344203373300420&sr=10&uid=0&type=mi&ord=1702360729079
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
img
sync.mathtag.com/sync/ Frame 8085 		0
0
ecm3
s.amazon-adsystem.com/ Frame B16B 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0211BF34-854D-473A-B570-C603ECEFBD3A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 05:58:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3K4SZS30FHEGDHZYN2PP
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5672
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AhG_NIVNRzq1cMYD7O-9Og%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=89085
accept-ranges
bytes
content-length
5622
expires
Wed, 13 Dec 2023 06:43:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5672
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0211BF34-854D-473A-B570-C603ECEFBD3A
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0211BF34-854D-473A-B570-C603ECEFBD3A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c414eda0-b2cb-4622-8751-9936dff4dfed%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&ttd_puid=c414eda0-b2cb-4622-8751-9936dff4dfed%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&ttd_puid=c414eda0-b2cb-4622-8751-9936dff4dfed%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d95458fc-23b5-4755-9bf1-2478cf0dd878&ttd_puid=c414eda0-b2cb-4622-8751-9936dff4dfed%2C%2C
date
Tue, 12 Dec 2023 05:58:49 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 5672
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=&ct=y
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
13.250.159.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-159-222.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.1.3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.23.210
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 5672
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0211BF34-854D-473A-B570-C603ECEFBD3A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0211BF34-854D-473A-B570-C603ECEFBD3A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0211BF34-854D-473A-B570-C603ECEFBD3A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:10 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:10 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0211BF34-854D-473A-B570-C603ECEFBD3A&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5672
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDIxMUJGMzQtODU0RC00NzNBLUI1NzAtQzYwM0VDRUZCRDNB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5672
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDTRgexiWA4c0jw9Piu-1fA&google_cver=1
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDTRgexiWA4c0jw9Piu-1fA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDTRgexiWA4c0jw9Piu-1fA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5672
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8751AAD5AAF048AE8AB9A99B16C330E6
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8751AAD5AAF048AE8AB9A99B16C330E6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 12 Dec 2023 05:58:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8751AAD5AAF048AE8AB9A99B16C330E6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 05:58:50 GMT
0211BF34-854D-473A-B570-C603ECEFBD3A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5672 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0211BF34-854D-473A-B570-C603ECEFBD3A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.21.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-21-143.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5672
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 05:58:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 05:58:49 GMT
server
Kestrel
content-length
355
ecm3
s.amazon-adsystem.com/ Frame 8A02
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQ1XMH1S-1A-87YV
  • https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ND44F4SZHV72S6P7A8CN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
inside-native-1.js
s.yimg.com/rq/iv/ Frame 7A13 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/iv/inside-native-1.js
Requested by
Host: nrb.ybp.yahoo.com
URL: https://nrb.ybp.yahoo.com/vjs/native-display?rid=42&sek=4034438753387003283:1702360728409&view_id=tltpvid_2751&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=lddYgrEDVY-eVH0_IK3ZlXawaPkaX9thKY66Z_C3a_z3jwzwY4IVagsrdmAbi7T4NMlE0J4ZBYU-iLQxXZkuoPY2ZUgtDXnUuPsq2nZqX7wQFN08J6xY3hqWdnPDNNVARGbjztgEl8Vss8biaBN9S3ysPT-vIh89hC5o607StLWM667uVjmE_CM29gbpnBYu66we5NRD1HEjVOu8ycjxjit1Ypzk_ARa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
115.178.9.18 Sydney, Australia, ASN17457 (YAHOO-AP Internet Content Provider, AU),
Reverse DNS
e1-ha.ycpi.aue.yahoo.com
Software
ATS /
Resource Hash
ce02e52b5d27a171fb81f4f36e220c942e5e6df100d63182e86aa6568a839b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Tue, 12 Dec 2023 04:17:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
ZKHP3FANG8VA2490
age
6058
x-amz-server-side-encryption
AES256
content-length
13714
x-amz-id-2
TjEiVx6PYnxTOaYkEhLbl0cYlOXr9lsRI/mnsrSQRt1TJnZ3KVt1m4zAjZIxbA34Ru+WIrRpu18=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Dec 2023 15:07:46 GMT
server
ATS
etag
"e1b928284b872333d1685148804d550e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA3NWYyOGM1OThkNTZiN2I4YWQ4NTJhYTNjY2E2ZTkyM2U4NmM3Ng
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA3NWYyOGM1OThkNTZiN2I4YWQ4NTJhYTNjY2E2ZTkyM2U4NmM3Ng
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA3NWYyOGM1OThkNTZiN2I4YWQ4NTJhYTNjY2E2ZTkyM2U4NmM3Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 8A02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1XMH1S-1A-87YV
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1XMH1S-1A-87YV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: DD91D75893EE4E4597F6FD9D2F2F0BE0 Ref B: SYD03EDGE1111 Ref C: 2023-12-12T05:58:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMSb6ij9SRYFQix6MiQQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1XMH1S-1A-87YV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8A02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7s3pQclwq2bzQFfXhHvzdsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.R9kTExE2oLH6kkiYHuz5cl1BZJX4zsHz7GBYg--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.R9kTExE2oLH6kkiYHuz5cl1BZJX4zsHz7GBYg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 05:58:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.R9kTExE2oLH6kkiYHuz5cl1BZJX4zsHz7GBYg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8A02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELx9xOUyCrEC76UQNE7Q2To&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELx9xOUyCrEC76UQNE7Q2To&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELx9xOUyCrEC76UQNE7Q2To&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8A02
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=irYoXveVQuWMiamsVyonGA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=irYoXveVQuWMiamsVyonGA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=irYoXveVQuWMiamsVyonGA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X8V1QC7Y7S8SZNQ10ESS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=irYoXveVQuWMiamsVyonGA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFExWE1IMVMtMUEtODdZVg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENxfqDziuGSvHonHDqYZXOA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWE1IMVMtMUEtODdZVg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWE1IMVMtMUEtODdZVg==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWE1IMVMtMUEtODdZVg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8A02 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TZYMWKND4XQ93GR1NWRQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8A02
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d95458fc-23b5-4755-9bf1-2478cf0dd878&gdpr=0&gdpr_consent=&expires=30
date
Tue, 12 Dec 2023 05:58:49 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 8A02
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ABC1RJ5AMB6RANCY1G18
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ1XMH1S-1A-87YV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8A02
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADtPU7K7-0AABUeVaZMdQ&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADtPU7K7-0AABUeVaZMdQ&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADtPU7K7-0AABUeVaZMdQ&expires=30
Date
Tue, 12 Dec 2023 05:58:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 8A02
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a910bb3c-c9d1-44e0-95c8-f577eaaafa84&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a910bb3c-c9d1-44e0-95c8-f577eaaafa84&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a910bb3c-c9d1-44e0-95c8-f577eaaafa84&expires=30
Date
Tue, 12 Dec 2023 05:58:50 GMT
Connection
