www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Submission: On February 19 via api (February 19th 2021, 3:38:14 pm UTC) from DE

Summary HTTP 114 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 13 domains to perform 114 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:803::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:4000:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:f800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	3.233.251.228 3.233.251.228	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
114	23

41 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:803::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:4000:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3baf36b578747b42ba382db420d1445d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:f800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.251.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-251-228.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	nytimes.com www.nytimes.com samizdat-graphql.nytimes.com a.et.nytimes.com myaccount.nytimes.com dd.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	944 KB
17	google.com news.google.com adservice.google.com play.google.com www.google.com	71 KB
16	nyt.com g1.nyt.com static01.nyt.com a1.nyt.com	562 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	129 KB
7	googlesyndication.com 3baf36b578747b42ba382db420d1445d.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	25 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net 5290727.fls.doubleclick.net stats.g.doubleclick.net	123 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	248 KB
3	google-analytics.com www.google-analytics.com	19 KB
1	google.de www.google.de	107 B
1	chartbeat.net pnytimes.chartbeat.net	169 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.be adservice.google.be	803 B
1	googletagmanager.com www.googletagmanager.com	78 KB
114	13

	Domain	Requested by
17	a.et.nytimes.com	www.nytimes.com
13	www.nytimes.com	www.nytimes.com static01.nyt.com
11	g1.nyt.com	www.nytimes.com g1.nyt.com
8	samizdat-graphql.nytimes.com	www.nytimes.com static01.nyt.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.nytimes.com news.google.com www.gstatic.com
6	www.gstatic.com	news.google.com www.gstatic.com
4	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
4	static01.nyt.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nytimes.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.de	www.nytimes.com
1	www.google.com	www.nytimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	3baf36b578747b42ba382db420d1445d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	www.googletagmanager.com	www.nytimes.com
114	32

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
www.propublica.org
www.uhsinc.com
www.nbcnews.com
www.fbi.gov
nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
spiderbites.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
a.et.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-11-16`	2 years	crt.sh
*.news.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-29` - `2021-04-02`	9 months	crt.sh
*.google.be GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Frame ID: 329E593D54F26F7EAED9BEC13FC7572D
Requests: 83 HTTP requests in this frame

Frame: https://static01.nyt.com/ads/tpc-check.html
Frame ID: C3355A65FF5E89196776C497E74EF75A
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448263
Frame ID: D974429F4E0C2129698297B287235FCB
Requests: 14 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: F7C9BACABD415154E3A4B26D15097E14
Requests: 3 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html
Frame ID: 7A63BB09D8EA32D9BF89542C5BE84D0E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3710EBA058321BD3EEA073EA93E450C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Page Statistics

114
Requests

99 %
HTTPS

73 %
IPv6

13
Domains

32
Subdomains

23
IPs

3
Countries

2214 kB
Transfer

6613 kB
Size

22
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html%3Fsmid%3Dfb-share&name=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm%20https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html%3Fsmid%3Dtw-share&text=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks
Title: companies hit by ransomware now do.

Search URL Search Domain Scan URL

URL: https://www.uhsinc.com/wp-content/uploads/2020/04/UHS_2019-CompanyOverview2_.pdf
Title: more than 400 locations

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/tech/security/cyberattack-hits-major-u-s-hospital-system-n1241254
Title: first reported

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/pressrel/press-releases/fbi-and-cisa-warn-against-chinese-targeting-of-covid-19-research-organizations
Title: agencies said

Search URL Search Domain Scan URL

URL: https://nytimes.com/privacy/privacy-policy#we-allow-for-personalized-advertising-on-times-services
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2021 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://spiderbites.nytimes.com/
Title: Site Map

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html

114 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request clinical-trials-ransomware-attack-drugmakers.html Show response
www.nytimes.com/2020/10/03/technology/ 318 KB
74 KB 76ms
31ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9d79237833fc38d7cc71597e9fb40a31891cbeb23aa24f0f1b994d53e58c75c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Fri, 19 Feb 2021 15:26:04 GMT
last-modified: Fri, 19 Feb 2021 15:26:04 GMT
x-scoop-last-modified: 2020-10-06T13:24:03.753Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1613748364.106165,VS0,VE4
x-origin-time: 2021-02-19 15:26:04 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:52 GMT
age: 708
x-served-by: cache-lga21952-LGA, cache-hhn4065-HHN
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1613749073.579198,VS0,VE5
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=mQTUPznf9Ym7KKQt4WQnLy; Expires=Sat, 19 Feb 2022 15:37:52 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=T1~nWC8k12kygWr3PwPmN7.i5hZoqiZdfde4VD6QXiNqixvj2PUFmDY.ZOwWKPjI~FIOykCCA4Vym7NE0RWzSVKHcgR2Rnqh~RXKj8cACI; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Fri, 19 Feb 2021 21:37:52 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Sat, 19 Feb 2022 15:37:52 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Fri, 19 Feb 2021 21:37:52 GMT; Path=/; Domain=.nytimes.com nyt-geo=BE; Expires=Fri, 19 Feb 2021 21:37:52 GMT; Path=/; Domain=.nytimes.com
x-datadome: protected
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 73928

GET
H2 200 web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 24ms
22ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-guploader-response-body-transformations: gunzipped
age: 1670777
x-guploader-uploadid: ABg5-UxIier1N-SK6_ieSkZtt5eC9_BVlfrpLNY95lHSACzjokVzRi4EPSn2l7MTqjaCDZGwsGtWCv5IXuk14pYtpTSgLlm5lQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10772
via: 1.1 varnish
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Mon, 31 Jan 2022 07:31:35 GMT
last-modified: Thu, 21 Jan 2021 20:59:32 GMT
server: UploadServer
x-timer: S1613749073.618396,VS0,VE0
etag: W/"b3e9eedd81b658bb38d40b91c6568d7a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611262772377885
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9922
x-nyt-pagetype: web-font
content-type: text/css; charset=utf-8
warning: 214 UploadServer gunzipped
x-cache-hits: 62819

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 21ms
21ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q==, md5=8t/i0xcrDEvURwPHlq+SQg==
date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-api-version: F-X
age: 13568667
x-guploader-uploadid: ABg5-UzadwJJVco0UpaJTaU9yrgZMaUz_4aMwQT08kD2RC8WFP2U69rcjJ1SjFhy7-H0mWZMfVmtkBKnVkLIRUioNaU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2020-09-15 14:33:25 UTC
content-length: 1832
x-served-by: cache-hhn4065-HHN
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1613749073.617197,VS0,VE1
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1600171892731484
expires: Wed, 15 Sep 2021 14:33:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 75806

GET
H2 200 adslot-bdbf6eb0eb7b12abdb78.js Show response
www.nytimes.com/vi-assets/static-assets/ 12 KB
6 KB 21ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-bdbf6eb0eb7b12abdb78.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e727ef8774d0f91bb65b2dc844a4a9ddaf8a62768a991fe95e9c9f981d4c063a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
log-origin: ip=172.217.16.144,port=443,name=F_gcs_origin,status=200,reason=OK,method=GET,url="/static-assets/adslot-bdbf6eb0eb7b12abdb78.js",host=vi-assets.storage.googleapis.com,shield=HHN
age: 940412
x-guploader-uploadid: ABg5-UwGTEZlwyrSrQ7g2Q0gjH6VpkPqJ-nzBuD4_6J2BP8BqKGbHKjjDruZBWFbQUpdrYhF5tETlxpHPPaUSW-RkQ
log-timing: fetch=229041,misspass=211,do_stream=0
x-goog-stored-content-encoding: identity
x-origin-time: 2021-02-08 18:24:20 UTC
x-served-by: cache-hhn4065-HHN
x-timer: S1613749073.645028,VS0,VE1
etag: "3ec751ab2023af83dabfc8a9b029c9e5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-bdbf6eb0eb7b12abdb78.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 47672
date: Fri, 19 Feb 2021 15:37:52 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 4575
last-modified: Mon, 08 Feb 2021 18:23:31 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=Is//tg==, md5=PsdRqyAjr4Pav8ipsCnJ5Q==
x-goog-generation: 1612808611601302
expires: Tue, 08 Feb 2022 18:24:20 GMT
x-gdpr: 1
x-goog-stored-content-length: 12370
accept-ranges: bytes

GET
H2 200 03erthack-sub-jumbo.jpg
static01.nyt.com/images/2020/10/05/business/03erthack-print/ 196 KB
196 KB 26ms
23ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/10/05/business/03erthack-print/03erthack-sub-jumbo.jpg?quality=90&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 68bf6333489238b526e8e1cf3051b57a824564297d998756b8d81a5835e29d04

