Submitted URL: https://nyti.ms/3r79soP
Effective URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Submission: On April 07 via manual from CZ — Scanned from DE

Summary

This website contacted 26 IPs in 2 countries across 15 domains to perform 121 HTTP transactions. The main IP is 151.101.129.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2376.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.13 396982 (GOOGLE-CL...)
38 151.101.129.164 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
6 151.101.1.164 54113 (FASTLY)
14 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 142.250.184.194 15169 (GOOGLE)
1 35.244.188.62 15169 (GOOGLE)
2 18.66.248.36 16509 (AMAZON-02)
1 35.241.35.241 15169 (GOOGLE)
1 35.83.85.90 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.166 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 54.204.237.88 14618 (AMAZON-AES)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
121 26
Apex Domain
Subdomains
Transfer
49 nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 2376
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7522
a.et.nytimes.com — Cisco Umbrella Rank: 4731
als-svc.nytimes.com — Cisco Umbrella Rank: 9843
myaccount.nytimes.com — Cisco Umbrella Rank: 11673
dd.nytimes.com — Cisco Umbrella Rank: 5599
meter-svc.nytimes.com — Cisco Umbrella Rank: 10430
purr.nytimes.com — Cisco Umbrella Rank: 9734
a.nytimes.com — Cisco Umbrella Rank: 5438
mwcm.nytimes.com — Cisco Umbrella Rank: 10782
1 MB
18 google.com
news.google.com — Cisco Umbrella Rank: 4848
adservice.google.com — Cisco Umbrella Rank: 76
play.google.com — Cisco Umbrella Rank: 31
www.google.com — Cisco Umbrella Rank: 7
71 KB
14 googlesyndication.com
71d76029f9dbc2ef8b57c6d814c0479a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
149 KB
14 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 8702
static01.nyt.com — Cisco Umbrella Rank: 5775
a1.nyt.com — Cisco Umbrella Rank: 6211
308 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
ad.doubleclick.net — Cisco Umbrella Rank: 190
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 6341
176 KB
5 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 4897
iteratehq.com — Cisco Umbrella Rank: 4579
275 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
124 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 4928
201 B
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 591
261 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1158
14 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
37 KB
1 google.lu
adservice.google.lu — Cisco Umbrella Rank: 149928
792 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
100 KB
1 nyti.ms
nyti.ms — Cisco Umbrella Rank: 154857
281 B
121 15
Domain Requested by
14 www.nytimes.com www.nytimes.com
13 a.et.nytimes.com www.nytimes.com
12 samizdat-graphql.nytimes.com www.nytimes.com
12 g1.nyt.com www.nytimes.com
g1.nyt.com
8 news.google.com www.nytimes.com
news.google.com
www.gstatic.com
7 play.google.com www.gstatic.com
7 pagead2.googlesyndication.com tpc.googlesyndication.com
www.nytimes.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 securepubads.g.doubleclick.net www.nytimes.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
3 platform.iteratehq.com www.nytimes.com
platform.iteratehq.com
3 www.gstatic.com news.google.com
www.gstatic.com
3 myaccount.nytimes.com www.nytimes.com
myaccount.nytimes.com
2 iteratehq.com platform.iteratehq.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ad.doubleclick.net 1 redirects www.nytimes.com
2 adservice.google.com securepubads.g.doubleclick.net
5290727.fls.doubleclick.net
2 dd.nytimes.com www.nytimes.com
dd.nytimes.com
1 www.google.com tpc.googlesyndication.com
1 pnytimes.chartbeat.net www.nytimes.com
1 insight.adsrvr.org www.nytimes.com
1 a1.nyt.com www.nytimes.com
1 static.chartbeat.com www.nytimes.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 fonts.gstatic.com news.google.com
1 mwcm.nytimes.com www.nytimes.com
1 71d76029f9dbc2ef8b57c6d814c0479a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.lu securepubads.g.doubleclick.net
1 a.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 meter-svc.nytimes.com www.nytimes.com
1 als-svc.nytimes.com www.nytimes.com
1 www.googletagmanager.com www.nytimes.com
1 static01.nyt.com www.nytimes.com
1 nyti.ms 1 redirects
121 35
Subject Issuer Validity Valid
nytimes.com
Thawte RSA CA 2018
2022-03-14 -
2023-04-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
a.et.nytimes.com
GTS CA 1D4
2022-03-20 -
2022-06-18
3 months crt.sh
*.news.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-03 -
2023-04-02
a year crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
purr.nytimes.com
GTS CA 1D4
2022-03-17 -
2022-06-15
3 months crt.sh
a.nytimes.com
R3
2022-02-25 -
2022-05-26
3 months crt.sh
*.google.lu
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-04 -
2022-07-03
a year crt.sh
www.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Frame ID: E640069BEC713FE369FFC33DC4BA0733
Requests: 78 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: BBABF1C08ED1781CB6566B08B1AF7D42
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458144&publicationId=nytimes.com
Frame ID: F52FB4F8412F5FF9715E34DD4DFBD899
Requests: 12 HTTP requests in this frame

Frame: https://71d76029f9dbc2ef8b57c6d814c0479a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 217B2C590AA79D7BBAF91445F65D524A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7mxq1ownsOyXEiLPfiwWkUAT9peBs86FDGQBNbwrvFhgiO9mgj3-5C-dpGXU4Qobqag0Yp8oPs-PQokS59vMEncaAcdQQiSuncL_7XS98px8ZGUkUEzZ2UuhYslNos-rWjxNOzsSJO42I_o4wUQTQAQxcrK0uTl4jd2OD208OAfN5wi5RewNUcTXyGnBeY8kK2M6Gyuw5XFNdVIL4w1wTVbmL2DGsp2BWAUwjcUFKQpc8Xk8xg5cXzx9YTCaGHPNGl96LO2m20jx3YXedWXhPEnw1Yf3Gpwub_T2pduos8dAcPgPsUTQmgEgDNDSNfgedgV9SUTJhUDVkpBhfNfY&sai=AMfl-YQPJnal_EcK4aKuQK2eS_t6e22yT5reWisMCcdKmGdZqIqCshqjbYCI50uuOkaS0PP__oL4g3FDT55paDPtxIq7N0nNO60t7XZmKwPMqX8WHsYOINcnEsf24nuoaUeD&sig=Cg0ArKJSzMNsvVmuHVy2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3A82D4D206C36EA3467A874C1B16439D
Requests: 8 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html
Frame ID: 80352FF7395AEB987CFD6E3E4777B141
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ABF0911B8D31520230B4F02D2395BC37
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5181597541AE89718D23B5C051B35FCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B24EB11FFDADBA6B9F4D35007475E811
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks - The New York Times

Page URL History Show full URLs

  1. https://nyti.ms/3r79soP HTTP 301
    https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

121
Requests

99 %
HTTPS

58 %
IPv6

15
Domains

35
Subdomains

26
IPs

2
Countries

2783 kB
Transfer

8836 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nyti.ms/3r79soP HTTP 301
    https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CIWP-YnKgfcCFSfhuwgdKcoBRg;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 78
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html