keep-alive
X-CI-RTID
1d2a5d70-9325-4d87-a170-d9497a3a4cbf
Content-Length
144
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 8A02
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQ1XMH1S-1A-87YV
  • https://ce.lijit.com/merge?pid=80&3pid=LQ1XMH1S-1A-87YV&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ1XMH1S-1A-87YV&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.175.41.15 Park Ridge, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ1XMH1S-1A-87YV&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 8A02
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ1XMH1S-1A-87YV
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ1XMH1S-1A-87YV
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ1XMH1S-1A-87YV&ckls=true&ci=uyGxgwW4BW&nc=false&trid=1556472975
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ1XMH1S-1A-87YV&ckls=true&ci=uyGxgwW4BW&nc=false&trid=1556472975
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.35.147.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-80.syd1.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:52 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
ct1fRl2DdVLQy-LrAZlxbFwd6rx52sfH2zyGuWI0EHMflSsBL_-S9w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:52 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ1XMH1S-1A-87YV&ckls=true&ci=uyGxgwW4BW&nc=false&trid=1556472975
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
2-TGAQ2lfKfgLjkLnOgkrB6K2rXaPK7wFFnUihPG2PfoF1-burBA0A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 8A02
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1XMH1S-1A-87YV
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1XMH1S-1A-87YV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.77.135.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:51 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1XMH1S-1A-87YV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
cksync
hb.yahoo.net/ Frame 8A02
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ1XMH1S-1A-87YV&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ1XMH1S-1A-87YV&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&ovsid=LQ1XMH1S-1A-87YV&dpid=58160
53 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&ovsid=LQ1XMH1S-1A-87YV&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 05:58:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 05:58:51 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1obF9Hd1MxRTJ1SEtYdHNWNXMwRFl5V1guMkZpdEVvN35B&ovsid=LQ1XMH1S-1A-87YV&dpid=58160
date
Tue, 12 Dec 2023 05:58:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 8A02
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1XMH1S-1A-87YV
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1XMH1S-1A-87YV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
an-x-request-uuid
8a378fd5-bf33-46c3-af4f-170e994b9eb1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1XMH1S-1A-87YV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
ev
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=NYTimes_Desktop_970x250_OB&aid=46591657344203373300420&rev=4889464&pr=ZXf2mAAEmCAAtw1lAAh6NVRUkSzc32dAgvldIg&bc=0.507&bmid=2662&biid=6839&sid=193864&tid=14629079&clid=14231099&brid=558437&adid=5884996&crid=126448101&ts=1702360728&bcud=507&ss=5&unid=0&cepos=0&ceid=17527985&cb=97160
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
moatad.js
z.moatads.com/yahoodisplay873773666324/ Frame 7A13 		335 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/yahoodisplay873773666324/moatad.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/iv/inside-native-1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90220841c2de2ff20328b58233de312c0e343b241f8de73c58074e5292237a1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:42 GMT
server
AmazonS3
x-amz-request-id
ASSXPN7B55WHZDMR
etag
"940b96e6cf85ed7f5472f55ce670900a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=22545
accept-ranges
bytes
content-length
116472
x-amz-id-2
/QX8ATYkZNQpRnY0YbXIRrQhIw8lFbFpXonaTMi83Y0wurVCpzJ6ginGm9pI5Eqa0r3xKwJ7bmLpc80eKvgm6A==
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=YAHOODISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360730124&de=648803709463&m=0&ar=cc84ca2002d-clean&iw=43ff8fd&q=7&cb=0&ym=0&cu=1702360730124&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=Yahoo!%3A337120%3A2365566%3A5884996&zMoatAuctionID=4034438753387003283%3A1702360728409&zMoatAdReqDomain=nytimes.com&zMoatJS=-&zMoatTL=triplelift&zMoatDR=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&bo=88&bd=0&zMoatOrigSlicer1=88&zMoatOrigSlicer2=0&gw=yahoodisplay873773666324&fd=1&it=500&ti=0&ih=2&pe=0%3A87%3A87%3A59%3A37&jk=-1&jm=-1&fs=206701&na=1841358663&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:50 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fimg.3lift.com%2F%3Fwidth%3D1066%26height%3D600%26url%3D%252F%252Fimages.3lift.com%252F17527985.jpg%26logo_exclude%3DNW%2CNE%2CSE%2CSW%26v%3D15%26noCrop%3D1%26color%3D%2523FFFFFF&i=YAHOODISPLAY1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=168&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360730124&de=648803709463&cu=1702360730124&m=37&ar=cc84ca2002d-clean&iw=43ff8fd&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A87%3A87%3A59%3A37&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=Yahoo!%3A337120%3A2365566%3A5884996&bo=88&bd=0&gw=yahoodisplay873773666324&zMoatOrigSlicer1=88&zMoatOrigSlicer2=0&zMoatAuctionID=4034438753387003283%3A1702360728409&zMoatAdReqDomain=nytimes.com&zMoatJS=3%3A-&zMoatTL=triplelift&zMoatDR=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=148163425&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 24AA 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH3yRrPqZNE3me3T-mdmAQUoR786yk68xCfEJAQSKl5LYYoDs2yXiu8UL1hCV2KqLskNFpczeYbZFPPqlzwGRgkngtqS05OPOf3Alm2boKMTOw_gAgIWDoMxHG9RfxR_mSUgac2QlX1gwlw2wQh9IMRXlo&sig=Cg0ArKJSzHAgxmBH8WE1EAE&id=lidar2&mcvt=1000&p=698,1100,948,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2498871328&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702360728389&rpt=674&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame DB91 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=89366
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/48894641ccf6e0e5f35e46d452190e450121773e/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bdc67b3e59b10b06c80c488403b78f80095163656dd4ae2ff626be557e61a331

Request headers

Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 05:58:50 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A13 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJbgVTlHEP-mK_HKXj--K1cZVRtWf7bzkFR9RFmCg2swknUttdnPPR0NkkEI9M0rKV9_HERLpqqlMGt6-fJVDkz8sbQZ6AYjZ2awSi1Nu9ZCqjbm49tdGy&sig=Cg0ArKJSzAev09MwnjCgEAE&id=lidar2&mcvt=1000&p=75,315,325,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2614277642&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702360728822&rpt=444&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=YAHOODISPLAY1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=168&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360730124&de=648803709463&cu=1702360730124&m=206&ar=cc84ca2002d-clean&iw=43ff8fd&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=0&ad=88&cn=0&gk=88&gl=0&ik=88&ic=88&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=8&ah=8&am=8&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=Yahoo!%3A337120%3A2365566%3A5884996&bo=88&bd=0&gw=yahoodisplay873773666324&zMoatOrigSlicer1=88&zMoatOrigSlicer2=0&zMoatAuctionID=4034438753387003283%3A1702360728409&zMoatAdReqDomain=nytimes.com&zMoatJS=3%3A-&zMoatTL=triplelift&zMoatDR=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=1996409616&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:50 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&cu=1702360729079&m=1295&ar=45436f5f584-clean&iw=3c7bb66&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=1&ad=1110&cn=74&gn=1&gk=1110&gl=74&ik=1110&ic=1110&ez=1&co=1110&cp=1036&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1036&cd=54&ah=1036&am=54&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=746%3A367747%3A14231099%3A1&bo=2662&bd=nytimes.com&gw=triplelift879988051105&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=1&tc=0&fs=205170&na=42072604&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:50 GMT
ev3
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=46591657344203373300420&sr=10&uid=0&type=grpm&ord=1702360729079
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ev3
eb2.3lift.com/ Frame 7A13 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=46591657344203373300420&sr=10&uid=0&type=mrc&ord=1702360729079
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
xuid
eb2.3lift.com/ Frame DB91