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 93735
x-guploader-uploadid: ABg5-UwZDlG_C61KVfYmoR22D9oLAsGa5AXTgKtDh6WuCx-dcAOASfVw30Sc14etxu5uV9R2hRROjJLagfIClU05U6Q
x-cache: HIT, HIT
fastly-io-info: ifsz=228023 idim=1024x683 ifmt=jpeg ofsz=200260 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 200260
x-served-by: cache-bwi5177-BWI, cache-hhn4065-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1613749073.721828,VS0,VE2
etag: "zrna3hEqfFCI3zQDxIoMqeD2av/QSCKmBDMVg1BhOPU"
vary: Accept
x-goog-hash: crc32c=CfM95A==, md5=MgYwyRBwyNeNYXaMnSyC9A==
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 18 Feb 2021 13:35:37 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 author-nicole-perlroth-thumbLarge.jpg
static01.nyt.com/images/2018/02/20/multimedia/author-nicole-perlroth/ 8 KB
9 KB 26ms
23ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2018/02/20/multimedia/author-nicole-perlroth/author-nicole-perlroth-thumbLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a13d866948dfb0530a96b50183e8de5c973a0d870192ac9ab2a90bbb44d6969b

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish, 1.1 varnish
log-origin: shield=BWI,ip=157.52.99.35,port=443,name=shield_ssl_cache_bwi5135_BWI,status=200,reason=OK,method=GET,url="/images/2018/02/20/multimedia/author-nicole-perlroth/author-nicole-perlroth-thumbLarge.jpg",host=static01.nyt.com
age: 20027
x-guploader-uploadid: ABg5-UzKOCcRzXjHQGXxGlg3jtpmjPW3yGqYPIZADiOQLp_zOndrnr23GB8MQJvjCG7JO-mcTmQiVwakY_EcOrDlDk8
log-timing: fetch=90915,misspass=127,do_stream=0
x-goog-storage-class: MULTI_REGIONAL
x-cache: HIT, HIT
content-length: 8178
x-served-by: cache-bwi5135-BWI, cache-hhn4065-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 20 Feb 2018 18:26:15 GMT
server: UploadServer
x-timer: S1613749073.721811,VS0,VE1
etag: "bcf9bbfa89d71e0d52740a25f0a40430"
vary: Origin
x-goog-hash: crc32c=4XqVGw==, md5=vPm7+onXHg1SdAol8KQEMA==
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 28 Jan 2021 11:23:06 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 build.js Show response
static01.nyt.com/newsgraphics/2021/01/21/yct-email-signup/0847bd120c305be27ee02387678ef2c7f50e3069/ 402 KB
102 KB 121ms
119ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2021/01/21/yct-email-signup/0847bd120c305be27ee02387678ef2c7f50e3069/build.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 327fda31f2949fe972292514ab920236db393e7f5c65bb84958b0f21b08e3772

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
age: 3
x-guploader-uploadid: ABg5-UyUGdNBqK_7HmqK5wVktv6UqfkF6JAO1EwkBAi_q9O5hzot592uZh7sdP9ThaG8Q8awPMU6EsU6Pew20ICZ1bY
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 103936
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5183-BWI, cache-hhn4065-HHN
x-nyt-gcs-bucket: nytint-prd-newsgraphics
last-modified: Sat, 30 Jan 2021 19:09:21 GMT
server: UploadServer
x-timer: S1613749073.645247,VS0,VE87
etag: "74fb797330ffcc14436da01419179dc9"
vary: Accept-Encoding
x-goog-hash: crc32c=m/OlcQ==, md5=dPt5czD/zBRDbaAUGRedyQ==
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 Feb 2021 14:10:58 GMT
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 vendor-1fbf6ee945ef632568df.js Show response
www.nytimes.com/vi-assets/static-assets/ 266 KB
81 KB 26ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-1fbf6ee945ef632568df.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1c46eaf9bf3b3711565d4e7e5cf5575489b6f7641e99fb86e124e4aab340101e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=QHyezQ==, md5=9H+AmKZMA1qAcHsOuDleQQ==
date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-api-version: F-X
age: 76502
x-guploader-uploadid: ABg5-Uyqen8il7hawIguGPKC2ffCTaCGDSWKcnMMyKWdisSDL56MIyCesEa3MfunbgYsxoya-mMBf2OlK4YI8Pa_nMcU2VD49Q
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-02-18 18:22:51 UTC
content-length: 82025
x-served-by: cache-hhn4065-HHN
last-modified: Thu, 18 Feb 2021 18:16:30 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1613749073.721808,VS0,VE0
etag: "f47f8098a64c035a80707b0eb8395e41"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-1fbf6ee945ef632568df.js
x-goog-generation: 1613672190258351
expires: Fri, 18 Feb 2022 18:22:50 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 272100
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 6024

GET
H2 200 story-de97f898e4293695c279.js Show response
www.nytimes.com/vi-assets/static-assets/ 907 KB
244 KB 26ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-de97f898e4293695c279.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ee5aa5a0cb24d1cc63d2c31077e8ae10e66c0f428b42c5aa1a47d1b738ede158

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=1s/dLg==, md5=qVFT5aZtFNIu2hzK/TrSFQ==
date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-api-version: F-X
age: 76493
x-guploader-uploadid: ABg5-UwHIQNTHX_lx2Z2NVyNa4ZVQPZDdvbkQlIffznUkI2ZsjOo-s5F8Tz7r7WDc5HxFdbVtPMp2k3xiyQdrOvmVi2xkJ9Gbg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-02-18 18:23:00 UTC
content-length: 248707
x-served-by: cache-hhn4065-HHN
last-modified: Thu, 18 Feb 2021 18:16:30 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1613749073.721788,VS0,VE1
etag: "a95153e5a66d14d22eda1ccafd3ad215"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/story-de97f898e4293695c279.js
x-goog-generation: 1613672190212493
expires: Fri, 18 Feb 2022 18:23:00 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 929068
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 9

GET
H2 200 main-db361b4e258c1477c6b1.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
314 KB 26ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f6e686c7daf3252970f907dc479e402cae009586a794544b89b140483604c2fd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=4FKzgQ==, md5=+z3i0AFjfNOriB5qGbeY5w==
date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-api-version: F-X
age: 83354
x-guploader-uploadid: ABg5-UyguXFEn8OpEkcyrzCwc3-2hwlQCK4hfvQdlT_QCcni8zFKaaT7VxN9WQGE0oRwJUeYR0GnavujXOgYeBljRayNhoc4nQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-02-18 16:29:57 UTC
content-length: 320567
x-served-by: cache-hhn4065-HHN
last-modified: Thu, 18 Feb 2021 16:24:59 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1613749073.721754,VS0,VE1
etag: "fb3de2d001637cd3ab881e6a19b798e7"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
x-goog-generation: 1613665498800349
expires: Fri, 18 Feb 2022 16:28:38 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1070013
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 286

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
78 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ee482d6dfec946d8b5188ffd0e82c93c8917a9cfca405119c6212dcedebf4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79697
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 77ms
30ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-9321163
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:52 GMT
age: 41
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: BE
x-nyt-region: VOV
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 92dbb58b52eb674a
samizdat-x-instance: e14faa2b
samizdat-x-canary: false
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 4
x-timer: S1613749073.767584,VS0,VE1
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 125ms
103ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
682 B 22ms
22ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 31
x-cache: HIT
samizdat-x-instance: 8a60c308
x-samizdat-query-field-errors: 0
x-cache-hits: 2
x-samizdat-query-exe-id: 59a574c461937af2
content-length: 123
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: VOV
server: samizdat-graphql-9321163
x-timer: S1613749073.788201,VS0,VE0
x-nyt-continent: EU
x-served-by: cache-hhn4065-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: BE
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 151 KB
46 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5771f975340b93f43f130617af9a9753ee68d8515ff6666f2b04bf79ec3c518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:11:51 GMT
server: sffe
age: 715
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46340
x-xss-protection: 0
expires: Fri, 19 Feb 2021 16:15:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 33ms
32ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

231e10e3a7505d004cfeffe0ec5f350025726a0818237175700658a4187d161f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "788 / 536 of 1000 / last-modified: 1613736742"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19450
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:52 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 106ms
103ms Fetch
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
2 KB 40ms
39ms Image
image/svg+xml 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4d41bce1e64d901b708a2f246cad8321f5a4a1053fb2558d255ee91e7b80ce97

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
log-origin: ip=74.125.133.128,port=443,name=F_gcs_origin,status=200,reason=OK,method=GET,url="/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg",host=vi-assets.storage.googleapis.com,shield=HHN
age: 1950577
x-guploader-uploadid: ABg5-UzjACwrA9JtbxYuKznL-im9u7felVO8TSPpgeJfQLTTf2c_PfqHRORcB_HjMtL-B99pnMvJlDcceW0LyMzGIO5gSuZLVQ
log-timing: fetch=359432,misspass=227,do_stream=0
x-goog-stored-content-encoding: identity
x-origin-time: 2021-01-28 01:48:15 UTC
x-served-by: cache-hhn4065-HHN
x-timer: S1613749073.733316,VS0,VE1
etag: "41ca1dddb260e08ec436481c6c5dd7e7"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
content-type: image/svg+xml
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 59176
date: Fri, 19 Feb 2021 15:37:52 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 624
last-modified: Thu, 28 Jan 2021 00:36:48 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=XAhLHA==, md5=Qcod3bJg4I7ENkgcbF3X5w==
x-goog-generation: 1611794207919781
expires: Fri, 28 Jan 2022 01:48:14 GMT
x-gdpr: 1
x-goog-stored-content-length: 1187
accept-ranges: bytes