121 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request us-russia-malware-cyberattacks.html
www.nytimes.com/2022/04/06/us/politics/
Redirect Chain
  • https://nyti.ms/3r79soP
  • https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
378 KB
85 KB
Document
General
Full URL
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
432b49cad18bf191068c0f3c1cc32d297966e22b72685f0662b4eb86956b43b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
49
cache-control
s-maxage=300,no-cache
content-encoding
gzip
content-length
85315
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Thu, 07 Apr 2022 08:54:44 GMT
fastly-restarts
1
last-modified
Thu, 07 Apr 2022 08:53:52 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
af04cc31dad444e5915cf5755414b0e2
x-cache
HIT, HIT
x-cache-hits
1, 1
x-content-type-options
nosniff
x-datadome
protected
x-datadome-timer
S1649321637.243027,VS0,VE5
x-frame-options
DENY
x-gdpr
1
x-nyt-app-webview
0
x-nyt-data-last-modified
Thu, 07 Apr 2022 08:53:52 GMT
x-nyt-edge-cache
HIT-HIT
x-nyt-route
vi-story
x-origin-time
2022-04-07 08:53:57 UTC
x-pagetype
vi-story
x-scoop-last-modified
2022-04-07T03:58:52.986Z
x-served-by
cache-lga21958-LGA, cache-hhn4052-HHN
x-timer
S1649321685.537091,VS0,VE6
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, max-age=90
content-length
169
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 07 Apr 2022 08:54:44 GMT
location
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=1209600
web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date
Thu, 07 Apr 2022 08:54:44 GMT
content-encoding
gzip
content-type
text/css; charset=utf-8
age
1758905
x-guploader-uploadid
ADPycdunXb0t0GUN7o-3h7DkIK8HJ4TOnVpE9nimgfDxiqckI4owSPm6rCf0Jk4PYYQVILPcO91nVeMd6v9BYzbiJiw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9775
via
1.1 varnish
x-served-by
cache-hhn4052-HHN
accept-ranges
bytes
expires
Sat, 18 Mar 2023 00:19:38 GMT
last-modified
Tue, 06 Apr 2021 21:11:51 GMT
server
UploadServer
x-timer
S1649321685.615699,VS0,VE0
etag
"1b2e52261e85210b126b5076aba9359b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1617743511910294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
9775
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
13666
global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/
6 KB
3 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1416055
x-guploader-uploadid
ADPycduf4mqwBwM188wfnVuN4skEZDJjQWGtYkR9zH-M7fIb1BjdSh28-ue0ce23WusIyHX1Tq310kRXoyIZLr6VceWQeS8AUQ
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-21 23:33:49 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.582034,VS0,VE1
etag
"3571f7d1a0dfa9e747b201e07fd9492b"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type
text/css; charset=utf-8
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
14007
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1978
last-modified
Mon, 21 Mar 2022 22:27:07 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation
1647901627446890
expires
Tue, 21 Mar 2023 23:33:49 GMT
x-gdpr
1
x-goog-stored-content-length
5676
accept-ranges
bytes
adslot-8db91333d85a08f170f7.js
www.nytimes.com/vi-assets/static-assets/
20 KB
8 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-8db91333d85a08f170f7.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f003d6c3dc1bc7c460f369f79c4085ac19fdc84fda7c8f178fdb57968879d373
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1396306
x-guploader-uploadid
ADPycdv0s29Ad_G4yvVWT6vLp21X-BxFZ5rcFd5IFbiqgDvhLXt2M_T3yUU9w1nlbaPitSu6Xn_EjQv3RuM3MsKg1CT2qaBiaA
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-22 05:02:58 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.605298,VS0,VE1
etag
"f85b31f521e02dfdfe42f5531e6de9e5"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-8db91333d85a08f170f7.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
19088
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7365
last-modified
Mon, 21 Mar 2022 22:27:07 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=aBucZw==, md5=+Fsx9SHgLf3+QvVTHm3p5Q==
x-goog-generation
1647901627433661
expires
Wed, 22 Mar 2023 05:02:58 GMT
x-gdpr
1
x-goog-stored-content-length
20855
accept-ranges
bytes
merlin_204742779_ca6a0b7b-3630-426c-9ee7-77628e11521b-jumbo.jpg
static01.nyt.com/images/2022/04/06/us/politics/06dc-russia-hacks-1/
36 KB
36 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/04/06/us/politics/06dc-russia-hacks-1/merlin_204742779_ca6a0b7b-3630-426c-9ee7-77628e11521b-jumbo.jpg?quality=75&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
90148a226daea4db7bbbc68cbd40fbabf5eddee23399e3f985f3ba5625dcb17a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish, 1.1 varnish
age
35420
x-guploader-uploadid
ADPycdvNYZJGPW9ZbrCy2i_7OfQylOdqOjaz7lNGHH5tzbftSjPrPLPAC-g3dfTTzibvLZArsnDiUVL035zYV3MCEpLnaBzxOLlM
x-cache
HIT, HIT
fastly-io-info
ifsz=93609 idim=1024x683 ifmt=jpeg ofsz=36440 odim=1024x683 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
fastly-stats
io=1
content-length
36440
x-served-by
cache-iad-kcgs7200058-IAD, cache-hhn4052-HHN
server
UploadServer
x-timer
S1649321685.656027,VS0,VE0
etag
"t8Rj1x3hZwbXADWBTu2N6obcNAqF72TgiMvWQIndhto"
vary
Accept
x-goog-hash
crc32c=fNrXSA==, md5=v4H8LM+QmSEcI1NsaRZb/w==
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 06 Apr 2022 23:04:24 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 2
vendor-f6dbc528114fb1fda428.js
www.nytimes.com/vi-assets/static-assets/
243 KB
73 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-f6dbc528114fb1fda428.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9fbbf24681bc6e5db446ad19c4165f72ffbe683d1e0a34529dcee4450bca31ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
669250
x-guploader-uploadid
ADPycdt4ikz8ABHAhjXELPHomx9lAhcWNv__tQoY_4ZimMUlPXJXlbHDaYUYEHTXbE8IA5uq5y9D3oNLv533J-nIzj8MYFjAMg
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-30 15:00:34 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.636118,VS0,VE1
etag
"e3f46b7ea3dbd95825c3099df445dad7"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-f6dbc528114fb1fda428.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
20787
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
73704
last-modified
Wed, 30 Mar 2022 14:49:33 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=mJEbPA==, md5=4/RrfqPb2Vglwwmd9EXa1w==
x-goog-generation
1648651773652559
expires
Thu, 30 Mar 2023 15:00:34 GMT
x-gdpr
1
x-goog-stored-content-length
249141
accept-ranges
bytes
story-488b0a029512705bd3d4.js
www.nytimes.com/vi-assets/static-assets/
1 MB
293 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/story-488b0a029512705bd3d4.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c625a2ca433679869ac4e60dac626a4f5d30e03fe13ab19284e213b86b731262
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
64807
x-guploader-uploadid
ADPycdsoHah7AwUl9QPxS0xXTmDuL6IMwMT2wL16BK2R6VUcTl4ksRaFd-aLj_Ktfmeucd0RZrlD7uZngHIPfKorQ_gtzBe10XMu
x-goog-stored-content-encoding
identity
x-origin-time
2022-04-06 14:55:02 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.657741,VS0,VE1
etag
"e815e745203f1e166dd15d0ff5d419e1"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-488b0a029512705bd3d4.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
4252
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
298365
last-modified
Wed, 06 Apr 2022 14:33:41 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=P1cPmA==, md5=6BXnRSA/HhZt0V0P9dQZ4Q==
x-goog-generation
1649255621775249
expires
Thu, 06 Apr 2023 14:54:37 GMT
x-gdpr
1
x-goog-stored-content-length
1127377
accept-ranges
bytes
collections-990b8acbb1ce990547ec.js
www.nytimes.com/vi-assets/static-assets/
1 MB
301 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/collections-990b8acbb1ce990547ec.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54057e8aa02f40784e15b478f359c746d0822c3a1e931c8652ce32f90a4b4ccb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
64797
x-guploader-uploadid
ADPycdvDZ5qcGAx-Sq-Qll_IrfucXRzlgNvJvAFpulHXCsK9XQmzXhryqCHVwn9d5lLFi8pZ6DN7p_bJgCiU8_uCcIornA
x-goog-stored-content-encoding
identity
x-origin-time
2022-04-06 14:54:47 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.658129,VS0,VE1
etag
"a5dee51008b2131d17a8e1754f83e54b"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/collections-990b8acbb1ce990547ec.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
2624
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
307808
last-modified
Wed, 06 Apr 2022 14:33:39 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=hRsZOA==, md5=pd7lEAiyEx0XqOF1T4PlSw==
x-goog-generation
1649255619727758
expires
Thu, 06 Apr 2023 14:54:47 GMT
x-gdpr
1
x-goog-stored-content-length
1193679
accept-ranges
bytes
main-370c415e1f3627df22f9.js
www.nytimes.com/vi-assets/static-assets/
1 MB
352 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
110cb33fca3196b83c7c5a2485f7e27aa511f040ba4c73b74a87381caa56f0c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
64825
x-guploader-uploadid
ADPycdseEVMIMxAFH95TtMbnGz_O-7KGJP48katKeceyF2M2NrkgdstAlqKr3vnv55fCZ3Vk33odtB9mOTVsnHtvm4tpl6AsBuMx
x-goog-stored-content-encoding
identity
x-origin-time
2022-04-06 14:54:47 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.659048,VS0,VE1
etag
"6f8fef2a05138bc6c5aeeaf32679d77f"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-370c415e1f3627df22f9.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
6343
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
359227
last-modified
Wed, 06 Apr 2022 14:33:41 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=7lgF5w==, md5=b4/vKgUTi8bFrurzJnnXfw==
x-goog-generation
1649255620948049
expires
Thu, 06 Apr 2023 14:54:19 GMT
x-gdpr
1
x-goog-stored-content-length
1256971
accept-ranges
bytes
gtm.js
www.googletagmanager.com/
372 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8c01d397b35a02bd15cb3abc32117e74dc9d14f51b4101a5e28229d9a3ed0ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:44 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102124
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
773
content-length
0
date
Thu, 07 Apr 2022 08:54:44 GMT
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
125
x-nyt-audience-target-flat
EU:AM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
AM
x-nyt-region
MV
x-samizdat-query-exe-id
99605754758741e7
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4020-HHN
x-timer
S1649321685.729814,VS0,VE0
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2
samizdat-graphql.nytimes.com/graphql/
149 B
885 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-541eee5 /
Resource Hash
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