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=d95458fc-23b5-4755-9bf1-2478cf0dd878&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 05:58:50 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame DB91
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA2NTgyMjY4NjkyNDI2Mjg3MDMyOA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DB91
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIzcUhCGIX_PdpEl72gsY-g&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIzcUhCGIX_PdpEl72gsY-g&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIzcUhCGIX_PdpEl72gsY-g&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB91
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA2NTgyMjY4NjkyNDI2Mjg3MDMyOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA2NTgyMjY4NjkyNDI2Mjg3MDMyOA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA2NTgyMjY4NjkyNDI2Mjg3MDMyOA%3D%3D
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame DB91 		0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2065822686924262870328&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:50 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 384728DD8E524EEFACDA65C3FAFE0D38 Ref B: SYD03EDGE1111 Ref C: 2023-12-12T05:58:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMSb6iVOg0fyNZbjKrIQ==
xuid
eb2.3lift.com/ Frame DB91
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2065822686924262870328?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CpV_tqFE2oQ_W4.0jshH4_1cyoOVDJMl9M5eh87Jjg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CpV_tqFE2oQ_W4.0jshH4_1cyoOVDJMl9M5eh87Jjg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 12 Dec 2023 05:58:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CpV_tqFE2oQ_W4.0jshH4_1cyoOVDJMl9M5eh87Jjg--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame DB91
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2065822686924262870328&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2065822686924262870328&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f01260ca-0c87-4c9c-87b8-375c53954888&ssp=triplelift
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f01260ca-0c87-4c9c-87b8-375c53954888&ssp=triplelift
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 05:58:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f01260ca-0c87-4c9c-87b8-375c53954888&ssp=triplelift
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame DB91 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
178973
expires
Tue, 12 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DB91
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4621841246197247284&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4621841246197247284&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 05:58:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
an-x-request-uuid
9de4e7d2-cbdd-4fef-b255-ca0d66252925
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4621841246197247284&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame DB91 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2065822686924262870328
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=89366
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
an-x-request-uuid
ba3f7db7-0e2d-4b32-aec1-209d041a3229
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&cu=1702360729079&m=1296&ar=45436f5f584-clean&iw=3c7bb66&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=1&ad=1110&cn=1110&gn=1&gk=1110&gl=1110&ik=1110&ic=1110&ez=1&co=1110&cp=1036&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1036&cd=1036&ah=1036&am=1036&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=746%3A367747%3A14231099%3A1&bo=2662&bd=nytimes.com&gw=triplelift879988051105&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=1&tc=0&fs=205170&na=1666177088&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:50 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&cu=1702360729079&m=1297&ar=45436f5f584-clean&iw=3c7bb66&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=1&ad=1110&cn=1110&gn=1&gk=1110&gl=1110&ik=1110&ic=1110&ez=1&co=1110&cp=1036&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1036&cd=1036&ah=1036&am=1036&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=746%3A367747%3A14231099%3A1&bo=2662&bd=nytimes.com&gw=triplelift879988051105&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=1&tc=0&fs=205170&na=1789687101&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:50 GMT
yv
beap-bc.yahoo.com/ Frame 7A13 		43 B
758 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=4034438753387003283:1702360728409&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=lVzi5a-j0PNM8O6aFQsA25pYqCB9RCg7Lvow8yXc9k2fZoYGFyknLG-LJiAu4-hasg482PTUwTATfKUzlJXOj4XcQULYzu0QHEYrodnc5QvB99PC9HQmdsOZ14lFcMp-UDyzOnWyx-E6TNt0I7luXJYjesebLdGIA8U7YXSNJtlsZs9Qls9QRo5s-VLN6QRl-TGZo11vxJr8z3BSTX8mUa4GlWM24MVD&iv=100&v=1&m=2&r=1702360731204&im=1&b=1&ad=jv=1.0.263:vd=0:na=1:ed=1:tpv=moat:tp=2:mt=1
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/iv/inside-native-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
115.178.9.18 Sydney, Australia, ASN17457 (YAHOO-AP Internet Content Provider, AU),
Reverse DNS
e1-ha.ycpi.aue.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:51 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=YAHOODISPLAY1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=168&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360730124&de=648803709463&cu=1702360730124&m=1210&ar=cc84ca2002d-clean&iw=43ff8fd&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=1&ad=1094&cn=88&gn=1&gk=1094&gl=88&ik=1094&ic=1094&ez=1&co=1094&cp=989&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=989&cd=8&ah=989&am=8&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=Yahoo!%3A337120%3A2365566%3A5884996&bo=88&bd=0&gw=yahoodisplay873773666324&zMoatOrigSlicer1=88&zMoatOrigSlicer2=0&zMoatAuctionID=4034438753387003283%3A1702360728409&zMoatAdReqDomain=nytimes.com&zMoatJS=3%3A-&zMoatTL=triplelift&zMoatDR=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=771184859&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:51 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=YAHOODISPLAY1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=168&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360730124&de=648803709463&cu=1702360730124&m=1211&ar=cc84ca2002d-clean&iw=43ff8fd&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=1&ad=1094&cn=1094&gn=1&gk=1094&gl=1094&ik=1094&ic=1094&ez=1&co=1094&cp=989&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=989&cd=989&ah=989&am=989&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=Yahoo!%3A337120%3A2365566%3A5884996&bo=88&bd=0&gw=yahoodisplay873773666324&zMoatOrigSlicer1=88&zMoatOrigSlicer2=0&zMoatAuctionID=4034438753387003283%3A1702360728409&zMoatAdReqDomain=nytimes.com&zMoatJS=3%3A-&zMoatTL=triplelift&zMoatDR=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=755164679&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:51 GMT
pixel.gif
px.moatads.com/ Frame 7A13 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=YAHOODISPLAY1&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=168&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360730124&de=648803709463&cu=1702360730124&m=1212&ar=cc84ca2002d-clean&iw=43ff8fd&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lh=25&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A87%3A87%3A59%3A37&aa=1&ad=1094&cn=1094&gn=1&gk=1094&gl=1094&ik=1094&ic=1094&ez=1&co=1094&cp=989&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=989&cd=989&ah=989&am=989&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=Yahoo!%3A337120%3A2365566%3A5884996&bo=88&bd=0&gw=yahoodisplay873773666324&zMoatOrigSlicer1=88&zMoatOrigSlicer2=0&zMoatAuctionID=4034438753387003283%3A1702360728409&zMoatAdReqDomain=nytimes.com&zMoatJS=3%3A-&zMoatTL=triplelift&zMoatDR=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=687513564&cs=0
Requested by
Host: 775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
URL: https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 05:58:51 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5672 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:56:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 5672 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22977808&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c1cee46755a7833852382dfec1f6b4907d6a9901e00bfecbf9cb7093a9f6474

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 05:58:52 GMT
content-length
1220
content-type
text/html; charset=UTF-8
cksync.php
cs.media.net/
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsi...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=67bfc53562832277&is_secure=true&version=1&networkId=57734&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT%7D&redir=https%3A%2F%2...