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 68ms
21ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 7845949
x-guploader-uploadid: ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1613749073.781665,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921495212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 26801

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 79ms
32ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 1341114
x-guploader-uploadid: ABg5-UyqZdn36CyMMqO_EYtsohIZVvW1myiL06R2gPdmK537uhIh7sznFOlp3yQxAca4AnWvg2zoSJNSipxFlwXBmQ1YZQoY9g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Fri, 04 Feb 2022 03:05:58 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1613749073.781842,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607599997
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 26243

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 102ms
55ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 3339361
x-guploader-uploadid: ABg5-Uw8S9-9Cp8flQFSVhbwl3AjTLVj3Ebnvke16Nf5jXN2n0Eq8psNQvRrRH_mZghG4SSLsxPPfpeEafMzp2LGmtU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Wed, 12 Jan 2022 00:01:51 GMT
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1613749073.782178,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542919418422
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 18525

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 102ms
55ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 7845949
x-guploader-uploadid: ABg5-UxwOd1OJ1NpLnKbfO4ZMueD_YTwT452ogHR5NBdE3pQpWMOnbwL5QS5ydsgtFhZVr3mb_hECjplXvTvaU468LZ-07vPqA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1613749073.781815,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542919868800
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 19627

GET
H2 200 franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 79ms
32ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 1345799
x-guploader-uploadid: ABg5-UzyId0nwHcvhd9ZK0GqRE26Sjz_F3tsEXO1zLoJEGdy0UifRLurPH962Tnkf7VwXr10BtegQkzVKSYYYIZgMDo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20212
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Fri, 04 Feb 2022 01:47:53 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1613749073.781809,VS0,VE0
etag: "abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607567231
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20212
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 17492

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 78ms
32ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 1835384
x-guploader-uploadid: ABg5-UyyJIzHstDEr_mA5r06lBSKMFWF6JJ9e_CKm5C5rTKj0xzm3w4fHAOn-hugOJPw6vQlrTPFH09Lhq0rirF04sV7BOJjUw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Sat, 29 Jan 2022 09:48:08 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1613749073.781776,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607568560
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 24571

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 101ms
55ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 1958114
x-guploader-uploadid: ABg5-UwdIJh3zDPsgELyVn2wpdNrghkRkMwfqx-SvzAEjCBW1nptMj-5ba97kf-tAX3xGEqsWzEPvOn1qL3Us02OUeLPeWctLw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Thu, 27 Jan 2022 23:42:38 GMT
last-modified: Thu, 21 Jan 2021 15:56:45 GMT
server: UploadServer
x-timer: S1613749073.781786,VS0,VE1
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244605182120
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 11898

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 113ms
66ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 3159470
x-guploader-uploadid: ABg5-Uxt7RxWOSeJwIQE_e7Iqm2kXBRhSsJrFBlb6X5lpaManN5NmkmG3pgVKNsMgckfFFRql1IdG6Fz3MTvrKNfHMQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Fri, 14 Jan 2022 02:00:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1613749073.793353,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542919312063
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 13799

GET
H2 200 imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
29 KB 79ms
33ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=1n93EQ==, md5=JTGZX+/TuZf5xNVk6+iSaA==
date: Fri, 19 Feb 2021 15:37:52 GMT
via: 1.1 varnish
age: 1945660
x-guploader-uploadid: ABg5-UyakSYIepac1_121D7xEZH7gvtAYoGvuXbvJJmK9WTeQklFdWhkPhbYohiGFesdfogFjXPRJIDzNXAdUanSfYDLfpZlbg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29016
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Fri, 28 Jan 2022 03:10:12 GMT
last-modified: Thu, 21 Jan 2021 15:56:48 GMT
server: UploadServer
x-timer: S1613749073.781751,VS0,VE0
etag: "2531995fefd3b997f9c4d564ebe89268"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244608397094
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29016
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 24443

GET
H2 200 tpc-check.html Show response
static01.nyt.com/ads/ Frame C335 1 KB
1 KB 22ms
20ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/ads/tpc-check.html
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a948a4464f5fd459e65b35799dc65da324e59d9f307e12c51a34471186631d3e

Request headers

:method: GET
:authority: static01.nyt.com
:scheme: https
:path: /ads/tpc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Response headers

x-guploader-uploadid: ABg5-UxKZumuwHnYnHeDtju26hG42an3j0xXYHq-Xw53odxpI2jDwX58aaMfGt0RYMvIictAlviK-GufLa3W5kyC0w
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
expires: Mon, 18 Jan 2021 12:04:30 GMT
last-modified: Wed, 03 Apr 2019 14:30:57 GMT
etag: "598d685c63f68aaefa1f7c474e83327c"
content-type: text/html
x-goog-hash: crc32c=4YnpCQ== md5=WY1oXGP2iq76H3xHToMyfA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
server: UploadServer
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-nyt-gcs-bucket: nyt-ads-static-assets
log-timing: fetch=92066,misspass=101,do_stream=0
log-origin: shield=BWI,ip=157.52.99.41,port=443,name=shield_ssl_cache_bwi5141_BWI,status=200,reason=OK,method=GET,url="/ads/tpc-check.html",host=static01.nyt.com
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:52 GMT
age: 111516
x-served-by: cache-bwi5141-BWI, cache-hhn4065-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 4247
x-timer: S1613749073.891054,VS0,VE0
vary: Accept-Encoding
content-length: 550

GET
H3-Q050 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ 289 KB
101 KB 79ms
47ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:53 GMT

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 35ms
20ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 489
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Fri, 19 Feb 2021 16:19:44 GMT

GET
H3-Q050 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame D974 25 KB
9 KB 91ms
84ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=448263

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58c5e2152458b91fe4f71e6b7e3ab0cd6a51c8b5f371142d35c19c6ead4db7df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ij7u1uibbjtfSImuWzVrBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-ij7u1uibbjtfSImuWzVrBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=448263
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Feb 2021 15:37:53 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-ij7u1uibbjtfSImuWzVrBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-ij7u1uibbjtfSImuWzVrBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=209=bJJDfA8eWlU29cThPmYuSOiQGNlm8-DU3Ig5JczGq9Ms-DjrKfBCKDrgfXrFYSKI7xG50jmX2bwMVxJze8iwHgTPJ3AbF-P7DHYngIsJjWMQSPsPTA8L88mTvAzftngpoXRPIVKBTcYXkqvF83JZSZIORh1vsRdmtLtbpIxZ_IE; expires=Sat, 21-Aug-2021 15:37:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 27ms
21ms Other
image/svg+xml 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 891
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 19 Feb 2021 16:13:02 GMT

GET
H3-Q050 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 18 B
460 B 66ms
66ms Fetch
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

493a22bd0e5be52d106634cdd77c8766dbdf286ddf9ce49e25d3d78b7e199745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame F7C9 393 B
700 B 25ms
24ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

6f167cb6a23603c58b22190cae0ed1c5ca974e93e2667b7c91a366ac5d70c3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/prefetch-assets
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: nyt-a=mQTUPznf9Ym7KKQt4WQnLy; datadome=T1~nWC8k12kygWr3PwPmN7.i5hZoqiZdfde4VD6QXiNqixvj2PUFmDY.ZOwWKPjI~FIOykCCA4Vym7NE0RWzSVKHcgR2Rnqh~RXKj8cACI; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 26945417977667913
x-datadog-parent-id: 26945417977667913
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=600
x-nyt-backend: lire-ui
etag: W/"189-42nzkIoA6D/Ep0GuSRxV/eFLo7c"
content-encoding: gzip
x-cloud-trace-context: b5261f20d03a2c43fc535fde023bb444
server: Google Frontend
x-datadome-timer: (null),VE134
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:53 GMT
via: 1.1 varnish
age: 140
x-served-by: cache-hhn4065-HHN
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
x-api-version: F-X
content-length: 277