x-samizdat-query-sup-code
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 google, 1.1 varnish
x-nyt-meridiem
AM
x-b3-traceid
39f1205cbc0ac1d4-65ea51e77aabb571-1
age
22
x-cache
HIT
samizdat-x-instance
c7df0df7
x-samizdat-query-field-errors
0
x-cache-hits
3
x-samizdat-query-exe-id
72ce223fb00e8061
content-length
149
samizdat-x-canary
false
access-control-allow-origin
https://www.nytimes.com
x-graphiti-gateway
2e0598a3
last-modified
Thu, 07 Apr 2022 08:54:22 GMT
server
samizdat-graphql-541eee5
x-timer
S1649321685.770046,VS0,VE0
x-nyt-continent
EU
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
x-nyt-region
MV
x-nyt-audience-target-flat
EU:AM
cache-control
max-age=30, public
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
39f1205cbc0ac1d4-65ea51e77aabb571-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
swg.js
news.google.com/swg/js/v1/
143 KB
45 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b07c206a26d1e917370dcc2b6289973d12afbc3868644e5985f029c68a5c85e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45382
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 22:03:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Apr 2022 09:09:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
82 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
c2f24a1e91a6742338af7b62f0273167d17fe9255a4fc804bc2e93c1959c9acb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28259
x-xss-protection
0
server
sffe
etag
"1180 / 948 of 1000 / last-modified: 1649320903"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Apr 2022 08:54:44 GMT
als
als-svc.nytimes.com/
2 KB
3 KB
XHR
General
Full URL
https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F8428defe-c56e-5177-8798-ea2fbc3ef715&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.188.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e75be3980cb6606abd0f915ace2c7015157f44db048d94686c9999d5352451ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 google
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
15757948
x-guploader-uploadid
ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19836
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Thu, 06 Oct 2022 23:42:16 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321685.724814,VS0,VE0
etag
"d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984052902
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
19836
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
13096
franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
205082
x-guploader-uploadid
ADPycdtnQg7sddugARTYcm1QIqCkyI4ez760yFytNw2dwUeASGZ5faf2lssNqonCJb854-HwUd4PFgEC0-5rqOn6WcjvdEkcj1LZ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20312
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Tue, 04 Apr 2023 23:56:42 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321685.724864,VS0,VE0
etag
"b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984061911
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20312
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
13215
cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
29 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
12729623
x-guploader-uploadid
ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29076
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Fri, 11 Nov 2022 00:54:21 GMT
last-modified
Wed, 15 Sep 2021 19:43:02 GMT
server
UploadServer
x-timer
S1649321685.724947,VS0,VE0
etag
"a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734982705223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
29076
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
10064
cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
12127508
x-guploader-uploadid
ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Fri, 18 Nov 2022 00:09:37 GMT
last-modified
Wed, 15 Sep 2021 19:43:03 GMT
server
UploadServer
x-timer
S1649321685.725256,VS0,VE0
etag
"108ce298d451197b23fefceb3e36959f"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734983132414
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20136
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
4695
franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/
24 KB
24 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
1758824
x-guploader-uploadid
ADPycdvIPZIYw1NBkpHTTfpG7gkHRGYKe3NHNPoDMZQ-r1e4cxzgfdFSi-IRYEfNNAE7QphfAYgf9Rv9u21FU8tdr0rL-ggwGA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
24184
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Sat, 18 Mar 2023 00:21:00 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321685.725315,VS0,VE0
etag
"fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984069574
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
24184
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
9385
imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
1844208
x-guploader-uploadid
ADPycds33uvi6eLtn4gqz1FvmB4BRvguteE2sYrQdrujtZfbdywcLwNwrBUBCtCHuxeG4XJhf8PIqjJDYwKcv4VRbUk
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26504
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Fri, 17 Mar 2023 00:37:56 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321685.725182,VS0,VE0
etag
"6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984460387
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
26504
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
12734
cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
28 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
1396288
x-guploader-uploadid
ADPycduERShr8_hr_ZagtKR5LQZjU_CocFIncvCjm4JOploTYwnA-3UOJs-icjz5if0OU_8qxjDyIzMsLwkVIdpvl1I
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28620
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Wed, 22 Mar 2023 05:03:16 GMT
last-modified
Wed, 15 Sep 2021 19:43:02 GMT
server
UploadServer
x-timer
S1649321685.725417,VS0,VE0
etag
"f99a0459024509f157a3352e5de4f873"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734982696426
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
28620
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2230
cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/
27 KB
27 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
802997
x-guploader-uploadid
ADPycdu72AN_f1LumBTs-nSTcXMbB0Q8OCxWv29xTEvfpnbNbHsJ77DFzJCsDpGefFCn5amcqc7dVdWC04j9hB8YjyycAK109g
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27260
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Wed, 29 Mar 2023 01:51:27 GMT
last-modified
Wed, 15 Sep 2021 19:43:02 GMT
server
UploadServer
x-timer
S1649321685.755238,VS0,VE0
etag
"7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734982738365
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
27260
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
4256
franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date
Thu, 07 Apr 2022 08:54:44 GMT
via
1.1 varnish
content-type
application/octet-stream
age
1757826
x-guploader-uploadid
ADPycduw_n53qAT8mmy-Mo-L5LqjCsy6JkyHOT3xG7kMrZNreYfm5h5rJpKyKb5DtKASsqLa04epf4I4LA4o1haxBgY
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20172
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Sat, 18 Mar 2023 00:37:38 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321685.725493,VS0,VE0
etag
"bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734983906454
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20172
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
10704
prefetch-assets
myaccount.nytimes.com/auth/ Frame BBAB
393 B
727 B
Document
General
Full URL
https://myaccount.nytimes.com/auth/prefetch-assets
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy / Express
Resource Hash
c0c572d5836a69f0b4d0dc4b6199d9575d2581493f7c99c5d98160a6aafb164c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
242
cache-control
public, max-age=600
content-encoding
gzip
content-length
277
content-type
text/html; charset=utf-8
date
Thu, 07 Apr 2022 08:54:44 GMT
etag
W/"189-axgSYlvFM4VTVDgEty/73bGVKWo"
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-api-version
F-X
x-cache
HIT
x-cache-hits
4
x-cloud-trace-context
7626c3c954417299f08741fb74f6e4c7
x-content-type-options
nosniff
x-datadog-parent-id
2454039750846065183
x-datadog-sampled
1
x-datadog-sampling-priority
1
x-datadog-trace-id
3807632075854573793
x-datadome-timer
(null),VE419
x-envoy-upstream-service-time
2
x-nyt-backend
lire-ui
x-powered-by
Express
x-served-by
cache-hhn4052-HHN
vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-1b7cd222a9b11462d7de.js
www.nytimes.com/vi-assets/static-assets/
44 KB
14 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-1b7cd222a9b11462d7de.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3b4806b7e1d8a1b140b681b779aa16b3ca8b124852511b0b70b024b65d9053e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
669249
x-guploader-uploadid
ADPycds3vax1LI3AS1hwFfQNuMRnDozQl8mBMs7sx_z9V0ccyZgRUs0NCKvFa3r1kyab8zd8uLol8cavWhd5O7FzcWJ2YrHlag
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-30 15:00:35 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.891494,VS0,VE1
etag
"0a2151732c49c637d84de058e57bca91"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-1b7cd222a9b11462d7de.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
19364
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
14130
last-modified
Wed, 30 Mar 2022 14:49:33 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=uSW7iA==, md5=CiFRcyxJxjfYTeBY5XvKkQ==
x-goog-generation
1648651773558480
expires
Thu, 30 Mar 2023 15:00:35 GMT
x-gdpr
1
x-goog-stored-content-length
45454
accept-ranges
bytes
vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-e3f089a627764c56e473.js
www.nytimes.com/vi-assets/static-assets/
67 KB
14 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-e3f089a627764c56e473.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c50eee5fcbe9202084502bc71038eff9ee41a8091f85ebebf473293db8fa7e9c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
564392
x-guploader-uploadid
ADPycdsJPuhZaPorAMcKAaIAbEEasuJDEWrHUXcom-yjhydqImw-28vbtIlOxfqH2R-yX9Y5aE523R5m2PBage9yrWs67t75FQ
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-31 20:08:13 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.891615,VS0,VE1
etag
"e99364427281a2c3c36e28b07dcd1a42"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-e3f089a627764c56e473.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
18452
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
13292
last-modified
Thu, 31 Mar 2022 20:00:03 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=ocy1GA==, md5=6ZNkQnKBosPDbiiwfc0aQg==
x-goog-generation
1648756803293537
expires
Fri, 31 Mar 2023 20:08:12 GMT
x-gdpr
1
x-goog-stored-content-length
68853
accept-ranges
bytes
vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
www.nytimes.com/vi-assets/static-assets/
21 KB
6 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cc49996658507fab7a30a2e9cf53cfb8ddd903d86ad652d776fd5fc08e2938f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
669249
x-guploader-uploadid
ADPycdueicFArCciYYdo9l5KTtWS0uhT0tEagauhOgjOR6ib0EJz8qqRv4oJGOiBUyf6AytbIsriSRFQMKzkXEd46E4y6mGe4w
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-30 15:00:36 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321685.891825,VS0,VE1
etag
"fa5bc2a2165f8c6daab9bef9cff51ef9"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
19188
date
Thu, 07 Apr 2022 08:54:44 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
5019
last-modified
Wed, 30 Mar 2022 14:49:33 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=ZP5p3Q==, md5=+lvCohZfjG2qub75z/Ue+Q==
x-goog-generation
1648651773531988
expires
Thu, 30 Mar 2023 15:00:35 GMT
x-gdpr
1
x-goog-stored-content-length
22000
accept-ranges
bytes
index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame BBAB
2 KB
1 KB
Script
General
Full URL
https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:44 GMT
content-encoding
gzip
x-api-version
F-X
age
226
x-cache
HIT
x-envoy-upstream-service-time
8
content-length
1252
x-served-by
cache-hhn4052-HHN
expires
Thu, 07 Apr 2022 06:18:48 GMT
server
envoy
etag
"Eux5Gg"
content-type
application/javascript
via
1.1 varnish
x-cloud-trace-context
6a70923095cdc8863cfa7982bed5a32a
cache-control
public, max-age=600
x-datadome-timer
(null),VE708
accept-ranges
bytes
x-nyt-backend
lire-ui
x-cache-hits
6
unified-lire.bundle.js
myaccount.nytimes.com/lire_ui/js/ Frame BBAB
410 KB
139 KB
Script
General
Full URL
https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=5190f6b
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e00e4aa270bcdab5c0083257519e64652bc2272bd36d2ebd45c9b83e03a862b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:44 GMT
content-encoding
gzip
x-api-version
F-X
age
158
x-cache
HIT
x-envoy-upstream-service-time
151
content-length
141677
x-served-by
cache-hhn4052-HHN
expires
Fri, 18 Mar 2022 00:49:03 GMT
server
envoy
etag
"Eux5Gg"
content-type
application/javascript
via
1.1 varnish
x-cloud-trace-context
9fab15cad0f3f0a2547cf1a1cfcc3c8d
cache-control
public, max-age=600
x-datadome-timer
(null),VE568
accept-ranges
bytes
x-nyt-backend
lire-ui
x-cache-hits
5
swg-button.css
news.google.com/swg/js/v1/
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Apr 2022 09:07:10 GMT
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Apr 2022 09:04:45 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame F52F
24 KB
8 KB
Document
General
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=458144&publicationId=nytimes.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
557dc7ed70c147186eaa18b28cfa4a5308d5601612cdbeae1cdff33b682a1871
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-HKJ3LjlI9EHz7B+rj9ADbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-HKJ3LjlI9EHz7B+rj9ADbw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-HKJ3LjlI9EHz7B+rj9ADbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-HKJ3LjlI9EHz7B+rj9ADbw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 07 Apr 2022 08:54:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
pubads_impl_2022033101.js
securepubads.g.doubleclick.net/gpt/
366 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127477
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 08:37:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Apr 2023 08:46:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
1 KB
374 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
92fe78449b2ce5358354322dff1de1f518551b8192cbf0ccff2839b058b28df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Apr 2022 08:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:54:45 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