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL7ZVhMNybrAMlYVJRAAAAAAA&expiration=1702447133&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
53 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL7ZVhMNybrAMlYVJRAAAAAAA&expiration=1702447133&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
HTTP/1.1
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:53 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 05:58:53 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL7ZVhMNybrAMlYVJRAAAAAAA&expiration=1702447133&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 05:58:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
cs.media.net/ 		52 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:52 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
52
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 05:58:52 GMT
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=a9vkEUFO1RcVNa5
53 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=a9vkEUFO1RcVNa5
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
HTTP/1.1
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:53 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 05:58:53 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:58:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=a9vkEUFO1RcVNa5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=db6d197bd9b745da87a6226a59e613e4&expiration=1704952732
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=db6d197bd9b745da87a6226a59e613e4&expiration=1704952732
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnVQpzZbLkT1sYuszl2O4BOvmNyIWj4CUpjYKpE2evhnrS3jTQ6GYglkvnYF9Z56p8LnpeNk1CI25HHNRPbzSfFnyb2WaVZ46Ky5kGQa5%2FCI3zJYi7UlsQoFTS1KePb18mYKoiFvFy7rKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343bcf23a71a86a-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=db6d197bd9b745da87a6226a59e613e4&expiration=1704952732
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.med...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0ed60a01-6fbf-4d08-92c0-e6a643948a02&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
53 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0ed60a01-6fbf-4d08-92c0-e6a643948a02&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 05:58:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 05:58:52 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0ed60a01-6fbf-4d08-92c0-e6a643948a02&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7754906
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=163427
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7464933464805045332&gdpr=&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
pd
nytimes-d.openx.net/w/1.0/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nytimes-d.openx.net/w/1.0/pd
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2065822686924262870328
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2065822686924262870328
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:58:52 GMT
an-x-request-uuid
106a82ad-614a-4ae5-9730-7300fa05a8b3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2065822686924262870328
date
Tue, 12 Dec 2023 05:58:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
match
c1.adform.net/serving/cookie/ Frame 021B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 12 Dec 2023 05:58:53 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Dec 2023 05:58:53 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0211BF34-854D-473A-B570-C603ECEFBD3A&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8188
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4621841246197247284&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4621841246197247284&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 03:07:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b7cbb25f-6e35-41af-a348-a60e55c2218f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 05:58:52 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4621841246197247284&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.162; 66.203.112.162; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 4918
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=293f4c80-f4eb-372d-981e-e4b18bcbe28d&ssp=pubmatic&bsw_param=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=445&user_id=293f4c80-f4eb-372d-981e-e4b18bcbe28d&ssp=pubmatic&bsw_param=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 05:58:53 GMT
Server
nginx

Redirect headers

Connection
close
Content-Length
356
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 05:58:53 GMT
Location
https://x.bidswitch.net/sync?dsp_id=445&user_id=293f4c80-f4eb-372d-981e-e4b18bcbe28d&ssp=pubmatic&bsw_param=9fbb1b1f-a20e-4514-b667-2e44ddc23f6e
Vary
Accept, Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/ Frame 36AF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ReibJxXrlXRe7sohQe6BIBbpzXVe6pkiQu4wKmZq
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 71ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXf2nAAGURBlYgBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 12 Dec 2023 05:58:52 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12529-BNE
x-timer
S1702360733.737059,VS0,VE234

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 12 Dec 2023 05:58:52 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXf2nAAGURBlYgBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12529-BNE
x-timer
S1702360732.489014,VS0,VE233
ecm3
s.amazon-adsystem.com/ Frame 04A6 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0211BF34-854D-473A-B570-C603ECEFBD3A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 05:58:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DARXJ65PRF7KAS1KNZ2A
458249.gif
idsync.rlcdn.com/ Frame 5672
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0211BF34-854D-473A-B570-C603ECEFBD3A
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8dbbc6e7557a14694c01984d68f4c17ed5d8d66277cd00549f57060f1eaea9e2791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4ZGJiYzZlNzU1N2ExNDY5NGMwMTk4NGQ2OGY0YzE3ZWQ1ZDhkNjYyNzdjZDAwNTQ5ZjU3MDYwZjFlYWVhOWUyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4ZGJiYzZlNzU1N2ExNDY5NGMwMTk4NGQ2OGY0YzE3ZWQ1ZDhkNjYyNzdjZDAwNTQ5ZjU3MDYwZjFlYWVhOWUyNzkxNDI2YjU0MTdkY2UyMRAAGgwInO3fqwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=aa2051c5-d0f2-4fc0-9c59-d2b6706d6f49
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=aa2051c5-d0f2-4fc0-9c59-d2b6706d6f49
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 12 Dec 2023 05:58:53 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=aa2051c5-d0f2-4fc0-9c59-d2b6706d6f49
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
ImgSync
image8.pubmatic.com/AdServer/ Frame 5672
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3574104861733647444&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 5672
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0211BF34-854D-473A-B570-C603ECEFBD3A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TXrZzzNE2uXnS8qd3UofTj6PK3k6I9o-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TXrZzzNE2uXnS8qd3UofTj6PK3k6I9o-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:58:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TXrZzzNE2uXnS8qd3UofTj6PK3k6I9o-~A&gdpr=0