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-a47a248269faa38b0f57.js Show response
www.nytimes.com/vi-assets/static-assets/ 72 KB
15 KB 23ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-a47a248269faa38b0f57.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2d29106c3d6b58c448175af85eaa07d3aee552b75477486e172781f55192032e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
log-origin: ip=142.250.186.80,port=443,name=F_gcs_origin,status=200,reason=OK,method=GET,url="/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-a47a248269faa38b0f57.js",host=vi-assets.storage.googleapis.com,shield=HHN
age: 1206732
x-guploader-uploadid: ABg5-Uw-dc8akab9jxdLYL3jHZnHenHqldeKjeTxLEUkA-SgNsBhHS6I0se_3ClakTb5i8bnJM1NPKq3TA9JusQXzWA
log-timing: fetch=226428,misspass=127,do_stream=0
x-goog-stored-content-encoding: identity
x-origin-time: 2021-02-05 16:25:40 UTC
x-served-by: cache-hhn4065-HHN
x-timer: S1613749073.264630,VS0,VE1
etag: "f0751ba55484b1c0325228461f8f8a73"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-a47a248269faa38b0f57.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 60595
date: Fri, 19 Feb 2021 15:37:53 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14051
last-modified: Fri, 05 Feb 2021 16:10:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=KDRDtg==, md5=8HUbpVSEscAyUihGH4+Kcw==
x-goog-generation: 1612541440523153
expires: Sat, 05 Feb 2022 16:25:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 73382
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-1a7a78026455f28ff28c.js Show response
www.nytimes.com/vi-assets/static-assets/ 19 KB
6 KB 24ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-1a7a78026455f28ff28c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9ebeea3224f651116fec1192e58a149d2ef61f26585758a306eea533149b89c1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
log-origin: ip=108.177.15.128,port=443,name=F_gcs_origin,status=200,reason=OK,method=GET,url="/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-1a7a78026455f28ff28c.js",host=vi-assets.storage.googleapis.com,shield=HHN
age: 1206732
x-guploader-uploadid: ABg5-UyZ7egYcjNj_-9ZwlLRiiqP0a35hllZDbQwTj7AiwQHvMPxosEKa6ThK1DuarQAVmA4N1yvDmltsGiRy2_UBGUjPY4jxw
log-timing: fetch=252434,misspass=151,do_stream=0
x-goog-stored-content-encoding: identity
x-origin-time: 2021-02-05 16:25:40 UTC
x-served-by: cache-hhn4065-HHN
x-timer: S1613749073.264614,VS0,VE1
etag: "3579973c6dabbe03ac5d066d643310d0"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-1a7a78026455f28ff28c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 60062
date: Fri, 19 Feb 2021 15:37:53 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 4599
last-modified: Fri, 05 Feb 2021 16:10:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=T049UA==, md5=NXmXPG2rvgOsXQZtZDMQ0A==
x-goog-generation: 1612541440464790
expires: Sat, 05 Feb 2022 16:25:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 19390
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-85026452ba21708e746d.js Show response
www.nytimes.com/vi-assets/static-assets/ 30 KB
7 KB 23ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-85026452ba21708e746d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c39db602f321b15b3b20f87598e55891ee5949843c4c7b8e64ff1e8684e52bf1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
log-origin: ip=216.58.208.112,port=443,name=F_gcs_origin,status=200,reason=OK,method=GET,url="/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-85026452ba21708e746d.js",host=vi-assets.storage.googleapis.com,shield=HHN
age: 3102608
x-guploader-uploadid: ABg5-Uxx1v6fjSOCeUtozwFvnReDuH5wpRyrZff-mQzpMeoyJ7JtX43xP7PtOsnCSSSQTjV_7s5dY5fE8LMMaKL-4-aSPzGkDA
log-timing: fetch=249434,misspass=155,do_stream=0
x-goog-stored-content-encoding: identity
x-origin-time: 2021-01-14 17:47:45 UTC
x-served-by: cache-hhn4065-HHN
x-timer: S1613749073.264598,VS0,VE1
etag: "58b412cfc88efc2be7fb84c56c59250c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-85026452ba21708e746d.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 85722
date: Fri, 19 Feb 2021 15:37:53 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 6185
last-modified: Thu, 14 Jan 2021 17:39:36 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=jNajtQ==, md5=WLQSz8iO/Cvn+4TFbFklDA==
x-goog-generation: 1610645976063965
expires: Fri, 14 Jan 2022 17:47:45 GMT
x-gdpr: 1
x-goog-stored-content-length: 30552
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 114ms
114ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 137 KB
22 KB 21ms
6ms Script
text/javascript 2600:9000:206f:4000:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:4000:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

3d86a68e9699f65ab603822f4d3af6e6382f96dd56ff160f1d705dad7369f335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:42:48 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3305
x-cache: Hit from cloudfront
content-length: 22496
access-control-allow-origin: *
last-modified: Thu, 18 Feb 2021 17:33:16 GMT
server: Apache
etag: "222bc-5bb9fbb123088-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: J32b2SlxDH1mz2oVb9Vs9-jTVE05HiqnFKatcriJCtx06Kkkh7lm7g==
expires: Fri, 19 Feb 2021 15:42:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
803 B 60ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 28ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 445 B
693 B 210ms
209ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2434688159741492&correlator=3353089937758274&output=ldjh&impl=fif&eid=21068773%2C21068891%2C31060075%2C31060111%2C21068863%2C44734254%2C21065724&vrg=2021021101&ptt=17&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210219&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D738&cust_params=cookie%3Dunknown%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1613748364476%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26org%3Deresearchtechnologyincert%252Ciqviainc%252Castrazenecaplc%252Cbristolmyerssquibbcompany%26des%3Dclinicaltrials%252Ccyberattacksandhackers%252Cextortionandblackmail%252Cdrugspharmaceuticals%252Ccoronavirus2019ncov%252Cvaccinationandimmunization%252Cresearch%26auth%3Dnicoleperlroth%26coll%3Dtechnology%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000007374929%26pt%3Dnt1%252Cnt12%252Cnt14%252Cnt15%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt9%252Cpt11%252Cpt17%252Cpt19%252Cpt20%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_ibm%252Cneg_mtb%252Cneg_mastercard%252Cneg_chanel%252Cneg_rms%252Cneg_bp%252Cneg_virus%252Cneg_cme%252Cneg_cathay%252Cneg_orep%252Cneg_msft%252Cneg_mktg_safe_q4_2019%252Cgs_tech_computing%252Cgs_covid19%252Cneg_hearts%252Cgs_tech%252Cgs_business%252Cgv_death_injury%252Cgv_crime%252Cgs_politics%252Cgv_download%252Cgs_politics_misc%252Cgs_science_misc%252Cgs_t%26tt%3D79%252C37%252C47%252C94%26mt%3DMT10%26abra_dfp%3Ddfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_mt_1_mt%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%252Cdfp_1p_ver_1_bk%252Cdfp_mwtest_2_vendorb%252Cdfp_1p2_2_fp%252Cdfp_blockdetect_1220_1_detection%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_intl_pricing_low_conv_0_control%252Cmkt_dfp_ods_2_test%252Cdfp_covid_msg_0121_0_control%26page_view_id%3D8_MQROHOt3UyH3Ac5K-cHZeE%26sov%3D1%26uap%3Dbrowser%26aid%3DmQTUPznf9Ym7KKQt4WQnLy%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1613748364&dt=1613749073352&dlt=1613749072601&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=131&adks=1108970029&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=1201038197.1613749073&ga_sid=1613749073&ga_hid=1262060776&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ade60548001d6c388e8b8337a5c2ede58613b4c86d3094f02437c48cabd791b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3baf36b578747b42ba382db420d1445d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 54ms
38ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3baf36b578747b42ba382db420d1445d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ Frame D974 19 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448263

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 489
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Fri, 19 Feb 2021 16:19:44 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/am=AgE/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=A... Frame D974 142 KB
50 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/am=AgE/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=ABXTjI7gN2HgYRVqsmxI3rY0yrShD21qoA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448263

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9811bb3793faeae8fff706e65bb460a857b474fe4723bc99dfce0c4c14640aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:55:16 GMT
server: sffe
age: 24209
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
expires: Sat, 19 Feb 2022 08:54:24 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame F7C9 2 KB
1 KB 22ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: gzip
x-api-version: F-X
age: 443
x-cache: HIT
x-cache-hits: 9
content-length: 1252
x-served-by: cache-hhn4065-HHN
server: Google Frontend
etag: "A41Cog"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 3e816cb81c019209b415d7c14f765c66
cache-control: public, max-age=600
x-datadome-timer: (null),VE196
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Fri, 19 Feb 2021 11:50:08 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame F7C9 393 KB
133 KB 22ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=5a879b0
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 60bda63e0cee9bb6d6581fa33e60ae60a23177f78b8bf2a168e0f03c176e6cd4

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:53 GMT
content-encoding: gzip
x-api-version: F-X
age: 233
x-cache: HIT
x-cache-hits: 5
content-length: 135417
x-served-by: cache-hhn4065-HHN
server: Google Frontend
etag: "A41Cog"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: d9a5e5b1d1bc2701327d4a218c669a9d
cache-control: public, max-age=600
x-datadome-timer: (null),VE157
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Fri, 19 Feb 2021 07:53:12 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 21ms
20ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-9321163
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:54 GMT
age: 1
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: BE
x-nyt-region: VOV
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 85870c5b0f138e8e
samizdat-x-instance: 238f9700
samizdat-x-canary: false
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1613749074.062903,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 533 B
1 KB 225ms
184ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&pageviewID=8_MQROHOt3UyH3Ac5K-cHZeE
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 35ef211bca2b1ba2dfdf1727ca45b80373165eb45c370b8ad9b77e929fd7e24b

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:54 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 533

GET
H2 200 comments-c75744b73bf5eaaa7872.js Show response
www.nytimes.com/vi-assets/static-assets/ 49 KB
16 KB 22ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-c75744b73bf5eaaa7872.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