tags.js
dd.nytimes.com/
250 KB
46 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-36.dus51.r.cloudfront.net
Software
Apache /
Resource Hash
a82d33004b9877d9e42fb41dc619bdedcd7724db22f5d74ff47bb832bf46de5b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
etag
"3e6ea-5dbe3860fd043-gzip"
age
2574
x-cache
Hit from cloudfront
content-length
47004
access-control-allow-origin
*
last-modified
Tue, 05 Apr 2022 07:52:16 GMT
server
Apache
date
Thu, 07 Apr 2022 08:11:51 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
NLniiakpkegY8o1y3NBFzbD7n31dUBmFfTDOeGIBJxB2P-sR9mtbqg==
expires
Thu, 07 Apr 2022 09:11:51 GMT
entitlements
news.google.com/swg/_/api/v1/publication/nytimes.com/
2 B
58 B
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
774
content-length
0
date
Thu, 07 Apr 2022 08:54:45 GMT
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
126
x-nyt-audience-target-flat
EU:AM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
AM
x-nyt-region
MV
x-samizdat-query-exe-id
abe45c4f52f88827
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4020-HHN
x-timer
S1649321685.369473,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
774
content-length
0
date
Thu, 07 Apr 2022 08:54:45 GMT
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
127
x-nyt-audience-target-flat
EU:AM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
AM
x-nyt-region
MV
x-samizdat-query-exe-id
bfd2c8d9ebb8ff29
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4020-HHN
x-timer
S1649321685.483470,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
774
content-length
0
date
Thu, 07 Apr 2022 08:54:45 GMT
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
128
x-nyt-audience-target-flat
EU:AM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
AM
x-nyt-region
MV
x-samizdat-query-exe-id
ba49d65e8a3286cb
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4020-HHN
x-timer
S1649321686.517792,VS0,VE1
v2
samizdat-graphql.nytimes.com/graphql/
105 B
823 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-541eee5 /
Resource Hash
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Thu, 07 Apr 2022 08:54:45 GMT
via
1.1 google, 1.1 varnish
x-nyt-meridiem
AM
x-b3-traceid
1d2b2ee416ee1529-79b74605a8bd039d-1
access-control-allow-origin
https://www.nytimes.com
x-cache
MISS
samizdat-x-instance
39444372
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
2152879531d114ea
content-length
105
samizdat-x-canary
false
x-graphiti-gateway
2e0598a3
last-modified
Thu, 07 Apr 2022 08:54:45 GMT
server
samizdat-graphql-541eee5
x-timer
S1649321685.387984,VS0,VE114
x-nyt-continent
EU
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
x-nyt-region
MV
x-nyt-audience-target-flat
EU:AM
cache-control
private, no-store
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
1d2b2ee416ee1529-79b74605a8bd039d-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
meter.js
meter-svc.nytimes.com/
642 B
1 KB
XHR
General
Full URL
https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&pageviewID=2Q_NEKJk05RttSvK6l9PUbB8
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.35.241.35.bc.googleusercontent.com
Software
/
Resource Hash
38293cbf44607c7e7637c1f696ac2001b8f7a299c7376fed5b414a7f3657d253

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:45 GMT
via
1.1 google
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
Set-Cookie
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
alt-svc
clear
content-length
642
v2
samizdat-graphql.nytimes.com/graphql/
63 B
800 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-541eee5 /
Resource Hash
de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Thu, 07 Apr 2022 08:54:45 GMT
via
1.1 google, 1.1 varnish
x-nyt-meridiem
AM
x-b3-traceid
1021c653c7482d90-7041c56ee9846ddf-1
age
0
x-cache
MISS
samizdat-x-instance
d084f1bf
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
7c2cffe564478db0
content-length
63
samizdat-x-canary
false
access-control-allow-origin
https://www.nytimes.com
x-graphiti-gateway
2e0598a3
last-modified
Thu, 07 Apr 2022 08:54:44 GMT
server
samizdat-graphql-541eee5
x-timer
S1649321686.501672,VS0,VE110
x-nyt-continent
EU
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
x-nyt-region
MV
x-nyt-audience-target-flat
EU:AM
cache-control
max-age=30, public
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
1021c653c7482d90-7041c56ee9846ddf-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
v2
samizdat-graphql.nytimes.com/graphql/
42 KB
7 KB
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-541eee5 /
Resource Hash
a43557acb08ad9e554dfc8c173de657208cc25912aec3ac7f66c202b41ec210f

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Thu, 07 Apr 2022 08:54:45 GMT
content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
657a58e1efaf910d-384a39a4548e68b9-1
access-control-allow-origin
https://www.nytimes.com
x-cache
MISS
samizdat-x-instance
33992daa
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
1f57792bc73e9769
samizdat-x-canary
false
x-nyt-continent
EU
x-graphiti-gateway
2e0598a3
last-modified
Thu, 07 Apr 2022 08:54:45 GMT
server
samizdat-graphql-541eee5
x-timer
S1649321686.537445,VS0,VE165
x-nyt-region
MV
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:AM
cache-control
private, no-store
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
657a58e1efaf910d-384a39a4548e68b9-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
comments-97b4d32ccbe0279533bc.js
www.nytimes.com/vi-assets/static-assets/
50 KB
16 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/comments-97b4d32ccbe0279533bc.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
74f4d3189d342c2710ac60bc3d7ac1168a9ee24867045e22a7943573dea01c0c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
635089
x-guploader-uploadid
ADPycdtJ_Yscyck2NWMsbVmtPXPWlCplSGdDPKegrXnL2rMAw9sx6KLxh6qYbpjIhYUQwcdYuGrg3DLFn4KYj6HKn0yzEm7pAQ
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-31 00:29:56 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321686.532389,VS0,VE1
etag
"abca6cde713442e814e286b5de5dd666"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-97b4d32ccbe0279533bc.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
16743
date
Thu, 07 Apr 2022 08:54:45 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
15129
last-modified
Wed, 30 Mar 2022 22:19:29 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=RWXgRA==, md5=q8ps3nE0QugU4oa13l3WZg==
x-goog-generation
1648678769486023
expires
Fri, 31 Mar 2023 00:29:56 GMT
x-gdpr
1
x-goog-stored-content-length
51529
accept-ranges
bytes
purr-cache
purr.nytimes.com/v1/
0
0
Fetch
General
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
a564a2e505711d97e9c3c2608f985987
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Thu, 07 Apr 2022 08:54:46 GMT
data-layer
a.nytimes.com/svc/nyt/
2 KB
2 KB
XHR
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&jkcb=1649321685547
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.83.85.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-85-90.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
851ca05c66b3fe40b648d7a1f3bf4433f5c72a8e4c318a835b878163556ef0e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
expires
Thu, 07 Apr 2022 08:54:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
8587e762f6aa3b7e5c64048683b159b0
cache-control
private
access-control-allow-credentials
true
x-envoy-upstream-service-time
103
access-control-allow-headers
Content-Type, x-requested-by
x-appengine-log-flush-count
0
clientSideCapsule-17b50f2118822a1d7063.js
www.nytimes.com/vi-assets/static-assets/
433 KB
105 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-17b50f2118822a1d7063.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6737b1b2dea1b2a87e735bee92eb3fab5a1cecbce74993ad4899f528ccff102a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
147145
x-guploader-uploadid
ADPycdvmbvctzjC_pgELfSCiUs-msnIPBFfTKXrwiLJH1-hIfAZFY7GhuHJrbizCH6keq38XRKzNYsnJJxjPOyx1qtg9gkBv5ql7
x-goog-stored-content-encoding
identity
x-origin-time
2022-04-05 16:02:21 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321686.572654,VS0,VE1
etag
"7690382c3ea3c870acb7208523c98d10"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-17b50f2118822a1d7063.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
8183
date
Thu, 07 Apr 2022 08:54:45 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
106752
last-modified
Tue, 05 Apr 2022 15:45:11 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=bhp/rA==, md5=dpA4LD6jyHCstyCFI8mNEA==
x-goog-generation
1649173511359862
expires
Wed, 05 Apr 2023 16:02:21 GMT
x-gdpr
1
x-goog-stored-content-length
443709
accept-ranges
bytes
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame F52F
0
25 B
Other
General
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-84XtEf6H6OlIHkuvf4HUCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-84XtEf6H6OlIHkuvf4HUCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=458144&publicationId=nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
date
Thu, 07 Apr 2022 08:54:45 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-84XtEf6H6OlIHkuvf4HUCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-84XtEf6H6OlIHkuvf4HUCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.lu/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.lu/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213404299338060&correlator=1544339486171885&eid=31065842%2C31066023%2C31066963%2C31061828&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=1133286891&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1307&cust_params=als_test_clientside%3Dweb_none_none_high_v3-1-26.442696628623732966_20220407085444%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1649316423040%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26geo%3Drussia%252Cukraine%26des%3Drussianinvasionofukraine2022%252Ccyberattacksandhackers%252Ccyberwarfareanddefense%252Cwarandarmedconflicts%252Cunitedstatesinternationalrelat%26auth%3Dkateconger%252Cdavidesanger%26coll%3Drussiaukrainewar%252Cworldnews%252Ceurope%252Cusnews%252Cuspolitics%252Ctechnology%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008282002%26pt%3Dnt12%252Cnt14%252Cnt21%252Cnt3%252Cnt6%252Cnt8%252Cpt13%252Cpt19%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_ms_safe%252Cneg_chanel%252Cneg_mtb%252Cneg_orep%252Cneg_bp%252Cneg_mastercard%252Cneg_ubs%252Cneg_hearts%252Cneg_google%252Cneg_debeer%252Cneg_am%252Cneg_samsung%252Cneg_bofa%252Cneg_cathay%252Cgs_tech%252Cgv_military%252Cgs_tech_computing%252Cgv_crime%252Cgs_politics%252Cgs_politics_misc%252Cgv_death_injury%252Cgs_law%252Cgs_t%26is_viral%3Dhigh%26tt%3D73%252C94%26mt%3DMT10%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_disp_incr_0_control%252Cdfp_amzn_2_adslot_priority%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3D2Q_NEKJk05RttSvK6l9PUbB8%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dwdp9a9-KkVc4ExptZMeW3e%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1649321685890&lmt=1649321632&dlt=1649321684558&idt=1290&biw=1600&bih=1200&adxs=0&adys=132&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=595789736.1649321686&ga_sid=1649321686&ga_hid=1806319663&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
83b24801e70ea78b63e351193e228ead44fd2905824c479540d1bf293feb0ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10426
x-xss-protection
0
google-lineitem-id
5901499407
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138384157551
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
417 B
245 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213404299338060&correlator=1544339486171885&eid=31065842%2C31066023%2C31066963%2C31061828&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=2&adks=1723209830&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1309&cust_params=als_test_clientside%3Dweb_none_none_high_v3-1-26.442696628623732966_20220407085444%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1649316423040%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26geo%3Drussia%252Cukraine%26des%3Drussianinvasionofukraine2022%252Ccyberattacksandhackers%252Ccyberwarfareanddefense%252Cwarandarmedconflicts%252Cunitedstatesinternationalrelat%26auth%3Dkateconger%252Cdavidesanger%26coll%3Drussiaukrainewar%252Cworldnews%252Ceurope%252Cusnews%252Cuspolitics%252Ctechnology%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008282002%26pt%3Dnt12%252Cnt14%252Cnt21%252Cnt3%252Cnt6%252Cnt8%252Cpt13%252Cpt19%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_ms_safe%252Cneg_chanel%252Cneg_mtb%252Cneg_orep%252Cneg_bp%252Cneg_mastercard%252Cneg_ubs%252Cneg_hearts%252Cneg_google%252Cneg_debeer%252Cneg_am%252Cneg_samsung%252Cneg_bofa%252Cneg_cathay%252Cgs_tech%252Cgv_military%252Cgs_tech_computing%252Cgv_crime%252Cgs_politics%252Cgs_politics_misc%252Cgv_death_injury%252Cgs_law%252Cgs_t%26is_viral%3Dhigh%26tt%3D73%252C94%26mt%3DMT10%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_disp_incr_0_control%252Cdfp_amzn_2_adslot_priority%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3D2Q_NEKJk05RttSvK6l9PUbB8%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dwdp9a9-KkVc4ExptZMeW3e%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1649321685896&lmt=1649321632&dlt=1649321684558&idt=1290&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=595789736.1649321686&ga_sid=1649321686&ga_hid=1806319663&ga_fc=false&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a26950fed8c00b10b885a025d6258a93cbd63a89d783a946ecd48f2be9ce5e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
71d76029f9dbc2ef8b57c6d814c0479a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 217B
6 KB
4 KB
Document
General
Full URL
https://71d76029f9dbc2ef8b57c6d814c0479a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Apr 2022 08:54:46 GMT
expires
Fri, 07 Apr 2023 08:54:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