date
Tue, 12 Dec 2023 05:58:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mb.moatads.com
URL
https://mb.moatads.com/n.js?e=35&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&m=0&ar=45436f5f584-clean&iw=3c7bb66&q=2&cb=0&ym=0&cu=1702360729079&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=746%3A367747%3A14231099%3A1&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&bo=2662&bd=nytimes.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A87%3A87%3A59%3A37&jm=-1&fs=205170&na=2108410000&cs=0&ord=1702360729079&jv=1574872559&callback=DOMlessLLDcallback_83855440
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| event object| documentPictureInPicture object| DD_RUM number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 object| grumi object| apstag object| __preloadedData string| sov object| AdSlot object| _aps boolean| apstagLOADED object| apscustom object| regeneratorRuntime function| setImmediate function| clearImmediate function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ boolean| canTrackPerformance object| win object| doc object| selection boolean| NYT_VI_RENDERED boolean| initialDeviceTypeResizeCallback object| google_tag_manager object| google_tag_data object| nytAnalytics string| ddjskey object| ddoptions boolean| dataDomeProcessed object| dataDomeOptions object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal string| slotElement object| pbjsChunk object| pbjs object| mnet boolean| hasStoppedMeasuringMessageSelectionRequest object| offerPresentation object| meter undefined| AIQ_DATA object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript boolean| adBlockDetected object| ns_ object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| brandmetrics function| __spreadArray object| _brandmetrics boolean| hasStoppedMeasuringOfferPresentationRequest object| default_gsi object| _F_toggles object| google object| closure_lm_782313 object| __G_ID_CLIENT__

126 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ2JXt5MUxCgoIkQIQ2JXt5MUxCgoIkgIQjaXt5MUxCgoItAIQ2JXt5MUxCgoI5gEQ2JXt5MUxCgoIhwIQ2JXt5MUxCgoItwIQ2JXt5MUxCgkIOhDYle3kxTEKCgiMAhDYle3kxTEKCQhfENiV7eTFMQoJCB8Q2JXt5MUx
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDbFg
.nytimes.com/ Name: nyt-a
Value: Qocz5pUaRaux_U1UAiXJqg
.nytimes.com/ Name: nyt-gdpr
Value: 0
.nytimes.com/ Name: nyt-purr
Value: cfhhcfhhhckfhdfsh
.nytimes.com/ Name: nyt-b3-traceid
Value: bf6bcc9d26434ef9a7952ca821c1ebda
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1702360727131|Qocz5pUaRaux_U1UAiXJqg|1702360727131
.et.nytimes.com/ Name: et-ppvid
Value: https://www.nytimes.com/reviews/movies=_rH2906T6ZtGSNyTqBPwVkue
.www.nytimes.com/ Name: datadome
Value: ogAKlrrL~RLSWE0gh9We22zTw3AH4GHUqcFpt9e8iQlGViqdKoW7bLhDS63e81DRdQlJ82bP8qJJNSZl8XJnbLSW3T7mEQikBKH_SB~GDAe2tlL40e25LoJneeyA3XyL
.scorecardresearch.com/ Name: UID
Value: 168ecb12fa4d335a683b8c31702360727
a.nytimes.com/ Name: jkidd-p
Value: prevPage=&currPage=
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1702360727624&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
a.nytimes.com/ Name: jkidd-s
Value: referrer=&landing=&start=1702360727624&isNew=1&pageIndex=1
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0<a0<ua<T0
.nytimes.com/ Name: _gcl_au
Value: 1.1.613469100.1702360728
.adsrvr.org/ Name: TDID
Value: d95458fc-23b5-4755-9bf1-2478cf0dd878
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.nytimes.com/ Name: _cb
Value: Cx8ghqB8hdOG26txJ
.nytimes.com/ Name: _chartbeat2
Value: .1702360728125.1702360728125.1.CxUM_GWcn5RBIOFEUJGr7_3uJgM.1
.nytimes.com/ Name: _cb_svref
Value: null
.doubleclick.net/ Name: IDE
Value: AHWqTUkDp3yYljAWU1YRj6C36OgvtLjCChpapxJx-18WGp2QULuo3YuGoimekdMHObs
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.amazon-adsystem.com/ Name: ad-id
Value: AwqL3q9eQ06YtS19fCSZyR4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 2065822686924262870328
.nytimes.com/ Name: __gads
Value: ID=e94e33745ccac292:T=1702360727:RT=1702360727:S=ALNI_MaBE7nVFxbClcgZmoNCzDr5vJ62jQ
.nytimes.com/ Name: __gpi
Value: UID=00000caa7599b51b:T=1702360727:RT=1702360727:S=ALNI_MbUccojdXi_fUAFgvtKH4xi_puAbw
.media.net/ Name: visitor-id
Value: 3453623282889884000V10
.openx.net/ Name: i
Value: 87c65f45-41bb-0383-03fd-7ecc78693ae8|1702360729
.casalemedia.com/ Name: CMID
Value: ZXf2mbIq.Ryb7qwf6ETiXgAA
.casalemedia.com/ Name: CMPS
Value: 4806
.casalemedia.com/ Name: CMPRO
Value: 4806
.adnxs.com/ Name: uuid2
Value: 4621841246197247284
.doubleclick.net/ Name: APC
Value: AfxxVi7YO_Yd7O_1Z31qZaHJCCY1473gvlZIUGBz2ot4SLqjuwTrwA
.openx.net/ Name: pd
Value: v2|1702360729|jElYiuvOhI
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: PCcZ3yPfrjFD-Lj0kH40bxA8ZAtlG3w
.ladsp.com/ Name: lum
Value: COOO7eTFMRIFCAMQ0AU
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0211BF34-854D-473A-B570-C603ECEFBD3A
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyMzYwNzI5fQ
.tapad.com/ Name: TapAd_TS
Value: 1702360729644
.tapad.com/ Name: TapAd_DID
Value: c414eda0-b2cb-4622-8751-9936dff4dfed
.rubiconproject.com/ Name: khaos
Value: LQ1XMH1S-1A-87YV
.yahoo.com/ Name: A3
Value: d=AQABBJn2d2UCENafdjsd7X1nKhG_DVDlpuEFEgEBAQFIeWWBZdww0iMA_eMAAA&S=AQAAAuasS0hnkANHjN0jbgfIkc0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d95458fc-23b5-4755-9bf1-2478cf0dd878&KRTB&22918-d95458fc-23b5-4755-9bf1-2478cf0dd878&KRTB&22926-d95458fc-23b5-4755-9bf1-2478cf0dd878&KRTB&23031-d95458fc-23b5-4755-9bf1-2478cf0dd878
.hb.yahoo.net/ Name: visitor-id
Value: 3453623292889861000V10
.hb.yahoo.net/ Name: data-ttd
Value: d95458fc-23b5-4755-9bf1-2478cf0dd878~~63
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8309
.liadm.com/ Name: lidid
Value: b2689b6c-096c-4c3b-a674-3e11a03f8742
.semasio.net/ Name: SEUNCY
Value: C0983E3DA038CD0D
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCCZ7d-rBjABOgQtwj9GQgRVmA3-.xgN8qTJwpp4KtdgrZlkleBLpIrRCeWpxvfL%2FjkuBDXY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCCZ7d-rBjABOgQtwj9GQgRVmA3-.xgN8qTJwpp4KtdgrZlkleBLpIrRCeWpxvfL%2FjkuBDXY
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.adotmob.com/ Name: uid
Value: 09e8220400922d4846f18426
.adotmob.com/ Name: uuid
Value: 09e8220400922d4846f18426
.adotmob.com/ Name: partners
Value: IX%3A1702360729971
.csync.loopme.me/ Name: viewer_token
Value: 856b31f0-627f-497c-b0ed-614972aa7e8e
.simpli.fi/ Name: suid
Value: 8751AAD5AAF048AE8AB9A99B16C330E6
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDTRgexiWA4c0jw9Piu-1fA&KRTB&23025-CAESEDTRgexiWA4c0jw9Piu-1fA&KRTB&23386-CAESEDTRgexiWA4c0jw9Piu-1fA
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:8751AAD5AAF048AE8AB9A99B16C330E6&KRTB&23486-uid:8751AAD5AAF048AE8AB9A99B16C330E6&KRTB&23489-uid:8751AAD5AAF048AE8AB9A99B16C330E6&KRTB&23539-uid:8751AAD5AAF048AE8AB9A99B16C330E6
.bidr.io/ Name: bito
Value: AADtPU7K7-0AABUeVaZMdQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIjtntjK64vTwQBRIWCgdydWJpY29uEgsI3oKhna64vTwQBRIZCgpyaWdodG1lZGlhEgsI3NCFlK64vTwQBRIYCgliaWRzd2l0Y2gSCwjAu6aXrri9PBAFEhcKCHB1Ym1hdGljEgsIyqiEna64vTwQBRIUCgV0YXBhZBILCODCl52uuL08EAUSFgoHc3Z4OXQ1MBILCLzCpqKuuL08EAUYASABKAIyCwjcuKnPxLi9PBAFOAFaB3N2eDl0NTBgAg..