518e90a118d15076c44b8d796d91900e99ade92ed90b114ba27e4430f9b6b8ab

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
log-origin: ip=142.250.185.208,port=443,name=F_gcs_origin,status=200,reason=OK,method=GET,url="/static-assets/comments-c75744b73bf5eaaa7872.js",host=vi-assets.storage.googleapis.com,shield=HHN
age: 694014
x-guploader-uploadid: ABg5-UwMVNbG7qOq4nATpdRbrnMxSAFDt2f13vc1EenzkI5HRYIetlhJLoBMSsDc5LMa1gKuimMTL5FBH27KaoSEzOw
log-timing: fetch=276577,misspass=130,do_stream=0
x-goog-stored-content-encoding: identity
x-origin-time: 2021-02-11 14:50:59 UTC
x-served-by: cache-hhn4065-HHN
x-timer: S1613749074.048267,VS0,VE1
etag: "7adfc75b919233c84fb58d10b094dda5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/comments-c75744b73bf5eaaa7872.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 32487
date: Fri, 19 Feb 2021 15:37:54 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14835
last-modified: Thu, 11 Feb 2021 14:08:41 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=xEesJg==, md5=et/HW5GSM8hPtY0QsJTdpQ==
x-goog-generation: 1613052521311229
expires: Fri, 11 Feb 2022 14:50:59 GMT
x-gdpr: 1
x-goog-stored-content-length: 50597
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
647 B 124ms
123ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

accept: */*
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 19 Feb 2021 15:37:54 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
samizdat-x-instance: 222b31b6
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 0c8bbf77d8da572a
content-length: 77
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: VOV
server: samizdat-graphql-9321163
x-timer: S1613749074.082177,VS0,VE103
x-nyt-continent: EU
x-served-by: cache-hhn4065-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: BE
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 21ms
21ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-9321163
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:54 GMT
age: 1
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: BE
x-nyt-region: VOV
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: be80e0b18d2ed436
samizdat-x-instance: 238f9700
samizdat-x-canary: false
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 2
x-timer: S1613749074.131593,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 189ms
189ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash: 6b3ea3f0eb43a263f8be943c41f6f13e86437d8dd4b9d7ab1e84711ae31d5f01

Request headers

accept: */*
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 19 Feb 2021 15:37:54 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-cache: MISS
samizdat-x-instance: 4111ea69
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 746896fb74e6e0f9
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: VOV
last-modified: Fri, 19 Feb 2021 15:37:54 GMT
server: samizdat-graphql-9321163
x-timer: S1613749074.150961,VS0,VE169
x-nyt-continent: EU
x-served-by: cache-hhn4065-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: BE
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 requestHandler Show response
www.nytimes.com/svc/community/V3/ 3 KB
3 KB 133ms
132ms Script
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&cmd=GetCommentSummary&method=get&callback=jsonp_1613749074147_68324

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-1fbf6ee945ef632568df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fff1f7832ebca8f1cfa01ea46441ac7bb08ca5ab2407b8b3f7579cbd098b53ec

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:54 GMT
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 0
x-cache: MISS
x-origin-time: 2021-02-19 15:37:54 UTC
x-served-by: cache-hhn4065-HHN
server: nginx
x-timer: S1613749074.158035,VS0,VE112
strict-transport-security: max-age=63072000; preload
onion-location: https://www.nytimes3xbfgragh.onion/svc/community/V3/requestHandler?callback=<esi:include%20src="/esi/jsonp-callback"/>&cmd=GetCommentSummary&method=get&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html
content-type: application/json
x-gdpr: 1
access-control-allow-credentials: true
x-nyt-route: community-svc-cacheable
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache-hits: 0

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 138ms
117ms Fetch
text/html 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:54 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: bcb528072f8b4d71a6c07543f3f57081
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Feb 2021 15:37:54 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 250ms
228ms XHR
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&jkcb=1613749074151
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 912c1f2451bbdce3cd215eea109f32f503add3071970299876fda9f7d2dbb6e0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:54 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 636c9dff40aa549d696872d61bbfeeda
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 1071
expires: Fri, 19 Feb 2021 15:37:54 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
495 B 64ms
63ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2434688159741492&correlator=3353089937758274&output=ldjh&impl=fif&eid=21068773%2C21068891%2C31060075%2C31060111%2C21068863%2C44734254%2C21065724&vrg=2021021101&ptt=17&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210219&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1467&cust_params=cookie%3Dfalse%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1613748364476%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26org%3Deresearchtechnologyincert%252Ciqviainc%252Castrazenecaplc%252Cbristolmyerssquibbcompany%26des%3Dclinicaltrials%252Ccyberattacksandhackers%252Cextortionandblackmail%252Cdrugspharmaceuticals%252Ccoronavirus2019ncov%252Cvaccinationandimmunization%252Cresearch%26auth%3Dnicoleperlroth%26coll%3Dtechnology%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000007374929%26pt%3Dnt1%252Cnt12%252Cnt14%252Cnt15%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt9%252Cpt11%252Cpt17%252Cpt19%252Cpt20%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_ibm%252Cneg_mtb%252Cneg_mastercard%252Cneg_chanel%252Cneg_rms%252Cneg_bp%252Cneg_virus%252Cneg_cme%252Cneg_cathay%252Cneg_orep%252Cneg_msft%252Cneg_mktg_safe_q4_2019%252Cgs_tech_computing%252Cgs_covid19%252Cneg_hearts%252Cgs_tech%252Cgs_business%252Cgv_death_injury%252Cgv_crime%252Cgs_politics%252Cgv_download%252Cgs_politics_misc%252Cgs_science_misc%252Cgs_t%26tt%3D79%252C37%252C47%252C94%26mt%3DMT10%26abra_dfp%3Ddfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_mt_1_mt%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%252Cdfp_1p_ver_1_bk%252Cdfp_mwtest_2_vendorb%252Cdfp_1p2_2_fp%252Cdfp_blockdetect_1220_1_detection%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_intl_pricing_low_conv_0_control%252Cmkt_dfp_ods_2_test%252Cdfp_covid_msg_0121_0_control%26page_view_id%3D8_MQROHOt3UyH3Ac5K-cHZeE%26sov%3D1%26uap%3Dbrowser%26aid%3DmQTUPznf9Ym7KKQt4WQnLy%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1613748364&dt=1613749074520&dlt=1613749072601&idt=723&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1076286299&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=150x66&msz=0x0&ga_vid=1201038197.1613749073&ga_sid=1613749073&ga_hid=1262060776&fws=132&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

96395e7bc85879e621cfd0082eab5e7cdfd2c832b0ee4b18809db60cf9a8e5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
111ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame D974 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:26:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 357088
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14576
x-xss-protection: 0
expires: Tue, 15 Feb 2022 12:26:26 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 210 B
543 B 27ms
14ms XHR
application/json 2600:9000:206f:4000:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: 103fc7d8d1fd88eefb69294cc7e65454db8782bd2e1fbc0c0cb52619d9437f5e

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:54 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 210
x-amz-cf-id: jKbaQRhAeB_tOgyTvtCJRuUSu2G7-3bEgpajJSKT3smOC-rA76Ml3w==
expires: 0

GET
H3-Q050 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L... Frame D974 36 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/am=AgE/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=ABXTjI7gN2HgYRVqsmxI3rY0yrShD21qoA/m=_b,_tp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794f3afe9b857c01200bcc9cde71f032fa5270058b5419a583549a7591e1e9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:55:16 GMT
server: sffe
age: 69995
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13460
x-xss-protection: 0
expires: Fri, 18 Feb 2022 20:11:19 GMT

GET
H3-Q050 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L... Frame D974 97 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L.B1.O/am=AgE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI65kvkQkoklXxruIDGDkhhd3G3o_g/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9388eb23c6d81273b11833e4e27ced5b5437a8c36885236b321d967b0091abdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:55:16 GMT
server: sffe
age: 69995
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33471
x-xss-protection: 0
expires: Fri, 18 Feb 2022 20:11:19 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 25 KB
5 KB 367ms
364ms Fetch
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=1&mr=0&ma=1&counted=true&granted=true&us=anon&context-type=&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ae5fc82db8632f5cc1a2717f6ac422e8771a08efe61634a00e630869e9c0bd62

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4065-HHN
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_anon_new-journey-rollout-MKT_anon_subscribe_dock","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1613749075.903163,VS0,VE340
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, x-nyt-ipsegments-edu-b2b, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 4ca98079933c845650719825df72c5a5
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6637
date: Fri, 19 Feb 2021 13:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 15:47:17 GMT

GET
H3-Q050

200

activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnL... Show response
5290727.fls.doubleclick.net/ Frame 7A63
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQ...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u...