/
mwcm.nytimes.com/capi/metered_assets/
65 KB
16 KB
Fetch
General
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator&areas=gateway
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
254c4b14048e59e704732cae42f255dc190db3b38c68eb130cc232cfa41fafc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
access-control-allow-origin
https://www.nytimes.com
x-cache
MISS
x-served-by
cache-hhn4052-HHN
server
Google Frontend
x-cmots-campaign-names
{"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer
S1649321686.362492,VS0,VE429
vary
x-nyt-user-status, x-nyt-country, x-nyt-cmots-purr-ad-conf, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 varnish
x-cloud-trace-context
beb4a07d370a8b7d27c3d7c8927de781
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-muassets
accept-ranges
bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date
Thu, 07 Apr 2022 08:54:46 GMT
via
1.1 varnish
content-type
application/octet-stream
age
206050
x-guploader-uploadid
ADPycdtBIMqqn16ZBQJH4m_lLKy7roAkoUcKWTwlHJdsy0ewOfFKR_3KR_D6TNavNTekhqhHp-lI_KpdwWFBJ_yhZ8a10QGSRQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20212
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Tue, 04 Apr 2023 23:40:35 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321686.151330,VS0,VE0
etag
"abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984010934
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20212
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
10856
/
dd.nytimes.com/js/
231 B
564 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-36.dus51.r.cloudfront.net
Software
DataDome /
Resource Hash
264ffc500d1bfdc5f5e837ca9e04b788ac623e561cba33d60cb60da92e3057b2

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:46 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server
DataDome
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
231
x-amz-cf-id
WsjV9E3UoPVDnSfrdvme7ex8RbqY9K_0aXueHYUfuBgEkBC9-ncP0w==
expires
0
swg-button.css
news.google.com/swg/js/v1/ Frame F52F
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458144&publicationId=nytimes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Apr 2022 09:07:10 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame F52F
161 KB
57 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458144&publicationId=nytimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35a5adaa7c1d881c1bd480a04b08d1dfa97aab497cde308e4f331181a6553fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57696
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 00:54:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Apr 2023 19:06:40 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
775
content-length
0
date
Thu, 07 Apr 2022 08:54:46 GMT
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
129
x-nyt-audience-target-flat
EU:AM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
AM
x-nyt-region
MV
x-samizdat-query-exe-id
919481e82bbd173d
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4020-HHN
x-timer
S1649321686.270991,VS0,VE1
v2
samizdat-graphql.nytimes.com/graphql/
737 B
1 KB
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-370c415e1f3627df22f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-541eee5 /
Resource Hash
311c7403eaf514732e89588dbc99df9aa545dd6500f4f9472aa30a721f0fe7fc

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Thu, 07 Apr 2022 08:54:46 GMT
via
1.1 google, 1.1 varnish
x-nyt-meridiem
AM
x-b3-traceid
34328edb914a392b-71ba4fbb3a064598-1
age
779
x-cache
HIT
samizdat-x-instance
39444372
x-samizdat-query-field-errors
0
x-cache-hits
13
x-samizdat-query-exe-id
28f0bc553c335e96
content-length
737
samizdat-x-canary
false
access-control-allow-origin
https://www.nytimes.com
x-graphiti-gateway
2e0598a3
last-modified
Fri, 25 Feb 2022 15:46:43 GMT
server
samizdat-graphql-541eee5
x-timer
S1649321686.332472,VS0,VE1
x-nyt-continent
EU
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, Origin
content-type
application/json; charset=utf-8
x-nyt-region
MV
x-nyt-audience-target-flat
EU:AM
cache-control
max-age=30, public
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
34328edb914a392b-71ba4fbb3a064598-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F52F
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458144&publicationId=nytimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
164201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 11:18:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3A82
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7mxq1ownsOyXEiLPfiwWkUAT9peBs86FDGQBNbwrvFhgiO9mgj3-5C-dpGXU4Qobqag0Yp8oPs-PQokS59vMEncaAcdQQiSuncL_7XS98px8ZGUkUEzZ2UuhYslNos-rWjxNOzsSJO42I_o4wUQTQAQxcrK0uTl4jd2OD208OAfN5wi5RewNUcTXyGnBeY8kK2M6Gyuw5XFNdVIL4w1wTVbmL2DGsp2BWAUwjcUFKQpc8Xk8xg5cXzx9YTCaGHPNGl96LO2m20jx3YXedWXhPEnw1Yf3Gpwub_T2pduos8dAcPgPsUTQmgEgDNDSNfgedgV9SUTJhUDVkpBhfNfY&sai=AMfl-YQPJnal_EcK4aKuQK2eS_t6e22yT5reWisMCcdKmGdZqIqCshqjbYCI50uuOkaS0PP__oL4g3FDT55paDPtxIq7N0nNO60t7XZmKwPMqX8WHsYOINcnEsf24nuoaUeD&sig=Cg0ArKJSzMNsvVmuHVy2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Apr 2022 08:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 07 Apr 2022 08:54:46 GMT
B27144004.327228120;dc_pre=CIWP-YnKgfcCFSfhuwgdKcoBRg;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame 3A82
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CIWP-YnKgfcCFSfhuwgdKcoBRg;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rd...
14 KB
10 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CIWP-YnKgfcCFSfhuwgdKcoBRg;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
5cbc1d3ee83c80f4fac75004fa28b9c0dffc7569379f5d49b93d4bd27b8e4d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10660
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CIWP-YnKgfcCFSfhuwgdKcoBRg;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A82
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Apr 2022 08:54:46 GMT
1930789213581013484
tpc.googlesyndication.com/simgad/ Frame 3A82
73 KB
74 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1930789213581013484?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6031c5d0ea02c8d8e39781fe0659f55a3414203fa9bbc671e4349d5607f5684d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 01:33:18 GMT
x-content-type-options
nosniff
age
112888
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74847
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 17:37:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Apr 2023 01:33:18 GMT
vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js
www.nytimes.com/vi-assets/static-assets/
69 KB
17 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
94ff2a55bf15b3b90f9ea670a0a213bf98c96163d7ebb4e11bc8966ef6c3b0d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
832459
x-guploader-uploadid
ADPycdsCizVbPkFSQkVOtmULPv9CXzRdeO8PON7lUEcNPNvHg_G-2q7_xDb-qRtiBF6a26h4VrII3eGLAS_bCugbP-w
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-28 17:40:27 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321686.405940,VS0,VE1
etag
"5124a016abd0cddbed3293e50460ad7c"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
9353
date
Thu, 07 Apr 2022 08:54:46 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
16641
last-modified
Mon, 28 Mar 2022 17:10:56 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=ZZxCpg==, md5=USSgFqvQzdvtMpPlBGCtfA==
x-goog-generation
1648487455999038
expires
Tue, 28 Mar 2023 17:40:27 GMT
x-gdpr
1
x-goog-stored-content-length
70277
accept-ranges
bytes
emailsignup-84ff77b1eb6d6d1b3e30.js
www.nytimes.com/vi-assets/static-assets/
1018 B
1021 B
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/emailsignup-84ff77b1eb6d6d1b3e30.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
02e536435234ddbacf0aa75050b286e42dfcefb62837b4336c259ae4c490815b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1350389
x-guploader-uploadid
ADPycdt5nsGEvYBBF_BpflC8EfVj9Ng-zX83UHO9wr0wi0bfFDztOHcLUVYTIxK5R8AFDiQEqHfhfrwknTb-u8HYCio9IN_alw
x-goog-stored-content-encoding
identity
x-origin-time
2022-03-22 17:48:17 UTC
x-served-by
cache-hhn4052-HHN
x-timer
S1649321686.406053,VS0,VE1
etag
"06c7b5c94e5c6ecb5d7fe70ff4430c1a"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/emailsignup-84ff77b1eb6d6d1b3e30.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
8596
date
Thu, 07 Apr 2022 08:54:46 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
569
last-modified
Thu, 17 Mar 2022 22:19:39 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=mUyoDw==, md5=Bse1yU5cbstdf+cP9EMMGg==
x-goog-generation
1647555579722011
expires
Wed, 22 Mar 2023 17:48:17 GMT
x-gdpr
1
x-goog-stored-content-length
1018
accept-ranges
bytes
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
0
content-length
0
date
Thu, 07 Apr 2022 08:54:46 GMT
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
MISS
x-cache-hits
0
x-nyt-audience-target-flat
EU:AM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
AM
x-nyt-region
MV
x-samizdat-query-exe-id
898ed6a0378f0e0a
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4020-HHN
x-timer
S1649321686.459900,VS0,VE100
v2
samizdat-graphql.nytimes.com/graphql/
147 B
855 B
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-541eee5 /
Resource Hash
f468c98e35724fa3b7fa006bea51de1bd3e0917efd14aafdfad0420631b76221