.bidswitch.net/ Name: tuuid
Value: 9fbb1b1f-a20e-4514-b667-2e44ddc23f6e
.bidswitch.net/ Name: c
Value: 1702360730
.bidswitch.net/ Name: tuuid_lu
Value: 1702360730
.rezync.com/ Name: zync-uuid
Value: adb90d67-8c1c-4746-8672-704ee3aafbd7:1702360730.7087266
.linkedin.com/ Name: li_sugr
Value: 47be462a-8856-44a5-b6ce-387716e9414b
.linkedin.com/ Name: bcookie
Value: "v=2&8f9d262f-6b66-40c4-8865-8d45724fb9f5"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2833:u=1:x=1:i=1702360730:t=1702447130:v=2:sig=AQG1K-bJGCcTLEKRVFif6TiOkwaT5-dM"
.sportradarserving.com/ Name: zuuid
Value: f01260ca-0c87-4c9c-87b8-375c53954888
.sportradarserving.com/ Name: c
Value: 1702360730
.sportradarserving.com/ Name: zuuid_lu
Value: 1702360730
.ipredictive.com/ Name: cu
Value: a910bb3c-c9d1-44e0-95c8-f577eaaafa84|1702360730910
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1702360730
.rubiconproject.com/ Name: audit
Value: 1|tfATa8rKRGguktagTvEy/qbfyKcHST5teI13IFtRwIdrLxq/6nQ6Fd2bidUf2uVIHxM8kMUFMk0wHTRO1/p4iHX0qfg68IpFQAPcN3ARK86UsSo5HD0cVo9HNo6cL3VUsmzMMLRpxSAYiXylz2qWyVZpPCVzb8NHu0sVH/gYN9TREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.lijit.com/ Name: ljt_reader
Value: HzqGSQZHUFtejQjOTS2Wd0rZ
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0MjA1NzE0sTS3MLY0tLA0MxLiM9Qt9HMu9AyPMsgP8fYHAALlMiclAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0MjA1NzE0sTS3MLY0tLA0MxLiM9Qt9HMu9AyPMsgP8fYHAALlMiclAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4FyA4dBuSEgKsXJ3v4vV80EHJddY4vSQDKoQvrdVndl8B6EWoOEmkhrxAyHmECY6AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIuQ2AMBAEwAqIXMehe8yuoRt_FERISKVkSIQzV2IdbdcBSunWJTNDCuhCzXNGrWcbPIzqAWXoSi104E7Ll-axPX_jBZvjbsFaAAAA
.sharethrough.com/ Name: stx_user_id
Value: 5ee64442-04fe-4657-acfe-aa594a3fbccc
.hb.yahoo.net/ Name: data-mag
Value: LQ1XMH1S-1A-87YV~~63
.lijit.com/ Name: _ljtrtb_80
Value: LQ1XMH1S-1A-87YV
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOwiAQANC7zLqY4eMMcJmGwpgQLZpO3dj07nb5knfA_JFtLUPGDnnfvjJBffVLCvkA7b9VnpDBJod3DjYkjj7ZmMjBOYGKan-PubfrlLYkbMQmVltN4EAmEjvDGER8KY-lcbaMzhOyxxtjZEcE5x-7VyXc.ZXf2mw.JY5OaPDzxOZOYHaBdnakMZS-N_Q
.primis.tech/ Name: csuuid
Value: 6577f69bba0bf
.intentiq.com/ Name: intentIQ
Value: uyGxgwW4BW
.intentiq.com/ Name: IQver
Value: 1.9
.rlcdn.com/ Name: rlas3
Value: X5Oy2e5AMn2pvp/w+XmQD0RI2opHMzQP1RUuBxLR+Tg=
.ads.pubmatic.com/ Name: KCCH
Value: YES
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeUNhOHlj
.intentiq.com/ Name: IQPData
Value: 1120628898#1702360732203#0#1702360732203
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1702360732205
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1703548800%3A201_245_226_197%7C1702425600%3A248%7C1702944000%3A164
.criteo.com/ Name: uid
Value: 0ed60a01-6fbf-4d08-92c0-e6a643948a02
.ctnsnet.com/ Name: cid_db6d197bd9b745da87a6226a59e613e4
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41$D>6NRF']wIg2GVLk+Jyy!]tb)8bhzs#DNA_<'.OaUcIsiVEps(SiYtpZ60YxVC@69N`*Bpct^%BA3pMT/ky(+%ZBAIubQP+uo-gbqTdmPB-vl:%0a1L]+Q'x3pGmd@AvW'!x(-]/V7?P
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMDY1ODIyNjg2OTI0MjYyODcwMzI4IiwiZXhwaXJlcyI6IjIwMjQtMDMtMTFUMDU6NTg6NTBaIn0sInJ1Ymljb24iOnsidWlkIjoiTFExWE1IMVMtMUEtODdZViIsImV4cGlyZXMiOiIyMDI0LTAzLTExVDA1OjU4OjUxWiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjIwNjU4MjI2ODY5MjQyNjI4NzAzMjgiLCJleHBpcmVzIjoiMjAyNC0wMy0xMVQwNTo1ODo1MloifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0xMlQwNTo1ODo1MFoifQ==
.media.net/ Name: data-c
Value: 0ed60a01-6fbf-4d08-92c0-e6a643948a02~~1
.media.net/ Name: data-c-ts
Value: 1702360732
.rlcdn.com/ Name: pxrc
Value: CJvt36sGEgUI6AcQABIFCOhHEAESBgi66gEQAA==
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2fk5:19e0~2fk5:18vk~2fk5:18z8~2fk5"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXf2nAAGURBlYgBH
.pubmatic.com/ Name: SyncRTB3
Value: 1703548800%3A71_54_220_21_13_7%7C1702944000%3A2
.pubmatic.com/ Name: ipc
Value: 163427^^2^0
.pubmatic.com/ Name: pi
Value: 163427:3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4621841246197247284&KRTB&23339-4621841246197247284
.pubmatic.com/ Name: PugT
Value: 1702350427
.pubmatic.com/ Name: SPugT
Value: 1702360732
.pippio.com/ Name: did
Value: c0fYImMBccFr7N-W
.pippio.com/ Name: didts
Value: 1702360732
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
www.nytimes.com/ Name: _dd_s
Value: rum=0&expire=1702361626846

4 Console Messages

Source Level URL
Text
security warning URL: https://www.nytimes.com/reviews/movies(Line 207)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
violation error URL: https://z.moatads.com/triplelift879988051105/moatad.js(Line 139)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://z.moatads.com/triplelift879988051105/moatad.js(Line 139)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://mb.moatads.com/n.js?e=35&ol=3262774504&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-71o1T2%2FTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-m0Pg5sLyVy50og%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nytimes.com&lp=https%3A%2F%2Fwww.nytimes.com&t=1702360729079&de=368062694489&m=0&ar=45436f5f584-clean&iw=3c7bb66&q=2&cb=0&ym=0&cu=1702360729079&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=746%3A367747%3A14231099%3A1&zMoatTactic=14629079&zMoatPixelParams=aid%3A46591657344203373300420%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=2662&zMoatOrigSlicer2=558437&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.nytimes.com%2F&id=0&ii=3&bo=2662&bd=nytimes.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A87%3A87%3A59%3A37&jm=-1&fs=205170&na=2108410000&cs=0&ord=1702360729079&jv=1574872559&callback=DOMlessLLDcallback_83855440
