urlscan.io logo urlscan.io
SecurityTrails logo

www.nytimes.com Open in urlscan Pro
151.101.113.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xlhz.site/
Effective URL: https://www.nytimes.com/section/us
Submission: On January 26 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 20 domains to perform 111 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.211.213.227 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 151.101.113.164 54113 (FASTLY)
24 151.101.13.164 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 151.101.65.164 54113 (FASTLY)
10 216.58.208.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 50.17.30.163 14618 (AMAZON-AES)
1 143.204.214.104 16509 (AMAZON-02)
1 3 2.16.31.65 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.241.35.241 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 3.120.48.166 16509 (AMAZON-02)
1 2.19.42.73 20940 (AKAMAI-ASN1)
2 4 172.217.16.198 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 104.108.41.26 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.237.17.44 14618 (AMAZON-AES)
2 23.5.109.152 16625 (AKAMAI-AS)
2 34.235.203.209 14618 (AMAZON-AES)
5 2606:4700:303... 13335 (CLOUDFLAR...)
111 30
3    34.211.213.227 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-213-227.us-west-2.compute.amazonaws.com
xlhz.site
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.nytimes.com
24    151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
g1.nyt.com
static01.nyt.com
samizdat-graphql.nytimes.com
cigsvc.nytimes.com
a1.nyt.com
mwcm.nytimes.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:825::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a.et.nytimes.com
purr.nytimes.com
a.nytimes.com
6    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
clients2.google.com
1    151.101.65.164 (United States)

ASN54113 (FASTLY, US)
nytimes.com
10    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
1    2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
payments.google.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
7    50.17.30.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-30-163.compute-1.amazonaws.com
et.nytimes.com
1    143.204.214.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-104.fra53.r.cloudfront.net
js.datadome.co
3    2.16.31.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    35.241.35.241 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com
meter-svc.nytimes.com
3    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    3.120.48.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-48-166.eu-central-1.compute.amazonaws.com
api-js.datadome.co
1    2.19.42.73 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-42-73.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
5290727.fls.doubleclick.net
ad.doubleclick.net
1    2600:9000:2057:8a00:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    104.108.41.26 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-26.deploy.static.akamaitechnologies.com
tags.bkrtx.com
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    34.237.17.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-17-44.compute-1.amazonaws.com
pnytimes.chartbeat.net
2    23.5.109.152 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-109-152.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.235.203.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-203-209.compute-1.amazonaws.com
errors.client.optimizely.com
5    2606:4700:3036::6812:206c (United States)

ASN13335 (CLOUDFLARENET, US)
platform.iteratehq.com
iteratehq.com
Domain Requested by
11 static01.nyt.com www.nytimes.com
10 securepubads.g.doubleclick.net www.nytimes.com
securepubads.g.doubleclick.net
xlhz.site
10 a.et.nytimes.com www.nytimes.com
10 www.nytimes.com xlhz.site
www.nytimes.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
7 et.nytimes.com www.nytimes.com
xlhz.site
7 g1.nyt.com www.nytimes.com
5 news.google.com www.nytimes.com
news.google.com
3 platform.iteratehq.com xlhz.site
platform.iteratehq.com
3 www.google-analytics.com www.googletagmanager.com
www.nytimes.com
3 sb.scorecardresearch.com 1 redirects www.nytimes.com
www.googletagmanager.com
3 xlhz.site 1 redirects xlhz.site
2 iteratehq.com www.nytimes.com
2 errors.client.optimizely.com www.nytimes.com
2 ad.doubleclick.net 1 redirects www.nytimes.com
2 stags.bluekai.com www.nytimes.com
tags.bkrtx.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 a1.nyt.com xlhz.site
www.googletagmanager.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 pay.google.com news.google.com
2 samizdat-graphql.nytimes.com www.nytimes.com
1 pnytimes.chartbeat.net www.nytimes.com
1 mwcm.nytimes.com www.nytimes.com
1 tags.bkrtx.com www.googletagmanager.com
1 static.chartbeat.com xlhz.site
1 tags.bluekai.com www.googletagmanager.com
1 api-js.datadome.co www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 meter-svc.nytimes.com www.nytimes.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 js.datadome.co xlhz.site
1 cigsvc.nytimes.com www.nytimes.com
1 cdn.optimizely.com www.nytimes.com
1 clients2.google.com news.google.com
1 www.gstatic.com www.nytimes.com
1 payments.google.com 1 redirects
1 nytimes.com 1 redirects
1 www.googletagmanager.com www.nytimes.com
1 cdnjs.cloudflare.com xlhz.site
111 41
Subject Issuer Validity Valid
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-04-06		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
a.et.nytimes.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-27 -
2020-08-26		 2 years crt.sh
*.news.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
*.datadome.co
Gandi Standard SSL CA 2		 2019-10-08 -
2021-10-21		 2 years crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.chartbeat.com
Gandi Standard SSL CA 2		 2019-04-10 -
2020-04-10		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2018-12-03 -
2020-03-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2019-12-16 -
2020-12-30		 a year crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh
sni185388.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-01 -
2020-07-09		 6 months crt.sh