736 B
948 B

100ms
69ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

038345472a9a6fff45f7420441f5058da6efd92e262e10a5dd410942611d9c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_QtOfxbb2tSfe3TLmA5pabi-fSLI3gqpVedCYQE-gX7lEMxu16EUWv-ULowM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Feb 2021 15:37:55 GMT
expires: Fri, 19 Feb 2021 15:37:55 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 466
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Feb 2021 15:37:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 10ms
9ms Script
application/x-javascript 2600:9000:2182:f800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 18:09:42 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:03:13 GMT
server: nginx
age: 77292
etag: W/"60121b61-8e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: zxAvx0HexSI42OzA7csI804PPiXOxWQBV4yClq3uVbQvWiKMsmZ_iw==
expires: Fri, 19 Feb 2021 18:09:42 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
668 B 22ms
20ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Fri, 19 Feb 2021 15:37:54 GMT
content-encoding: gzip
age: 52210
x-guploader-uploadid: ABg5-UwpP2QQiRZ4mhzZ1WDzSXZgXi33g7tLM6ErmPRjeL-mN82b9L8HaVdknnICFnQ4d5J0zL1aHvXKtqaKr_nu5ukiITF2yA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Fri, 29 Jan 2021 01:07:11 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1613749075.990463,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 2017

POST
H2 200 track
a.et.nytimes.com/ 0
0 123ms
123ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1262060776&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&dr=&ul=en-us&de=UTF-8&dt=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=559622510&gjid=1619609871&cid=1201038197.1613749073&tid=UA-58630905-2&_gid=1105649815.1613749075&_r=1&gtm=2wg2a1P528B3&cg1=technology&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&cd3=&cd4=Technology&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000007374929&cd18=Nicole%20Perlroth&cd19=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm&cd20=&cd21=Article&cd23=Technology&cd26=2020&cd27=2020-10-03-16&cd28=Saturday&cd29=16&cd30=1601990643753&cd32=Technology&cd33=SECTION&cd34=NEWS&cd36=03erthack&cd37=756&cd38=Business&cd42=nyt-vi&cd43=Clinical%20Trials%2CCyberattacks%20and%20Hackers%2CExtortion%20and%20Blackmail%2CDrugs%20(Pharmaceuticals)%2CCoronavirus%20(2019-nCoV)%2CVaccination%20and%20Immunization%2CResearch&cd44=eResearchTechnology%20Inc%20(ERT)%2CIQVIA%20Inc%2CAstraZeneca%20PLC%2CBristol%20Myers%20Squibb%20Company&cd48=October&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=mQTUPznf9Ym7KKQt4WQnLy&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd149=0&cd150=0&cd162=&cd163=&cd164=mQTUPznf9Ym7KKQt4WQnLy&z=1540305810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
169 B 309ms
102ms Image
image/gif 3.233.251.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&u=B5E4OPFvomdBLHkXv&d=nytimes.com&g=16698&g0=technology%2Cbusiness_desk&g1=Nicole%20Perlroth&n=1&f=00001&c=0&x=0&m=0&y=4927&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2524&t=9EvdBBiAhoeCZLP_lC80DZmCxVfnU&V=122&i=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm&tz=-60&_acct=anon&sn=1&sv=T_8mqBAzwcWBKO3uCxE0N2D5MwZD&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.251.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-251-228.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H3-Q050 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame D974 224 B
291 B 68ms
68ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-4791362557083925935&bl=boq_subscribewithgoogleclientserver_20210217.11_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=59876&rt=c

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

302f91d26205218998da490cd5927d93dc56116e99a26eb61ab2703b24ebce61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 34ms
34ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-58630905-2&cid=1201038197.1613749073&jid=559622510&gjid=1619609871&_gid=1105649815.1613749075&_u=YAhAAEAAAAAAAC~&z=409846963

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 15:37:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L... Frame D974 41 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L.B1.O/am=AgE/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI65kvkQkoklXxruIDGDkhhd3G3o_g/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d30d70717575fab2418235f12131324843cf26065e2c0e172bb8905df1f6ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:55:16 GMT
server: sffe
age: 69996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15946
x-xss-protection: 0
expires: Fri, 18 Feb 2022 20:11:19 GMT

GET
H3-Q050 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L... Frame D974 236 B
188 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L.B1.O/am=AgE/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI65kvkQkoklXxruIDGDkhhd3G3o_g/m=lwddkf

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:55:16 GMT
server: sffe
age: 69996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 18 Feb 2022 20:11:19 GMT

GET
H3-Q050 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L... Frame D974 6 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Q6R_6GrxWL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.rF0lsz_Cd5o.L.B1.O/am=AgE/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,lwddkf,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI65kvkQkoklXxruIDGDkhhd3G3o_g/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

386eaa455ce7bb99fbd80e5f2bbc723c8aacb14d155f2650f5784ae77c60c8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 00:55:16 GMT
server: sffe
age: 69996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2382
x-xss-protection: 0
expires: Fri, 18 Feb 2022 20:11:19 GMT

POST
H2 200 log Show response
play.google.com/ Frame D974 131 B
860 B 60ms
41ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-58630905-2&cid=1201038197.1613749073&jid=559622510&_u=YAhAAEAAAAAAAC~&z=1965773339

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-58630905-2&cid=1201038197.1613749073&jid=559622510&_u=YAhAAEAAAAAAAC~&z=1965773339

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
37ms Other
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Feb 2021 15:37:55 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 15:37:55 GMT
cache-control: private

POST
H3-Q050 200 log Show response
play.google.com/ Frame D974 131 B
615 B 76ms
43ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:55 GMT

POST
H3-Q050 200 log Show response
play.google.com/ Frame D974 131 B
223 B 76ms
43ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:55 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Other
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Feb 2021 15:37:55 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 15:37:55 GMT
cache-control: private

POST
H3-Q050 200 log Show response
play.google.com/ Frame D974 131 B
223 B 74ms
44ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:55 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
38ms Other
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Feb 2021 15:37:55 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 15:37:55 GMT
cache-control: private

GET
H3-Q050 200 dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=*;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007...
adservice.google.com/ddm/fls/z/ Frame 7A63 42 B
722 B 85ms
70ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=*;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNn9_OKj9u4CFUlHFQgdBl4GYw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7200255006048;gtm=2wg2a1;auiddc=1437696672.1613749075;u4=;u5=undefined;u6=undefined;u7=mQTUPznf9Ym7KKQt4WQnLy;u8=;u10=;u11=1;u12=100000007374929;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1262060776&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&dr=&ul=en-us&de=UTF-8&dt=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dock&ea=impression&el=gdpr&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1201038197.1613749073&tid=UA-58630905-2&_gid=1105649815.1613749075&gtm=2wg2a1P528B3&cg1=technology&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F10%2F03%2Ftechnology%2Fclinical-trials-ransomware-attack-drugmakers.html&cd3=&cd4=Technology&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000007374929&cd18=Nicole%20Perlroth&cd19=Clinical%20Trials%20Hit%20by%20Ransomware%20Attack%20on%20Health%20Tech%20Firm&cd20=&cd21=Article&cd23=Technology&cd26=2020&cd27=2020-10-03-16&cd28=Saturday&cd29=16&cd30=2020-10-06T13%3A24%3A03.753Z&cd32=Technology&cd33=SECTION&cd34=NEWS&cd36=03erthack&cd37=756&cd38=Business&cd42=nyt-vi&cd43=Clinical%20Trials%2CCyberattacks%20and%20Hackers%2CExtortion%20and%20Blackmail%2CDrugs%20(Pharmaceuticals)%2CCoronavirus%20(2019-nCoV)%2CVaccination%20and%20Immunization%2CResearch&cd44=eResearchTechnology%20Inc%20(ERT)%2CIQVIA%20Inc%2CAstraZeneca%20PLC%2CBristol%20Myers%20Squibb%20Company&cd48=October&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=mQTUPznf9Ym7KKQt4WQnLy&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd149=0&cd150=0&cd162=&cd163=&cd164=mQTUPznf9Ym7KKQt4WQnLy&z=766660640

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71790
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 26ms
26ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-9321163
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Feb 2021 15:37:55 GMT
age: 8466
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: BE
x-nyt-region: VOV
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: a7b2bb09eebce8d6
samizdat-x-instance: 1641f019
samizdat-x-canary: false
x-served-by: cache-hhn4042-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1613749075.446294,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 103 B
594 B 23ms
23ms Fetch
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: static01.nyt.com
URL: https://static01.nyt.com/newsgraphics/2021/01/21/yct-email-signup/0847bd120c305be27ee02387678ef2c7f50e3069/build.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-9321163 /
Resource Hash: a0baee038469a9287214bfbd384e72cb4931ce348fd7a3c1d5455779f4541753

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
Content-Type: text/plain;charset=UTF-8

Response headers

x-samizdat-query-sup-code
date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 21
x-cache: HIT
samizdat-x-instance: 1641f019
x-samizdat-query-field-errors: 0
x-cache-hits: 1
x-samizdat-query-exe-id: b6b0dda44e3e1aaa
content-length: 104
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: VOV
server: samizdat-graphql-9321163
x-timer: S1613749075.466206,VS0,VE0
x-nyt-continent: EU
x-served-by: cache-hhn4065-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: BE
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 geoip Show response
www.nytimes.com/svc/int/functions/ 250 B
1 KB 237ms
237ms Fetch
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/int/functions/geoip