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
775a49ffb2dc474e951dd5685b299a4e.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a.sportradarserving.com
a1.nyt.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
als-svc.nytimes.com
beap-bc.yahoo.com
c.amazon-adsystem.com
c1.adform.net
cdn.brandmetrics.com
ce.lijit.com
cm.ctnsnet.com
cm.g.doubleclick.net
collector.brandmetrics.com
config.aps.amazon-adsystem.com
contextual.media.net
cr-p3.ladsp.com
cs.media.net
csync.loopme.me
d.adroll.com
dd.nytimes.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g1.nyt.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
img.3lift.com
insight.adsrvr.org
jp-u.openx.net
live.primis.tech
live.rezync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
medianet-match.dotomi.com
movies.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
nrb.ybp.yahoo.com
nytimes-d.openx.net
nytimes.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pnytimes.chartbeat.net
pr-bh.ybp.yahoo.com
prebid.media.net
purr.nytimes.com
px.ads.linkedin.com
px.moatads.com
rtb.openx.net
rumcdn.geoedge.be
s.amazon-adsystem.com
s.yimg.com
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static01.nyt.com
sync-tm.everesttech.net
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync1.intentiq.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.datadoghq-browser-agent.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
x.bidswitch.net
z.moatads.com
image8.pubmatic.com
mb.moatads.com
sync.mathtag.com
103.43.90.21
107.178.254.65
115.178.9.18
119.9.108.211
13.107.42.14
13.224.181.56
13.250.159.222
13.251.189.145
13.35.147.100
13.35.147.128
13.35.147.31
13.35.147.64
13.35.147.80
13.35.150.126
13.35.151.131
142.250.66.194
142.250.66.232
142.250.76.98
142.251.221.65
142.251.221.66
142.251.221.70
15.197.193.217
151.101.130.49
151.101.65.164
172.217.167.65
172.217.167.98
172.253.118.84
172.64.151.101
172.67.72.66
18.136.5.195
18.141.34.226
18.143.106.89
18.161.180.118
18.235.212.218
18.238.192.29
18.244.214.85
18.67.111.113
18.67.114.43
18.67.93.58
18.67.94.139
182.161.73.146
184.24.241.42
185.84.60.20
192.96.203.13
198.8.71.131
20.50.2.28
207.65.33.76
207.65.33.82
207.65.33.83
211.120.53.202
23.198.59.89
23.206.242.194
23.52.225.82
23.52.255.186
3.208.135.151
34.111.113.62
34.120.63.153
34.98.64.218
34.98.67.3
35.155.216.52
35.186.193.173
35.186.253.211
35.213.12.39
35.213.93.179
35.214.224.182
35.236.220.17
35.244.154.8
35.71.178.8
44.226.14.255
45.137.176.88
50.112.118.45
52.46.143.56
52.64.207.62
52.72.221.118
52.77.135.86
52.95.115.255
54.159.180.193
54.184.86.91
54.250.211.206
54.254.21.143
67.199.150.86
67.199.150.87
69.173.158.64
69.173.158.65
69.175.41.15
8.43.72.97
89.207.22.105
0102b77021ad22f935391cbe950f1b531542f95b054accf1ab91c0822f979866
0132703d78380e865750ae1766b6c0dc52a12744d86ec104c6e62f55e37b3abd
038b0e2fa00e5a0229b1703e199a5a635621d629dea5c116e65cccaf1d28f192
04bac2fb15bfdab670920aa6998b550352ca90422c5e6ba641aaef82421bebb4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
14429c95f709213515e5ca24243b4d1c55127fc8f0873f9c4c1c88b3bf293519
158d50699171dcb95dec23bdfa80fcf01815e489e0855d07c1b1b08ebd36244d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cef8bdf6921c91be970442ab9b800d23cbee6bac43d7e211282c2d55e050d6b
1cf44638fc3bdd07abd9b6f74f2d77ef8f93ab6d40c7aec55a95b9764b30ab14
1d6b0e78469e718009964db0145f165d66f3b8fa19d7166fbc00cf15dfd08d03
1fe37d55e6324e8660e627fdf1cd545c9a84f80963bc07f3a564434043650a09
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
285f2e7f03b0a84bf4100707c1dce09102ff382566438a513774b3a0d5017ab5
2872a6283f92a0e48691020c8f3b4d021f42c03a7e2d4354c6a33ff8da206fe5
2b274650f4870b3dff2f5ccca12f60127941f559e5d3f2f4f4ef75326195727f
2e8d3d94804cb18f10af813e0ffec73594193d4ab6df11ff947c13e4f617a218
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316f7cb53a823b627ed33009d3a21fa806ac7c1183105c146753cd7f22101840
3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72
3aadfe219dcb558e321a797516f4b2a58d1a224ba083f6b54f66ed43db7ba042
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f770f537145bf6ca53f22706f1befe600243936bd5eb48eb4b18456cfca5fb3
3f7f6c5ca73e0ea765589cb559c1ac72908b05004a5805cc9face54eb1d89d6d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4a2ff29e2cc3d9c833beb07f7d14d2051a1b16bcce6294d9dc5cafd74be4f8b5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dce82188087b5a879afaed84f7c41579a9ccd759994d30d908879edc355ca62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb975b06fa47a59e58618a4b4ed681cf902b2be445ee7fa35124c4a955e49f4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c1c58d71465846b68c38303b47228dd7c2b44b9126a3a52008187af6229b5e
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
57c7f696aaebafd68851a0ee960f8121c6d092e13823e032c0d7a95d5fed58b8
59d15884794903474a4399fe2db7fa7e9255ca9aa762c5d84caa3d6253069f4b
5b750ad75528313992ee4ce406d00306b1697afe1ff0a189529d7f7a479f3e08
5c1cee46755a7833852382dfec1f6b4907d6a9901e00bfecbf9cb7093a9f6474