This page contains 10 frames:

Primary Page: https://www.nytimes.com/section/us
Frame ID: 97F36E145A7A24198FCC6AA235B76C40
Requests: 98 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
Frame ID: 39AE5BF0A7FEE05CF0729F6F9E7043FC
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=438909
Frame ID: E762D5F3237D0B7F2C68B7ECF3636D23
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;u8=;u10=http%3A%2F%2Fxlhz.site%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus
Frame ID: 863DD841313350A669872D057357C226
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 464982FC60A3DA493FB6BE06A9297DDF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F4CE6DC67C9A6D8A6ABC9DBB5D367C41
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&phint=referrer%3Dhttp%3A%2F%2Fxlhz.site%2F&phint=section%3DU.S.&phint=subsection%3D&phint=pagetype%3Dcollection&phint=keywords%3D&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype%3Dsectioncollection&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=63647587
Frame ID: F2E7C0B0AEE497D50B401417AB7A3B94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 509B3491C9A900DB3070D66A055551E0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXzn9rXjRE-wkMrTjf52sRgFc4yQfHZCuCx5TFVOq9umoJ_2ly587ccCgscguE6xJPRYMwkWl0Ow8Br1u1PErFVkK255denwep7EI3iSrgyiR0qZmL2aJw4W2SEOzAsh8rw7bbP2zoBISciX11W8iPSwaYCLIOWmsVeGCQojKDb9-WHc6JaH-1_2jeSCbi2g9vSaFonvxVF6wO8qm-O_iClCrokIUkkJUb095YM3BVuFsGydUhznCvarJuu65SFbTMPkNV-ajGERTILJdW_waZ6dAnqjB29q9sDk5sj_sJtw2WF5NapZU6Eeu2r25O&sig=Cg0ArKJSzJP0UNAe9-2XEAE&urlfix=1&adurl=
Frame ID: B533883486740F26ACABD28D88B0B6A7
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 733369810460BE3384A89933097790D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xlhz.site/ Page URL
  2. http://xlhz.site/Home/Process HTTP 302
    https://www.nytimes.com/section/us Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i

Page Statistics

111
Requests

98 %
HTTPS

48 %
IPv6

20
Domains

41
Subdomains

30
IPs

5
Countries

3332 kB
Transfer

7401 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xlhz.site/ Page URL
  2. http://xlhz.site/Home/Process HTTP 302
    https://www.nytimes.com/section/us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://nytimes.com/ads/google/adsbygoogle.js HTTP 301
  • https://www.nytimes.com/ads/google/adsbygoogle.js
Request Chain 38
  • https://payments.google.com/payments/v4/js/integrator.js?ss=md HTTP 301
  • https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.wWpMqGu2GIY.O/am=VUg/d=1/ct=zgms/rs=AChpKPCcQdP32OrEDX02-TLtMmtUKr4Xsg/m=b2,aist,ist,qst
Request Chain 52
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1580074277516&ns_c=UTF-8&c8=U.S.%20News%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&c9=http%3A%2F%2Fxlhz.site%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1580074277516&ns_c=UTF-8&c8=U.S.%20News%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&c9=http%3A%2F%2Fxlhz.site%2F&cs_ak_ss=1
Request Chain 73
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;u8=;u10=http%3A%2F%2Fxlhz.site%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;u8=;u10=http%3A%2F%2Fxlhz.site%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus
Request Chain 91
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_pre=COvL3LCboucCFdfEuwgdpWwAKA;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xlhz.site/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xlhz.site/
Protocol
HTTP/1.1
Server
34.211.213.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-213-227.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
1dc5189d4f01bb24373da5777606214357924586206b50dda15c72a6fac04300