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type
project-vi
Content-Type
text/plain;charset=UTF-8

Response headers

x-samizdat-query-sup-code
date
Thu, 07 Apr 2022 08:54:46 GMT
via
1.1 google, 1.1 varnish
x-nyt-meridiem
AM
x-b3-traceid
3fb07b02fa87b32d-65b98d4865acca44-1
age
0
x-cache
MISS
samizdat-x-instance
c89a6a99
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
9b3bae3b09d9d67b
content-length
147
samizdat-x-canary
false
access-control-allow-origin
https://www.nytimes.com
x-graphiti-gateway
2e0598a3
last-modified
Thu, 07 Apr 2022 08:54:45 GMT
server
samizdat-graphql-541eee5
x-timer
S1649321687.581474,VS0,VE120
x-nyt-continent
EU
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
x-nyt-region
MV
x-nyt-audience-target-flat
EU:AM
cache-control
max-age=30, public
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
3fb07b02fa87b32d-65b98d4865acca44-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4796
date
Thu, 07 Apr 2022 07:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 07 Apr 2022 09:34:50 GMT
activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus...
5290727.fls.doubleclick.net/ Frame 8035
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2F...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fw...
570 B
401 B
Document
General
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
7a94996e57b80904e96253513c6149981fe999e05e3e3d0b8271111398a077cc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
378
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Apr 2022 08:54:46 GMT
expires
Thu, 07 Apr 2022 08:54:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Apr 2022 08:54:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:ce00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:24:49 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 04:15:35 GMT
server
nginx
age
1797
etag
W/"62297b67-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
6oqTVsi5aYnWrrGMXUx4mmgJ0K_FbqRmN4ZLWSyos3tYvmEjYwthFA==
expires
Thu, 07 Apr 2022 10:24:49 GMT
show-ads.js
a1.nyt.com/analytics/
45 B
625 B
Script
General
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
content-type
application/javascript
age
17833
x-guploader-uploadid
ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
65
via
1.1 varnish
x-served-by
cache-hhn4052-HHN
accept-ranges
bytes
expires
Mon, 23 Aug 2021 07:13:52 GMT
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1649321687.587648,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1608239975905841
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
45
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
3149
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

/
insight.adsrvr.org/track/pxl/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1970834275
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4PBO_PBkmNI.L.B1... Frame F52F
130 KB
44 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4PBO_PBkmNI.L.B1.O/am=GAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7PC8U_kZvT36xSI2_l2HTkjHx90w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a00d1036f138da94bbab229371b218e520aea31ce13d04b16a4b031c335740cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44985
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 00:54:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Apr 2023 19:07:19 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A82
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=147769693;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 06:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 06:34:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3A82
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk5y_sFizaKYgjxI179pY2B3_AS-yDXEq-AKDFrF-G0gDtUmoeHgKUQ8RPZDeyfh3wh8YkLNmPVw_T48ogYsEdjIDO7WJcgKXU1uuK_-NLPvXc97QY8SWXjAsZ1EkjaZ_4gcjr_Z7x1zs7BMu2QdemqLKxT0ix-tbm91zI0qp3tI2tlQuvgtt9zx-tG0JVK1WND1SK3PB9UEBTFSjqvpUVSJnpII5FtkzLfDEfoS_VqxU1RIRwsJI29OySZ8VjUINCPYTAsq2ygj7l5T_E4MyuvXQGA8O5WF4sTgZT8zLsdg-yiwdVmGdpe86YG6-v3kODc0Y&sai=AMfl-YRcHFJ16TTNTAnD2VLP7Ny4YV0OZs22iRxjSx7I1J4jQHuym6LS_CXfmVYzhhdZXYtuGCgPw-ub-vYsqkzUnDrsUDcZAyMqispNJ_8GWQDfIthEU5Yq4KhGMyE2aWqd&sig=Cg0ArKJSzFfOq-YSc--yEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Apr 2022 08:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 07 Apr 2022 08:54:46 GMT
truncated
/ Frame 3A82
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b635344bd7cd93da9a071df525630cd7125ea03749b55685eb4626c6f35ed5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1806319663&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&dr=&ul=en-us&de=UTF-8&dt=U.S.%20Says%20It%20Secretly%20Removed%20Malware%20Worldwide%2C%20Pre-empting%20Russian%20Cyberattacks%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1199309845&gjid=425248717&cid=595789736.1649321686&tid=UA-58630905-2&_gid=920864711.1649321687&_r=1&gtm=2wg3u0P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&cd3=&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000008282002&cd18=Kate%20Conger%2CDavid%20E.%20Sanger&cd19=U.S.%20Says%20It%20Secretly%20Removed%20Malware%20Worldwide%2C%20Pre-empting%20Russian%20Cyberattacks&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2022&cd27=2022-04-06-19&cd28=Wednesday&cd29=19&cd30=1649303932986&cd32=Russia-Ukraine%20War%2CWorld%20News%2CEurope%2CU.S.%20News%2CU.S.%20Politics%2CTechnology&cd33=NEWS_EVENT%2CSECTION%2CSECTION%2CSECTION%2CSECTION%2CSECTION&cd34=NEWS&cd36=06dc-russia-hacks&cd37=1318&cd38=Washington&cd42=nyt-vi&cd43=Russian%20Invasion%20of%20Ukraine%20(2022)%2CCyberattacks%20and%20Hackers%2CCyberwarfare%20and%20Defense%2CWar%20and%20Armed%20Conflicts%2CUnited%20States%20International%20Relations&cd46=Russia%2CUkraine&cd48=April&cd49=long_1200_1600&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=wdp9a9-KkVc4ExptZMeW3e&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=wdp9a9-KkVc4ExptZMeW3e&z=1158833646
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pnytimes.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html&u=DlYuuECovg1TZMxj&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Kate%20Conger%2CDavid%20E.%20Sanger&n=1&f=00001&c=0&x=0&m=0&y=1317&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2419&t=DiPUWOrNgrnCPk1jbDToeztCkGOYt&V=129&i=U.S.%20Says%20It%20Secretly%20Removed%20Malware%20Worldwide%2C%20Pre-empting%20Russian%20Cyberattacks&tz=0&_acct=anon&sn=1&sv=r9-1_DMCDN-Cfkf8I2JtKCtuXE6&sd=1&im=06679ff3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.237.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-237-88.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malwa...
adservice.google.com/ddm/fls/z/ Frame 8035
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKOa_onKgfcCFdjN1Qods4IJiw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9176418146169;gtm=2wg3u0;auiddc=836545943.1649321687;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F06%2Fus%2Fpolitics%2Fus-russia-malware-cyberattacks.html?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5290727.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ABF0
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
268818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 06:14:28 GMT
expires
Tue, 04 Apr 2023 06:14:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame F52F
437 B
327 B
XHR
General
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=-7729387827441375352&bl=boq_subscribewithgoogleclientserver_20220405.12_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=32087&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89b535c0425c2617953ab58346b8c0b436bf8859a1ef3b04099d0acbf446216e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4PBO_PBkmNI.L.B1... Frame F52F
17 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4PBO_PBkmNI.L.B1.O/am=GAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7PC8U_kZvT36xSI2_l2HTkjHx90w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b81877a19e50ce81c28d38e218b525def685301c4e275b964e4c404ae8d9e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7283
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 00:54:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Apr 2023 19:07:19 GMT
UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
pagead2.googlesyndication.com/bg/ Frame ABF0
35 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 06:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
8105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Apr 2023 06:39:41 GMT
log
play.google.com/ Frame F52F
131 B
673 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:54:46 GMT
imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/
25 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin
https://www.nytimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash
crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
date
Thu, 07 Apr 2022 08:54:47 GMT
via
1.1 varnish
content-type
application/octet-stream
age
16965652
x-guploader-uploadid
ADPycdtpTwngcckBPmLoV9cyLEieZ80u7t1Z7KUkF0fidQNaVXPEVQWwEqTEX1aibD_hveAklZ8FM2CjjXgO9D_bvWY
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25680
x-served-by
cache-hhn4068-HHN
accept-ranges
bytes
expires
Fri, 23 Sep 2022 00:13:55 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1649321687.208077,VS0,VE0
etag
"024693f96c8f2c457e4a6a8d02a636b7"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984530255
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
25680
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
3842
log
play.google.com/ Frame F52F
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:54:46 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 07 Apr 2022 08:54:46 GMT
expires
Thu, 07 Apr 2022 08:54:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F52F
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:54:46 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 07 Apr 2022 08:54:46 GMT
expires
Thu, 07 Apr 2022 08:54:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F52F
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.dr1qQEPc8KU.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI66U6S_AbTIfZOucvDhv6HTKKdnyw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 07 Apr 2022 08:54:46 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:54:46 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 07 Apr 2022 08:54:46 GMT
expires
Thu, 07 Apr 2022 08:54:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ABF0
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFgkC1qZOYuC3IdqPrATb6IeYBgAAAAA4AeAEAg&bg=!X1ylXBjNAAZAkm7qYJI7ACkAdvg8Wq_JrSWH7Th7Hw2KFcJI8NdELImqr5g8f_4IIIyqReLWrmi3AgIAAABTUgAAAAJoAQeZAr-lSkRBiWp0FgkSkO9sLgHsDvLm0Rc7NV6rq6og7dric6FuWibktEdoZJ46PFQJl5y0CarSFQ3AxIBldesnnlFrWUUcqiHzLkTGDCkuLdNqnBHQvUqU5RRlYPKxZiOCArToi6SY0_uDUng7S1SqzLE_ULTCq1DNj2AQdThUd_18MzrXk0166xhzft0FchC5aBfgPeMu0dD8OAlhNFlcQk4NoSJXZTD1ln1dtHeSdL3KzpPUf3HZnAQ6BjAxHodGjdVtO3Lcfp-hB1tfvNBTplUP_H96masaDK19CX7NJQwmWEQ9vPIXnGaTjOMYS9Z93igCPKy_qvRtJUM8iEIlWpyZSynIVxliDIi5tQjrsH2B9EPPz14aNVLdSzxv2HJ-IclmgDx_rmLKCtraF8TDnGTv6ssJJNafe0TSJO1ARmKK9RxvVVWOQhjSuDgAvxUSmAVyxeonK-NURoLXSi3UjNhRdtkBgZ2VaFQjQ-kZJcDXs76v_bd4OLywNjbGGF5MENa10GVb7dj4uhHzeajDuysTURbYRN9kLV7DM3XyGVekHtlLIr7PfgcYEXHDXliuR8CbIoJrJplIsoYxhBZiPX-2NcpIVP6jZuYoTeIUtIHhUjEFncPvVAfdhp8HROb9_ZIfJPmx1jtsCOI6_eVEzurJdekPxnJAoVPSEcZCz9QgO6wt3uxfMXQWAI-UY4RluCk8eikm1btRs4_hDMGaJLZCdV_JQBVnOr9N4gWzS_Js9ewN4Uh49Og9Gocz1HH31D6vCXgInie064JEQ4dx16Qb7ykRhzORuqs9uw3uGRbdYBjYl31-8T_VLxcu2dwelrRDIQ8n4Rf81ksJ0V8mEe78Ae0Mq031ipHn3VXsN9xSSOA-8d4JMzXKgOY0WYE_ur8lMNrZysz4ADVLBwWVBpDJCLjAjkvWu6oqzA_gmoYv
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