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f4f1e81df489f3f780a530efdb335cbe594d4c6104c174d7a3222900ba0f4b6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
617370911de8d55b9172bed9bbd0a8d91e4bf89fbe7db6cbfce284f01004cef9
6254a92d9d7102ec40d8797116e4c6c3823ce55867797d2c3988399a28dec826
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
66abecd04a962cce2c8d2eaa5da661baef5274f72eadd1d309612cf50a153c1f
6ac43e68ea5836f342a79906bb4a50ad83d6abab8ee89de953a8a6f623f9bdf9
6ce959e2940878e8f7e812ff19fd125ae9902f4ed88519765096f2b3c0e02dea
6d7b5bbbb9dd319bafc96404c80302a96b5e9025e8fe580d3ef00d7a872e5d27
6ddc63a229a8099f2ba20fd1afc235ee0dc6feb4eca5d5b062fa8637bd33a455
6df254c03f837c5b9b44276033af04266c7efc991abd6af3c2cdd4becb653dfa
704e29a496dffcd529bf0518158c396756abf458723af40bb54273c931c8de65
76e946e2c41355e093b26b984ce6558902c2b53f3235c73ce5e45465fc2645a9
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86901290c5d5ec9429e7b83b4ef0e25760ea28442dc2c176f7c51f952af72e03
87bcf4d71e214d38de6aad272a5f585178805e687ed91aca58533530fe0c678c
882981ea4c95014b94f58710e1cae02855ab3b08f071b9e05e0109486e2f0c61
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b53ef3431f4d54b21ac676fd38e0a45425ca800c1e0d453bc8f3c3e966b809f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f71daeccc94d4eaab0c1d50cbd96a5f0f1a91f2b77ef90eae7bd6cc8530b58a
90220841c2de2ff20328b58233de312c0e343b241f8de73c58074e5292237a1d
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
96da56b9234149ef5651f6257fa372471d8637d97e24e3d1d70e24df80598a42
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc49cebbf0c66e7c0d5a31aaa6a616f592e224b659dae7dad8edf51aa5118bc
9d05ae9b253cab83099387db0d3a4ec1c2be203c3738e2dcb74927c1fd6bc626
9d21e416f40dc11bf1b0b52526254a077671871de994c683c6866803acfc7d69
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a17f20bbfa5057cf3aeb81d0c9ee465f8d612a38293fdf6e4a4f97fe3a2bef12
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4e7ef88b1c616dd5844d62352f9650661f423012f86966920eea4a1ff734772
a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914
a8b599735a638777b6112736e792c3a9c45836f24d93056283c9ae7ad030a811
a9f047a48ab0844642f41164918fcd7bfe5e7dc62795258d7948491dcf82dcc7
ab58c90a662cf700705e739676c14e82d7ab3e91ec18689f6f30daf88d8a2194
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
ad47945e20f5e0c3a0595ae421776734663adb96c2ada74707b672ec46035506
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b154fc6abe114f3ca580758bcd03328f51eb9d3564838bc9575cc547a170db56
b25d98c13422f7b057331d566b7c9eacd4144ad5795bf61a3b66f744afe19157
b287b3be1e556149bc0b71616947c4bfd006259f8d006ff9f84e91069c29ea20
b3bdf64ab3c7970c3e968d6bad647be95e6c8d83d52de3996a2d0abe91043854
b515c0bec9eb7fd64bdaf8c0655c6b1e1ce7c0fa970e5b6a57d22abf7cb5021c
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b924d283218058df1abd66ad1415825084c1393420eb868c9011351341aef33c
b934b28a592bc7dd4beb95e8bea1afe3587aaa9c34af1dd8ed65863123a5c0c2
ba791b4e49120a8cc828b1cc4449b261fc89e26e4628a550df28b00b364390dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdc67b3e59b10b06c80c488403b78f80095163656dd4ae2ff626be557e61a331
be93f1db9ecaf03bf179d78cbf7b229c90f223a02ec1f88ba8171ea453b04ecc
bf2a2e1214400d052638e4990e3ff758d9f60e08b8d411a3ffb44346679a637d
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
c1b82e758fd230ef611be3a397612d94ded6b2643d22199733db9a1d05d3a361
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2807993647a01f5c36fa8bd9e4130f8bb18922cff7f20ffad1118fd4172a102
c4bbc583aaed302599700b32c627128eaf272499efdc8458f816b4cb7911e1c2
c4e62eeb8a56dc248acebfdf731452387339671f10e9be381bdaba975589f3fb
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
c721299d015690fbec505e6e644b3a34c6a1adcdf0c5b99bdfe0652ddd5bf911
c97bc6a34b621bdf788b8517c610b84546a94ae5dc63ca12bca410bc56cabaaf
ca4ceb1c4d63087632d480a1221aafee845a5fdb85327593894ffd4a9ef78fec
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
ce02e52b5d27a171fb81f4f36e220c942e5e6df100d63182e86aa6568a839b08
cf270229e004cc9e09e49f17fd5f5de7b0785b9352875f7f9ce4338837b491dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d064e77a5f3651d46b9da043cb313bb0bd2c392cc105f35b5b421a85edd0749d
d4414df88159c10ceef9e7a8e5bdb7883472faf8af5f789594ea8fceaed8d874
d8f15d98f79fbe164f176ab67f494bc053de52751a8cb4253ae5357913913d92
daa4ac0962ba278be8aa5b9e6d94b4b32c7f9d56e9cf69aabbcaf5b874d50bb3
dc1d90421ae9ef59c90961bbe87b3067254e05bc7bed6ae8683e450fe7b06a4a
dc40b1c014869c9e93e6e8b8230f195c868cac6db35c62c916e5897cd9ff0e75
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
ddb0729fe320c064d60f9b73ad9a7f1cf54a4675d4f331fe96c089a103b41b14
dee2c2bf669b3d2a92787b7c72f77d03f842499ddde93fdd471466c27ede1eb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77556be87322bade8e837ccfae45cd8e787d9edef78dc03bf5ae7bac8607819
e8659840bbc1d53244181bce2dbc52b32d76c9725150bf4ccb46de198cb16e7d
eccd98f60887db343dda1d6e742eae7c954c554ade7a3d815bddd734a029d3a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f279001dd3f5b6f6de39022035c2684332cebd98cce0c07d751948a7b5da2f7a
f48d88558cff5d54c034183e64e36562c997faa25f89a2493818dde8d3c2e13b
f8018ac0d5ade5c992dccb83915d04af94d42283dadbe071b57f058c27d126ee
f9db809492baad47bcea3f521fe191a38e635c91f63f016f3d5df24290cc69a3
faadd478b7853926bb307277058648cd4883438a93d65d36f4bdd00ea5928b61
fb35dfc05abcfcf5d9f025b9915df3fdcb9827b88b50bd9c280ab89d48f3376a
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54