Request headers

Host
xlhz.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Cache-Control
no-store,no-cache
Content-Type
text/html; charset=utf-8
Date
Sun, 26 Jan 2020 21:31:14 GMT
Pragma
no-cache
Server
Kestrel
Content-Length
3123
Connection
keep-alive
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://xlhz.site/
Origin
http://xlhz.site

Response headers

date
Sun, 26 Jan 2020 21:31:15 GMT
content-encoding
br
cf-cache-status
HIT
age
7745707
cf-ray
55b597be5eaa9abc-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 15 Jan 2021 21:31:15 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
playcanvas-latest.min.js
xlhz.site/lib/ 		1009 KB
1010 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xlhz.site/lib/playcanvas-latest.min.js
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
HTTP/1.1
Server
34.211.213.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-213-227.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
a43bedf6f55ec114cc6274c90f19feecd05d875404b168167b1c62c8dcd41505

Request headers

Referer
http://xlhz.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:15 GMT
Last-Modified
Thu, 21 Nov 2019 19:48:48 GMT
Server
Kestrel
ETag
"1d5a0a4b0ed95f3"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1033715
Primary Request us
www.nytimes.com/section/
Redirect Chain
  • http://xlhz.site/Home/Process
  • https://www.nytimes.com/section/us
882 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/section/us
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25f5142494a3cf516f7d216d8e5651a4dbd444416534ebd59d74f9ff7b032c1d
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.nytimes.com
:scheme
https
:path
/section/us
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://xlhz.site/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://xlhz.site/

Response headers

status
200
server
nginx
content-type
text/html; charset=utf-8
x-nyt-data-last-modified
Sun, 26 Jan 2020 21:23:13 GMT
last-modified
Sun, 26 Jan 2020 21:23:13 GMT
x-pagetype
vi-collection
x-vi-compatibility
Compatible
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
cache-control
s-maxage=600,no-cache
x-nyt-route
vi-collection
x-origin-time
2020-01-26 21:24:23 UTC
accept-ranges
bytes
date
Sun, 26 Jan 2020 21:31:17 GMT
age
484
x-served-by
cache-jfk8134-JFK, cache-hhn4035-HHN
x-cache
HIT, HIT
x-cache-hits
1, 1
x-timer
S1580074277.148291,VS0,VE2
vary
Accept-Encoding, Fastly-SSL
set-cookie
nyt-a=OEYDNTb-b1ZpGQrszsUdss; Expires=Mon, 25 Jan 2021 21:31:17 GMT; Path=/; Domain=.nytimes.com nyt-gdpr=1; Expires=Mon, 27 Jan 2020 03:31:17 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfh; Expires=Mon, 25 Jan 2021 21:31:17 GMT; Path=/; Domain=.nytimes.com
x-gdpr
1
x-frame-options
DENY
x-api-version
F-F-VI
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
96614