.status
a.et.nytimes.com//
0
0
Fetch
General
Full URL
https://a.et.nytimes.com//.status
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept
*/*
Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022033101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d37dcea931e22c632bcc4429d0a28e093636d0a2c546a4bc2cc4e2ef797fc67c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Apr 2022 08:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10476
x-xss-protection
0
loader.js
platform.iteratehq.com/
2 KB
1 KB
Script
General
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d14baaf850b49c29569c015efe9dc4e272b99a39d0a139a4a07021eb08c6e0f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QKSD2HPTSN6FZRMP
x-amz-id-2
KleT3v7OdVIy5B976Z8x4u7Bzbq1lv7aYMZXHuwF5RF1GKP4dY0uBioGZyrTd4W2ZU+CP5M+zlg=
last-modified
Wed, 06 Apr 2022 19:29:42 GMT
server
cloudflare
etag
W/"79de0343ac0a41c16beeb7c0f74fab2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Su5ekXvqk8gdNDhsEcsu3iYBWGtZhrk4IE7Y6S1vgKESzPgOl%2FDbGdzNZdnpzPI%2FrTVaQFaR%2B1fsMD4da6xWev5%2BpH4NXUfyZYreGk35StB0uKA04yBr%2Fw0tWy5ppKgjzN4pThSg3UXQPT6wDq3w1yDtO5sg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6f818a62fae46933-FRA
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Apr 2022 08:54:47 GMT
sdk-prod-43111aa1ba873fdaa9f0.js
platform.iteratehq.com/
897 KB
260 KB
Script
General
Full URL
https://platform.iteratehq.com/sdk-prod-43111aa1ba873fdaa9f0.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15934c8c0b6b4d7cc7d191317c52401b0a1243566a85b282b6b037eba0f7d6b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XFV8BY8SKDKQRFXD
x-amz-id-2
AN2qa9rnWat5KLIXPfzUs/fxnQLYominEWE6c93IMHSoXTzblHOZ2FjvCHxcB7rLZvhjSIfY8+I=
last-modified
Wed, 06 Apr 2022 19:29:37 GMT
server
cloudflare
etag
W/"7752697aafef46ae8937822f1b5f010f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtEUKKUb%2F9DS9IArqR24VcstR8b2w3Isb9pdPoCH5AFzHZzRH2fnHap6w7cJ7o%2FuqZ1IZ7coa2OPihLOTxrajlv5puxXeSLHSFsCYRqJ1vQSCdB%2FSZj6BfH1QKG45GXVqPkPu7Uwhpv%2FTBfkASLcoC5ca94T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6f818a637c0a925f-FRA
style-de055bd25489cd499284.css
platform.iteratehq.com/
130 KB
12 KB
Stylesheet
General
Full URL
https://platform.iteratehq.com/style-de055bd25489cd499284.css
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5026f2c5f5e6c3a079bdb1d9ce36b2b2413381629f543a64a75b4b38ca604458
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RSQNNZWJV93W42H9
x-amz-id-2
Fpyie/B3ZcdvcCrHdwu2QiLD063bQZAgi4IWBE2n1s3kh3mxMHhOv/zKd6SPB439WDHFN/0BHlY=
last-modified
Wed, 06 Apr 2022 19:29:37 GMT
server
cloudflare
etag
W/"430ca7c2f4df83672b582163361d51aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxJyJn8TSEYpRII1nQlo%2BhL2By0kakNAnjqT%2BuUx7ptuo2%2FAdyARxrCdDs5gNRmGDVelVwLao250uaa9OX0m86aoM%2FGu6NxQOEP22VdthB8Fcy%2Fpms9kUCNBTJhbiALQJSJYuAXp3UgWCkTJWNRQzL60RGW%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6f818a637c0b925f-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5181
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Apr 2022 08:46:38 GMT
expires
Fri, 07 Apr 2023 08:46:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B24E
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea0de6bd2b63ed7cb2e6c4faf6c5136da4b5fe1896726cd57eea40b104180d48
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tPJvZNvcn2yojBsShKpieQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
509
content-security-policy
script-src 'report-sample' 'nonce-tPJvZNvcn2yojBsShKpieQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Apr 2022 08:54:47 GMT
expires
Thu, 07 Apr 2022 08:54:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A82
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstJqIWTO_MBc7vnwQYIv8zYNfoELszP5cNKmWk_iY_MkXEp_Q3y_Oi3kScmGDO2Os29d6zOpqHV00FGuvYYWlUdfX1PBJUSI2DTfZU4UiEHtFKDBle&sig=Cg0ArKJSzCkHO7nqYqCbEAE&id=lidar2&mcvt=1001&p=132,315,382,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1133286891&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649321686367&rpt=236&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 08:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js
pagead2.googlesyndication.com/bg/ Frame 5181
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 07:53:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13564
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Apr 2023 07:53:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B24E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022033101&jk=213404299338060&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 5181
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1Z_Mhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 08:54:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
embed
iteratehq.com/api/v1/surveys/
298 B
1 KB
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-43111aa1ba873fdaa9f0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db740b55e3d5a82a763af822987a831b700d842b6d636afa221c74b0da703a1d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type
application/json

Response headers

date
Thu, 07 Apr 2022 08:54:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs7GpwfeYtBpx64VUh16Ujbv2HkvQguzWwr6%2BzuVhBqGnQVCj833wLlzEIU8rRMy%2B43AK8liK5ItJQ1IOgtuB5bX9froVl%2FfT8GxC9L5QnK0KlSrf6LPGBxFV92i4w7YlXYEoElt2rzAUX0%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=0; includeSubDomains
cf-ray
6f818a685ed1905b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f818a673f999152-FRA
content-length
0
date
Thu, 07 Apr 2022 08:54:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWVp5CHRuaIAnIL%2BwxegbFBuWFsy1Vn8JKfa8jn0b%2Bhw8mBmTUu6QLe9iScdXUfV%2FUohq7IegMSwCPbhXxt%2FtMuvVRTMac73FrtnUws7%2FyuMBsniX37MJPQHXTGIo6ojLkg%2FAryvOr6H%2BXRj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022033101&jk=213404299338060&bg=!bG-lbyvNAAZAkm7qYJI7ACkAdvg8Wi0M8jF70Zin9OCGSeby8PgdPlc3HgAvnb7vmY_gQoN1JiYJ9wIAAABaUgAAAANoAQeZAqXlwJ-sDglrQQlQF0Grv3gtBKovEYjtWh7qoObeoFQC1848SyqUYbrDrkk1tUCCw5GlFI4P4ZhxCVsmjLUFgr4oe8YsD0DrUODcxOy75RdmZ-m-eFUCMHiL9W2cOS53OHguKX4WkyqSAxYtOvMhqi3B0fp8yLbFHKB9V2O5zFZBv3lSatra05xkYjNQ2kYzk2gF5peId5nu-wk1Q8f84gWonKSvKJSVhSrjCTekSrDkQoFZKDh71WDYb7vr3FHdsDiydnBRHg_Bi93vDj2qIc2mFkRUx7XcRWwavYgM_GRbePoXnztTK8eB8hTNMGQUxUlTvkXB23fnchB1lasVNbmSRvdl7FXynDjs3L9aJAi-czIXAQGKeLLidCFctQiWkxbdY_eTg9gkd4mi9ZHEUJrSuoeh1Yyg35ENbHOO2nMuwQp475nqWhhY1gk-1In_CsF7V-8Kp8ty72vbUaysDEf8j1b1FDoPLyFogKkaG-zz-UFNDArN9JuQpPWODvdivTG5xul9PCZgb-_UjricxkqJKYzKqYqjF1Fr-WTkHDVGaq8uyD7YSMMQT280c31lugL7JWxXU_IxHBlQ5aWUC0HyAiVd0qtMWpqHX0fnYZZtoMXuDxjhvlXVTRtMZNRotIKV1Y0JGm0yR9RieYwZhTBtOQVt3jFBt6oWF11CzGqFfm8HoaTa0Wvmz0nFqiyHCdJIMD3rG1A2pjQu5hugf5hiUgEpWpZfuCzG-n0gtxYmW44aK7wsqCfMVH_xHu_KpfAOVUlq5oosO_vH-S7rWRZN5gFDmJ7vlJrEj5Y_Mmn2yutchlcDEHzNQy_qwD0Q1S4kEtqlDfbmb55tkZsS8IV5rFxv0c6n11ckEl7m8I_CfRr9qAG_EVV2KzxODLnYPdGitfSKgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| event function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge boolean| SwGEntitlement function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 string| sov object| AdSlot object| __preloadedData object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ object| google_tag_manager object| UrlCache object| SUBSCRIPTIONS object| SWG object| ggeac object| google_tag_data object| google_js_reporting_queue object| nytAnalytics string| ddjskey object| ddoptions function| sprintf function| vsprintf object| meter boolean| NYT_VI_RENDERED string| ASSETTYPE boolean| initialDeviceTypeResizeCallback undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| _0x254ada object| _0x24935d object| _0x427892 object| _0x3e92cc function| _0x245c object| _0x18d7bf object| _0x1b03d5 function| _0x2ab0 object| _0x3f7732 object| _0x491993 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| ddAnalyzerData object| AIQ_DATA boolean| notprod string| GoogleAnalyticsObject function| ga object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript boolean| adBlockDetected object| gaplugins object| gaData object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType object| params object| GoogleGcLKhOms function| setImmediate function| clearImmediate undefined| Raven object| iterateprovider object| google_image_requests