Requested by

Host: static01.nyt.com
URL: https://static01.nyt.com/newsgraphics/2021/01/21/yct-email-signup/0847bd120c305be27ee02387678ef2c7f50e3069/build.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

bd062e84310d1375c0b93d345460fe5d285734781a546d402008e911588de9f8

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
x-cache: MISS
x-origin-time: 2021-02-19 15:37:55 UTC
x-served-by: cache-hhn4065-HHN
server: Google Frontend
cache-control: private
x-timer: S1613749075.442614,VS0,VE214
etag: W/"fa-7SCrP9BTreYSF4QhKTEujJZ/iA4"
strict-transport-security: max-age=63072000; preload
onion-location: https://www.nytimes3xbfgragh.onion/svc/int/functions/geoip
content-type: application/json; charset=utf-8
access-control-allow-origin: www.nytimes.com
x-cloud-trace-context: 352d9a64726bd1cd74a52899364e3453
x-gdpr: 1
x-nyt-route: newsdev-cloud-functions
function-execution-id: h6nja6tf021e
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 21ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c5b1e88334926b7c48f1a14718a3ff5212528f32152bb4928f5d29ef35b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6328
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 32ms
16ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b5290275ae03ffe8f85001573f640cc30af63c077d53880fbf9b7d86ad7aad

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 86
x-amz-request-id: ABC30E300513A67D
x-amz-id-2: J4LNMNSm8TXYNOJxCt2hDmX/97WA3qEjdDSPkjQHyNrFzLoTtOA6muaNltJVYpv2xQ6nx2A40WY=
last-modified: Tue, 16 Feb 2021 19:21:26 GMT
server: cloudflare
etag: W/"7155d152c68566a87491378541ba1afa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cojtTMlCWOL1YYDTSa%2B6igw4HYU9gKDHUPg%2FBhYs6E7wSwRX%2BZs6BdKby6ikRKNUm1ix1q9fZ4cimPjRTnsJZ6AkCZD7kM37vweYPZUzcyfN%2FaaQDhO9yB8m13c7W1emZHCV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-request-id: 085c89d5fc00004a974815f000000001
cf-ray: 624112699afe4a97-FRA

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Feb 2021 15:37:55 GMT

GET
H2 200 sdk-prod-3a80ede771aa7ec0962f.js Show response
platform.iteratehq.com/ 868 KB
235 KB 33ms
33ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-3a80ede771aa7ec0962f.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9055e95ef8559f40f25cb8de9cd78c0f34b47914193e3b5e58454007408712f3

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 245737
x-amz-request-id: 57C96A6C42196B1A
x-amz-id-2: bgVOXM8Dyykn7fb9TGLE0tBiSJYDYGQ9XMo/BA+kdSgGPjbmpnPuNzly1y9blFRHz4+2erqpuZo=
last-modified: Tue, 16 Feb 2021 19:21:20 GMT
server: cloudflare
etag: W/"5d11bc98f7f5e9c15de0e53ba58a041c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DyoUnpuF%2BKt9tWLLOuW9skvVaArKThG7Xb39%2B7F6KIZvfY8gEje%2F18AT5%2BTuFuRs12O4mCLk3F9wzcnxTnDfDVgCvPBkU5Sn5gV2jv8aLxi%2FsYrlWABaIq9nQR7WkXZyEQNV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 085c89d60e00004a970f173000000001
cf-ray: 62411269bb314a97-FRA

GET
H2 200 style-2e2ffd8d2ae67811c039.css
platform.iteratehq.com/ 145 KB
11 KB 14ms
14ms Stylesheet
text/css 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-2e2ffd8d2ae67811c039.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62418b81fe09d08a115245b44a2e0c92543ea570e5ecb434d10e2acdf3e3e705

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1206045
x-amz-request-id: 0E921568A4A655DB
x-amz-id-2: VHz3K8deW0MJlNu9dI6v+Cd5zbdibiDfhVdvszIqgzZMAM80T7JxC7FA5QIkOjSwgJ6vLiJeMIc=
last-modified: Fri, 05 Feb 2021 16:35:56 GMT
server: cloudflare
etag: W/"2d882a248ae86604172cfe407d0f7458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jzmPzH5F7Bm%2FrBbw%2FkLGJL9r2wFqV8vUf7MfqNhslP0s53586Hw9uQkrJtLLOrM4XvdbYF69uzzYSbZoA5wvHdmlr2onZa8m1yf1ta5x3b7vqLSAL3atKkJjqVQCWgoDwQMV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-request-id: 085c89d60e00004a97003e5000000001
cf-ray: 62411269bb324a97-FRA

GET
H2 200 imperial-italic-400.8e3dae6216687021f9ac60be5482cc72.woff2
g1.nyt.com/fonts/family/imperial/ 29 KB
29 KB 22ms
22ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-italic-400.8e3dae6216687021f9ac60be5482cc72.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 82748f56a0c57745a3e16d48cf465f932d07fef9fb08eb8cb5de70fef98a1cc1

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=pMZlFg==, md5=jj2uYhZocCH5rGC+VILMcg==
date: Fri, 19 Feb 2021 15:37:55 GMT
via: 1.1 varnish
age: 3152828
x-guploader-uploadid: ABg5-UzACvOjGsqXA2JvQNAisUMvimXmGllMPcv2zJevR2MuYhEoVuHSR5I4pZf5-lWOmK4PFNjnlvYKL53Om0G9JQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29576
x-served-by: cache-hhn4026-HHN
accept-ranges: bytes
expires: Fri, 14 Jan 2022 03:50:46 GMT
last-modified: Mon, 16 Nov 2020 16:08:42 GMT
server: UploadServer
x-timer: S1613749076.510425,VS0,VE0
etag: "8e3dae6216687021f9ac60be5482cc72"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542922264820
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29576
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 8089

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3710 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Feb 2021 14:32:05 GMT
expires: Sat, 19 Feb 2022 14:32:05 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3950
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 3710 14 KB
7 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 114235
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:54:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
549 B 110ms
110ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-3a80ede771aa7ec0962f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b4a9374a9009878b6846cb4d6197c142268c9a9105c00c5bd297f7d3de3c4f1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IpSL36MHOzy%2BG2A8FYikHrFcaousUoDku8FSO9SXO3wFnI5cbx%2FLzquPaeeAdFccBZ8%2FNmxdVlthJf0EoSCM47FVaR4avfKKdyi5JcvCbMSbTJbWZfBMDls%2B"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 6241126b685a4e56-FRA
cf-request-id: 085c89d72400004e56de2b2000000001

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 122ms
106ms Other 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Feb 2021 15:37:55 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
cf-request-id: 085c89d6b800004e56bda14000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BhJyYA33szJNv0CJ2UN1Tp720N4Mdpnv6jgX%2FbGDEdTyx7IAc0JLU6pfnk9HWcajJR6pD8%2FEsudr0LtvaNPkx5wDCUtS0cUkHNUM8zNkSZi6pZ8q8on2LdWi"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6241126abf3f4e56-FRA