Redirect headers

Cache-Control
no-store,no-cache
Date
Sun, 26 Jan 2020 21:31:16 GMT
Location
https://www.nytimes.com/section/us
Pragma
no-cache
Server
Kestrel
Content-Length
0
Connection
keep-alive
web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-cache-hits
5929
age
9350333
status
200
x-guploader-uploadid
AEnB2UoZ_LvEh1F_VrfCOidW9TKNGcy4tP3fDnqVWT2wPk-avC_ijrP7yDcMEfsX0Ez7KKNMnRogVlZ0HTlMMUAwgbZipDAN3T1sUDXAAOHkhkYma4tNDD4
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
content-length
9922
x-served-by
cache-fra19183-FRA
access-control-allow-origin
*
last-modified
Tue, 08 Oct 2019 20:47:04 GMT
server
UploadServer
x-timer
S1580074277.217806,VS0,VE0
etag
"b3e9eedd81b658bb38d40b91c6568d7a"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
x-goog-generation
1570567624278152
via
1.1 varnish
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
9922
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
text/css; charset=utf-8
expires
Fri, 09 Oct 2020 16:12:23 GMT
global-42db6c8821fec0e2b3837b2ea2ece8fe.css
www.nytimes.com/vi-assets/static-assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-42db6c8821fec0e2b3837b2ea2ece8fe.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
1813
x-api-version
F-X
age
18569036
status
200
x-guploader-uploadid
AEnB2UrskcxbO25xvyrV8sdwoHfAmPoKDKuleHiATfQlGL9tY1kdasE2b1fVLaT_VwTeN5yA093apOdMu55nmEtuVMdpuLtWJA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
13034
x-origin-time
2019-06-25 23:27:22 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Tue, 25 Jun 2019 22:51:52 GMT
server
UploadServer
x-timer
S1580074277.196400,VS0,VE1
etag
"42db6c8821fec0e2b3837b2ea2ece8fe"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=kfeHYA==, md5=QttsiCH+wOKzg3suouzo/g==
x-goog-generation
1561503112373402
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
4619
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
text/css; charset=utf-8
expires
Wed, 24 Jun 2020 23:27:22 GMT
00polarize-topper-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/01/23/us/00polarize-topper/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/23/us/00polarize-topper/00polarize-topper-threeByTwoMediumAt2X.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ecde345fbe435fb1e1b9d1c7ee8e032f4c3e78f5ebb0d9d3c92ba79027c0e4b2

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
187639
status
200
x-guploader-uploadid
AEnB2UqiFT9n3F2lyaESctdLrhM4g4vuMDaPK_XeOMAltvYwAMr4TJd4fINXhu3Q8fsyD0o1jCpZNPL_a-hWkIRRsStKe8WQzg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
3, 2
content-length
127838
x-served-by
cache-iad2127-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Fri, 24 Jan 2020 17:19:55 GMT
server
UploadServer
x-timer
S1580074277.221888,VS0,VE0
etag
"a3604d23d887413943201aa2b10b5401"
vary
Origin
x-goog-hash
crc32c=zuDePQ==, md5=o2BNI9iHQTlDIBqisQtUAQ==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Fri, 24 Jan 2020 17:23:57 GMT
00polarize-topper-thumbStandard.jpg
static01.nyt.com/images/2020/01/23/us/00polarize-topper/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/23/us/00polarize-topper/00polarize-topper-thumbStandard.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2c1ea91345c67385ca912f554c8a396b7bb7fb7360bb0b57fe1b8a6a862dff0f

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
187851
status
200
x-guploader-uploadid
AEnB2UpEmAxJVZ8BY97gdTGBS7f1Iaxc443IEL7-9XRbdRgL-6obXC6kOeUgR6Ky5PvFog9wyyulwnCoVPLuFh7jdtbzguvUaw
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
2, 2
content-length
6525
x-served-by
cache-iad2135-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Fri, 24 Jan 2020 17:19:54 GMT
server
UploadServer
x-timer
S1580074277.221879,VS0,VE0
etag
"e58f6995a4e78e748b8123283f7a399d"
vary
Origin
x-goog-hash
crc32c=n+U2Cw==, md5=5Y9plaTnjnSLgSMoP3o5nQ==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Fri, 24 Jan 2020 17:20:25 GMT
24fire-victims1-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/01/24/us/24fire-victims1/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/24/us/24fire-victims1/24fire-victims1-threeByTwoMediumAt2X.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
576dc505683eccbff74e480e72245b53c9b30e40afd00f2fea2ccc9b3bd5b24a