30 Cookies

Domain/Path Name / Value
.nyti.ms/ Name: _bit
Value: m378SI-64fb238efdb965a360-00N
.nytimes.com/ Name: nyt-a
Value: wdp9a9-KkVc4ExptZMeW3e
.nytimes.com/ Name: nyt-gdpr
Value: 1
.nytimes.com/ Name: nyt-purr
Value: cfhspnahhudn
.nytimes.com/ Name: nyt-us
Value: 0
.nytimes.com/ Name: nyt-geo
Value: DE
.nytimes.com/ Name: nyt-b3-traceid
Value: dbc86f7f77d64a77aa0104efd1f60a0c
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1649321684845|wdp9a9-KkVc4ExptZMeW3e|1649321684845
.et.nytimes.com/ Name: et-ppvid
Value: https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html=2Q_NEKJk05RttSvK6l9PUbB8
.google.com/ Name: NID
Value: 511=Dq8QUJhisUuRqEzQAwEHqjez5OvkYNz_nvzvMYpl59Apwfou-qFL8Gh7j1F2HfKWp4NzbI9MvwmUCwTvZdWrFRLAeuUAf026gNzeEpuHnGt-MhULAjG1IRd-YxngOrDcgUOAVb_snvWjsgwur0eDQtFy0kx4GHHs4YH7O0fNvs0
.nytimes.com/ Name: nyt-m
Value: 514622BF124E0FC379DBB798C89BD790&imu=i.1&prt=i.0&n=i.2&vr=l.4.0.0.0.0&igf=i.0&igu=i.1&rc=i.1&vp=i.0&ier=i.0&imv=i.0&v=i.0&ica=i.0&iue=i.0&ira=i.0&ft=i.0&cav=i.1&ifv=i.0&iga=i.0&uuid=s.647701eb-b901-439f-a0fa-6a9d9fc2b579&iub=i.0&iru=i.1&s=s.core&e=i.1651392000&er=i.1649321685&fv=i.0&igd=i.0&ird=i.0&g=i.0&pr=l.4.0.0.0.0&iir=i.0&t=i.0
.nytimes.com/ Name: __gads
Value: ID=89d8fef966f1ca2c-2241cfb371cd0000:T=1649321685:S=ALNI_Margs2c1eJbaXsx0dTry6otdLXFqQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnMVGeHZ7Fb_sIWzcvPSRNgcAAXUhos0vfwun6hi0El5lqldx3gd3r9EZssJBA
.a.nytimes.com/ Name: jkidd-s
Value: referrer=&landing=&start=1649321686141&isNew=1&pageIndex=1
.a.nytimes.com/ Name: jkidd-p
Value: prevPage=&currPage=
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1649321686141&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/ Name: datadome
Value: CNJh5PAjYkMZIFl0~9sJ1~0GCs0Wq0nhCwV5-zWSE05Q6fE5TVI~8JsmnlHvipNSNIH181j7PYXIvVZwxRHyYeIoB2Z.YVTaTxfLwW-21lx.iML_inFg.K552x~JXon
.nytimes.com/ Name: _gcl_au
Value: 1.1.836545943.1649321687
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0
.nytimes.com/ Name: walley
Value: GA1.2.595789736.1649321686
.nytimes.com/ Name: walley_gid
Value: GA1.2.920864711.1649321687
.nytimes.com/ Name: _gat_UA-58630905-2
Value: 1
www.nytimes.com/ Name: _cb_ls
Value: 1
www.nytimes.com/ Name: _cb
Value: DlYuuECovg1TZMxj
www.nytimes.com/ Name: _chartbeat2
Value: .1649321686631.1649321686631.1.r9-1_DMCDN-Cfkf8I2JtKCtuXE6.1
www.nytimes.com/ Name: _cb_svref
Value: null
.nytimes.com/ Name: iter_id
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MjRlYTZkODhlY2Y0MTAwMDE0ZGI1MGMiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQ5MzIxNjg4fQ.8zezSGT73POKgq3HcwvpBT5PF_TeZ0LxNcBxzq6d-nE

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
71d76029f9dbc2ef8b57c6d814c0479a.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.lu
als-svc.nytimes.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
nyti.ms
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
142.250.184.194
142.250.186.166
151.101.1.164
151.101.129.164
18.66.248.36
2600:9000:236e:ce00:18:1fcd:34f:cdc1
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2013
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a06:98c1:3120::7
2a06:98c1:3121::7
3.33.220.150
35.241.35.241
35.244.188.62
35.83.85.90
54.204.237.88
67.199.248.13
02e536435234ddbacf0aa75050b286e42dfcefb62837b4336c259ae4c490815b
110cb33fca3196b83c7c5a2485f7e27aa511f040ba4c73b74a87381caa56f0c7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
20b635344bd7cd93da9a071df525630cd7125ea03749b55685eb4626c6f35ed5
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
254c4b14048e59e704732cae42f255dc190db3b38c68eb130cc232cfa41fafc8
264ffc500d1bfdc5f5e837ca9e04b788ac623e561cba33d60cb60da92e3057b2
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2d14baaf850b49c29569c015efe9dc4e272b99a39d0a139a4a07021eb08c6e0f
311c7403eaf514732e89588dbc99df9aa545dd6500f4f9472aa30a721f0fe7fc
35a5adaa7c1d881c1bd480a04b08d1dfa97aab497cde308e4f331181a6553fdb
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
38293cbf44607c7e7637c1f696ac2001b8f7a299c7376fed5b414a7f3657d253
3b4806b7e1d8a1b140b681b779aa16b3ca8b124852511b0b70b024b65d9053e1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
432b49cad18bf191068c0f3c1cc32d297966e22b72685f0662b4eb86956b43b4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
5026f2c5f5e6c3a079bdb1d9ce36b2b2413381629f543a64a75b4b38ca604458
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b81877a19e50ce81c28d38e218b525def685301c4e275b964e4c404ae8d9e3
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
54057e8aa02f40784e15b478f359c746d0822c3a1e931c8652ce32f90a4b4ccb
557dc7ed70c147186eaa18b28cfa4a5308d5601612cdbeae1cdff33b682a1871
559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cbc1d3ee83c80f4fac75004fa28b9c0dffc7569379f5d49b93d4bd27b8e4d86
6031c5d0ea02c8d8e39781fe0659f55a3414203fa9bbc671e4349d5607f5684d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33
6737b1b2dea1b2a87e735bee92eb3fab5a1cecbce74993ad4899f528ccff102a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
74f4d3189d342c2710ac60bc3d7ac1168a9ee24867045e22a7943573dea01c0c
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
7a94996e57b80904e96253513c6149981fe999e05e3e3d0b8271111398a077cc
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
83b24801e70ea78b63e351193e228ead44fd2905824c479540d1bf293feb0ea6
851ca05c66b3fe40b648d7a1f3bf4433f5c72a8e4c318a835b878163556ef0e0
89b535c0425c2617953ab58346b8c0b436bf8859a1ef3b04099d0acbf446216e
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90148a226daea4db7bbbc68cbd40fbabf5eddee23399e3f985f3ba5625dcb17a
92fe78449b2ce5358354322dff1de1f518551b8192cbf0ccff2839b058b28df9
94ff2a55bf15b3b90f9ea670a0a213bf98c96163d7ebb4e11bc8966ef6c3b0d2
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
9fbbf24681bc6e5db446ad19c4165f72ffbe683d1e0a34529dcee4450bca31ba
a00d1036f138da94bbab229371b218e520aea31ce13d04b16a4b031c335740cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26950fed8c00b10b885a025d6258a93cbd63a89d783a946ecd48f2be9ce5e34
a43557acb08ad9e554dfc8c173de657208cc25912aec3ac7f66c202b41ec210f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82d33004b9877d9e42fb41dc619bdedcd7724db22f5d74ff47bb832bf46de5b
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
b07c206a26d1e917370dcc2b6289973d12afbc3868644e5985f029c68a5c85e1
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c0c572d5836a69f0b4d0dc4b6199d9575d2581493f7c99c5d98160a6aafb164c
c2f24a1e91a6742338af7b62f0273167d17fe9255a4fc804bc2e93c1959c9acb
c50eee5fcbe9202084502bc71038eff9ee41a8091f85ebebf473293db8fa7e9c
c625a2ca433679869ac4e60dac626a4f5d30e03fe13ab19284e213b86b731262
cc49996658507fab7a30a2e9cf53cfb8ddd903d86ad652d776fd5fc08e2938f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d37dcea931e22c632bcc4429d0a28e093636d0a2c546a4bc2cc4e2ef797fc67c
db740b55e3d5a82a763af822987a831b700d842b6d636afa221c74b0da703a1d
de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9
e00e4aa270bcdab5c0083257519e64652bc2272bd36d2ebd45c9b83e03a862b5
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e75be3980cb6606abd0f915ace2c7015157f44db048d94686c9999d5352451ac
e8c01d397b35a02bd15cb3abc32117e74dc9d14f51b4101a5e28229d9a3ed0ee
ea0de6bd2b63ed7cb2e6c4faf6c5136da4b5fe1896726cd57eea40b104180d48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f003d6c3dc1bc7c460f369f79c4085ac19fdc84fda7c8f178fdb57968879d373
f15934c8c0b6b4d7cc7d191317c52401b0a1243566a85b282b6b037eba0f7d6b
f468c98e35724fa3b7fa006bea51de1bd3e0917efd14aafdfad0420631b76221