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=2434688159741492&bg=!DQ6lDk3NAAXRs2QT0TsAKQB2-Dxa0XZ6CapN2jdae1gnOOAwCw7clEcVpJunbeyHvvWjuj3O7H4VAgAAAGRSAAAAEWgBBwoAcquHRVJyGH_6vpsQNodRtwga3GXbpo7lLbFPhyWxzWN86weEEWl9I59v2B2C9cacgMNtxkO2fLzhoUc1kc4XO1TiAH-8p5ZLpADMri7b8UZNLXUEmrH7KVtoXuJYNQ_jHOWBM9da6GfYs7lyf8S0X4_DOZkBzkjMgXF-yv4MouU9wY8GNR1oveIw3juE94i5q9KBJbVvpZno_LercZnYkPoShJ4zWp2LdwA3QzxvW38MsJ2BPb4td-Ucwd6iwyLRuU8MdspROQ05VmZOHH_In39imevnmKnsC-Tb2vKxYRYoaeRvMNHP8eYIgfzt_kpj5zem9-6ivMwGbiXluq34DVyiTWQtps9uFURbT6wP27pN6EHKkcIbNzeBotof-GAhrGdfIE5eSpt6NubiMU-QcVXVsa-x3eqpSJ36OGN1Q1EGUFNeyT2ikFLCoMfVx5iP1057v1p7Cgs9UQlL3UT3UzHIxU-gvYoXcAI1x4ESk14d4UZJ6aKreRdz0QDi1JDLNHJaRMPQjcZmkiGMSTyhwA8qpzkeXa3NeKv-4A8lFlCGZuOgV5TSeEBcbbaVieoQBOERrqT2dyuY1-oeocM9h5CJn4Pc2l-cHwzooQ1TGhGBQPvmXOvesB6j8KaSg8Hi9Hwwft_uECHl9-eq01LpNCNf8-iu4itNzwGocGHy-XYaQg5dQCIOlxSOyjjTg19j-ZauMxUgXyBhnoSahU7J9l1bVl6XsNST1zGDyM5nTOb92NxDodi456g4HE3Jg7rs4rbPqw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:37:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
100ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Other
application/json 2a00:1450:4001:803::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nytimes.com/	1970-01-20 01:44:37	Name: _cb Value: B5E4OPFvomdBLHkXv
www.nytimes.com/	1970-01-20 01:44:37	Name: _cb_ls Value: 1
.google.com/	1970-01-19 20:39:20	Name: NID Value: 209=ZyVEEFW4BR7S_rlyKD2Jd4pI6MW73O_nq39FiAf7QXl7AXei_qlf9DzDiI7G7PXBuwtfOwoTPUjJHZ8sG5EU5UYmOqh7CGcgx1TteW1s15TB9iOkMygPz-OZ8AvlgJ1PlieTHXCSMz6afL1LDruB4IwW_F4RGkKfqAvHB9RgyOo
.nytimes.com/	1970-01-19 16:15:49	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-19 16:17:15	Name: walley_gid Value: GA1.2.1105649815.1613749075
.nytimes.com/	1970-01-19 18:25:25	Name: _gcl_au Value: 1.1.1437696672.1613749075
www.nytimes.com/	1970-01-20 01:44:37	Name: _chartbeat2 Value: .1613749075032.1613749075032.1.T_8mqBAzwcWBKO3uCxE0N2D5MwZD.1
.nytimes.com/	1970-01-20 01:37:25	Name: __gads Value: ID=fbfd5f8d15225eda:T=1613749074:S=ALNI_Mbu0LceKe7YWScJdpjrR_zm4B6zxg
.nytimes.com/	1970-01-20 01:01:25	Name: nyt-jkidd Value: uid=0&lastRequest=1613749074233&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
www.nytimes.com/	1970-01-19 16:15:50	Name: _cb_svref Value: null
.nytimes.com/	1970-01-19 16:16:19	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-19 16:16:19	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-21 12:05:15	Name: nyt-m Value: F46C60C8191866A16B1CBB60AE8E05B0&t=i.1&ft=i.0&ier=i.0&iir=i.0&l=l.1.3992926163&vr=l.4.0.0.0.0&ird=i.0&ira=i.0&s=s.core&rc=i.0&vp=i.0&iub=i.0&ifv=i.0&igd=i.0&imv=i.1&fv=i.0&iru=i.1&n=i.2&er=i.1613749074&igf=i.0&uuid=s.acb4b510-7435-4007-b83f-07709bb125be&v=i.1&cav=i.1&imu=i.1&igu=i.1&iue=i.0&pr=l.4.0.0.0.0&g=i.0&prt=i.0&ica=i.0&iga=i.0&e=i.1614589200
.nytimes.com/	1970-01-20 01:01:25	Name: datadome Value: Xlo42q-H0H82t5ZJqGAAhl~fZaRIL1x3WenvfNEjheeBkqMFxAZS0gfcbmYOg7BgQDEYafskMItvfDSOUUXqC0up8VYDCGnnIZzcwEf~Ql
.nytimes.com/	1970-01-19 16:16:10	Name: nyt-geo Value: BE
.nytimes.com/	1970-01-20 01:01:25	Name: nyt-a Value: mQTUPznf9Ym7KKQt4WQnLy
.nytimes.com/	1970-01-19 16:16:10	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 01:01:25	Name: nyt-purr Value: cfhspnahhud
.nytimes.com/	1970-01-19 16:16:10	Name: nyt-gdpr Value: 1
.doubleclick.net/	1970-01-20 01:37:25	Name: IDE Value: AHWqTUl_QtOfxbb2tSfe3TLmA5pabi-fSLI3gqpVedCYQE-gX7lEMxu16EUWv-ULowM
.nytimes.com/	1970-01-20 09:47:01	Name: walley Value: GA1.2.1201038197.1613749073
.nytimes.com/	1970-01-20 01:45:19	Name: purr-cache Value: <K0<r<C_<G_<S0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 9) Message: Subscriptions Runtime: 0.1.22.146
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js(Line 33) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 9) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 9) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-db361b4e258c1477c6b1.js(Line 51) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3baf36b578747b42ba382db420d1445d.safeframe.googlesyndication.com
5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.be
adservice.google.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
142.250.185.130
142.250.185.134
142.250.186.130
151.101.113.164
2600:9000:206f:4000:a:a8c5:a040:93a1
2600:9000:2182:f800:18:1fcd:34e:d2a1
2606:4700:3032::ac43:c7c7
2a00:1450:4001:802::2001
2a00:1450:4001:802::2008
2a00:1450:4001:803::200e
2a00:1450:4001:803::2013
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9c
3.233.251.228
35.241.35.241
038345472a9a6fff45f7420441f5058da6efd92e262e10a5dd410942611d9c50
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
0ee482d6dfec946d8b5188ffd0e82c93c8917a9cfca405119c6212dcedebf4ea
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
103fc7d8d1fd88eefb69294cc7e65454db8782bd2e1fbc0c0cb52619d9437f5e
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c46eaf9bf3b3711565d4e7e5cf5575489b6f7641e99fb86e124e4aab340101e
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1d30d70717575fab2418235f12131324843cf26065e2c0e172bb8905df1f6ccd
1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a
231e10e3a7505d004cfeffe0ec5f350025726a0818237175700658a4187d161f
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2d29106c3d6b58c448175af85eaa07d3aee552b75477486e172781f55192032e
302f91d26205218998da490cd5927d93dc56116e99a26eb61ab2703b24ebce61
327fda31f2949fe972292514ab920236db393e7f5c65bb84958b0f21b08e3772
35ef211bca2b1ba2dfdf1727ca45b80373165eb45c370b8ad9b77e929fd7e24b
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
386eaa455ce7bb99fbd80e5f2bbc723c8aacb14d155f2650f5784ae77c60c8c5
3d86a68e9699f65ab603822f4d3af6e6382f96dd56ff160f1d705dad7369f335
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
493a22bd0e5be52d106634cdd77c8766dbdf286ddf9ce49e25d3d78b7e199745
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4d41bce1e64d901b708a2f246cad8321f5a4a1053fb2558d255ee91e7b80ce97
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
518e90a118d15076c44b8d796d91900e99ade92ed90b114ba27e4430f9b6b8ab
58c5e2152458b91fe4f71e6b7e3ab0cd6a51c8b5f371142d35c19c6ead4db7df
60bda63e0cee9bb6d6581fa33e60ae60a23177f78b8bf2a168e0f03c176e6cd4
62418b81fe09d08a115245b44a2e0c92543ea570e5ecb434d10e2acdf3e3e705
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
68bf6333489238b526e8e1cf3051b57a824564297d998756b8d81a5835e29d04
6b3ea3f0eb43a263f8be943c41f6f13e86437d8dd4b9d7ab1e84711ae31d5f01
6b4a9374a9009878b6846cb4d6197c142268c9a9105c00c5bd297f7d3de3c4f1
6f167cb6a23603c58b22190cae0ed1c5ca974e93e2667b7c91a366ac5d70c3cc
73b5290275ae03ffe8f85001573f640cc30af63c077d53880fbf9b7d86ad7aad
794f3afe9b857c01200bcc9cde71f032fa5270058b5419a583549a7591e1e9c8
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
82748f56a0c57745a3e16d48cf465f932d07fef9fb08eb8cb5de70fef98a1cc1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
9055e95ef8559f40f25cb8de9cd78c0f34b47914193e3b5e58454007408712f3
912c1f2451bbdce3cd215eea109f32f503add3071970299876fda9f7d2dbb6e0
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
9388eb23c6d81273b11833e4e27ced5b5437a8c36885236b321d967b0091abdd
96395e7bc85879e621cfd0082eab5e7cdfd2c832b0ee4b18809db60cf9a8e5ae
9811bb3793faeae8fff706e65bb460a857b474fe4723bc99dfce0c4c14640aa4
9d79237833fc38d7cc71597e9fb40a31891cbeb23aa24f0f1b994d53e58c75c4
9ebeea3224f651116fec1192e58a149d2ef61f26585758a306eea533149b89c1
a0baee038469a9287214bfbd384e72cb4931ce348fd7a3c1d5455779f4541753
a13d866948dfb0530a96b50183e8de5c973a0d870192ac9ab2a90bbb44d6969b
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
a948a4464f5fd459e65b35799dc65da324e59d9f307e12c51a34471186631d3e
ade60548001d6c388e8b8337a5c2ede58613b4c86d3094f02437c48cabd791b5
ae5fc82db8632f5cc1a2717f6ac422e8771a08efe61634a00e630869e9c0bd62
b3c5b1e88334926b7c48f1a14718a3ff5212528f32152bb4928f5d29ef35b6aa
bd062e84310d1375c0b93d345460fe5d285734781a546d402008e911588de9f8
c39db602f321b15b3b20f87598e55891ee5949843c4c7b8e64ff1e8684e52bf1
c5771f975340b93f43f130617af9a9753ee68d8515ff6666f2b04bf79ec3c518
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e727ef8774d0f91bb65b2dc844a4a9ddaf8a62768a991fe95e9c9f981d4c063a
ee5aa5a0cb24d1cc63d2c31077e8ae10e66c0f428b42c5aa1a47d1b738ede158
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e686c7daf3252970f907dc479e402cae009586a794544b89b140483604c2fd
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fff1f7832ebca8f1cfa01ea46441ac7bb08ca5ab2407b8b3f7579cbd098b53ec

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

114 Requests

99 %HTTPS

73 %IPv6

13 Domains

32 Subdomains

23 IPs

3 Countries

2214 kBTransfer

6613 kBSize

22 Cookies

20 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

99 %
HTTPS

73 %
IPv6

13
Domains

32
Subdomains

23
IPs

3
Countries

2214 kB
Transfer

6613 kB
Size

22
Cookies

114 HTTP transactions
-1 data transactions