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
188761
status
200
x-guploader-uploadid
AEnB2UpO9ifYeUCWyMc8KZZIqxxovvnm-vLGQA22NSqyMbtmDzVOE6dFMW4nmN6_4AUnsEDP9X1z3OzEjkkmkEz1i8odl-7T1A
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 1
content-length
234559
x-served-by
cache-iad2133-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Fri, 24 Jan 2020 16:39:24 GMT
server
UploadServer
x-timer
S1580074277.235471,VS0,VE2
etag
"3fbef8d9211180d4ba2c29760b98bb50"
vary
Origin
x-goog-hash
crc32c=9DlhpQ==, md5=P7742SERgNS6LCl2C5i7UA==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Fri, 24 Jan 2020 17:05:15 GMT
merlin_167681034_2c3a3ec1-861d-46e2-81b9-a0d95843ec69-thumbStandard.jpg
static01.nyt.com/images/2020/01/24/us/24fire-victims1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/24/us/24fire-victims1/merlin_167681034_2c3a3ec1-861d-46e2-81b9-a0d95843ec69-thumbStandard.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
386191468f381805ab289f406e0173a1e3b3cae9b8ba280e7ad3366296acc414

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
190161
status
200
x-guploader-uploadid
AEnB2UohvGA2XJg1aLkXZFBMJrQwqR9NeQoa6yUBe8ovdntOSzj61tCn8S72_KSlJRwdHlkmulE_k7hS-6y-ySFnLwo-G8HfxQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 2
content-length
6549
x-served-by
cache-iad2149-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Fri, 24 Jan 2020 16:39:24 GMT
server
UploadServer
x-timer
S1580074277.251220,VS0,VE0
etag
"ace620ae087fb5e8b72b49c2a4f7b299"
vary
Origin
x-goog-hash
crc32c=1Xh0Cg==, md5=rOYgrgh/tei3K0nCpPeymQ==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Fri, 24 Jan 2020 16:41:56 GMT
23CHAPUT-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/01/23/us/23CHAPUT/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/23/us/23CHAPUT/23CHAPUT-threeByTwoMediumAt2X.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0e4d971a5cb7344c1e6e35524a98c21e26b6c0ef8039617dac37622f95d9024e

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
252576
status
200
x-guploader-uploadid
AEnB2UpV6437fYoDEqXp73JS9fG9-5A1bfDAb0O-T3bM61dkjqLLZkfKglbubgMfpQEbhPN09VF8Ixf1nxrjsRoq6ISJSftxyQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 1
content-length
147901
x-served-by
cache-iad2134-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Thu, 23 Jan 2020 23:21:35 GMT
server
UploadServer
x-timer
S1580074277.252617,VS0,VE2
etag
"fb1f707dce6a0bc8d1c706fc8ad4b764"
vary
Origin
x-goog-hash
crc32c=RghbpQ==, md5=+x9wfc5qC8jRxwb8itS3ZA==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Thu, 23 Jan 2020 23:21:41 GMT
23CHAPUT-thumbStandard.jpg
static01.nyt.com/images/2020/01/23/us/23CHAPUT/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/23/us/23CHAPUT/23CHAPUT-thumbStandard.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c9d6bdcacd87c3b957c320c0f4d579e267d473ac8b0b4c0f891c2be957eb1a12

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
252575
status
200
x-guploader-uploadid
AEnB2UqWJj35QbS0cv4KbQyBVo53F2jj-0SDkL1q17Q8w9-rIIazBq0CMFlf4gHu7y2yviErjj67YwBz7O56f0Jmq0TYTrk6Aw
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 2
content-length
6444
x-served-by
cache-iad2122-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Thu, 23 Jan 2020 23:21:35 GMT
server
UploadServer
x-timer
S1580074277.252552,VS0,VE0
etag
"b8d17bdfb060a1d76ac07496db69555b"
vary
Origin
x-goog-hash
crc32c=xpmCkg==, md5=uNF737BgoddqwHSW22lVWw==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Thu, 23 Jan 2020 23:21:41 GMT
merlin_167211117_858a3433-3661-4df7-96ff-a9c34e33866b-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/01/21/us/00PLAME/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/21/us/00PLAME/merlin_167211117_858a3433-3661-4df7-96ff-a9c34e33866b-threeByTwoMediumAt2X.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94b3ff6f97e39d511b3490e687bcf8a554fa0ac63949e36df901182ad9d39b

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
298859
status
200
x-guploader-uploadid
AEnB2UqNNb-wY5wa4mDoNpFR-tg4e97eutMZk5XGSm4oS-VOvEBjBxPwBU3Cn8ALi7-H0D_Jsl_w6v02ijU-8sOa12EJomBH6g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
2, 2
content-length
74745
x-served-by
cache-iad2139-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Thu, 23 Jan 2020 10:00:15 GMT
server
UploadServer
x-timer
S1580074277.252537,VS0,VE0
etag
"caf43663e88c2c08d786f804379d926a"
vary
Origin
x-goog-hash
crc32c=LqZ9xQ==, md5=yvQ2Y+iMLAjXhvgEN52Sag==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Thu, 23 Jan 2020 10:30:18 GMT
00PLAME-thumbStandard.jpg
static01.nyt.com/images/2020/01/21/us/00PLAME/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/21/us/00PLAME/00PLAME-thumbStandard.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6a53efa9491b81b9b113203fe403b09a4770779d1d82c4cebb3cd823ddb0654b

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
300447
status
200
x-guploader-uploadid
AEnB2Ur0ydNfGEYrKp-Tc0DqBWCOR5FR-7SZXtCJjhMy876h8yf-1AwHE0W1XmrtLWs8GUjz2HkSpMJoVQJqz4MK8ziULnLS5g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 2
content-length
6239
x-served-by
cache-iad2141-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Thu, 23 Jan 2020 10:00:15 GMT
server
UploadServer
x-timer
S1580074277.252520,VS0,VE0
etag
"5ba5f35371b9d74c9de7d3da6a88b8c5"
vary
Origin
x-goog-hash
crc32c=8GqM7w==, md5=W6XzU3G510yd59Paaoi4xQ==
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
expires
Thu, 23 Jan 2020 10:03:50 GMT
merlin_167788866_d0c7d542-de37-454a-8e72-d2d217ae32e5-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/01/26/us/politics/26dc-impeach/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/26/us/politics/26dc-impeach/merlin_167788866_d0c7d542-de37-454a-8e72-d2d217ae32e5-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f8da5ece26c16204c0b249082dde3341459890da3c909805c10400f3beccf468

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
11041
status
200
x-cache
HIT, HIT
fastly-io-info
ifsz=13895 idim=210x140 ifmt=jpeg ofsz=14734 odim=210x140 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 1
fastly-stats
io=1
content-length
14734
x-served-by
cache-iad2123-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1580074277.252515,VS0,VE1
etag
"tseRJdnILP3LqP53oIP7bQ88uuzf9EgbMbIjgKLgbCs"
vary
Accept
x-goog-hash
crc32c=Svluiw==, md5=eyhR5stiZ5MQL0ed1D2dog==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2UozHoYKIlVGDdCFkIEhJD2_UqgXXmqMM98HFH2C5uff9Hde2Q19fgXkjcSccVdykf446-cHJl_oRrUcEGIYlz9ZwcUOPA
expires
Sun, 26 Jan 2020 18:27:16 GMT
merlin_167848503_477cd569-5e59-4476-80ad-33dfc066e66f-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/01/26/us/politics/26disability/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/26/us/politics/26disability/merlin_167848503_477cd569-5e59-4476-80ad-33dfc066e66f-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
884bd1998746a95f4b16f442da4a1af0c8afa236393473fb43130e176d2d347f

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
15993
status
200
x-cache
HIT, HIT
fastly-io-info
ifsz=12134 idim=210x140 ifmt=jpeg ofsz=12682 odim=210x140 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 1
fastly-stats
io=1
content-length
12682
x-served-by
cache-iad2125-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1580074277.252507,VS0,VE1
etag
"GB+qM7/2gx/b8qDzuZPssg+JTgFpFINJJQeFCKwsclQ"
vary
Accept
x-goog-hash
crc32c=oQdJVg==, md5=eQxKdt5OQmcuqnazbQW0rQ==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2Uojsp_kJzaF1biDqcL0IqslLVzc8jm_zoMO7qwLr3gFRbSPEqwrJb-7j3HMtAT5JH4cOJCx4_02WVytro7WRKvRdaC2Ng
expires
Sun, 26 Jan 2020 17:04:44 GMT
merlin_167849376_6f7cbac2-2505-4379-a6a6-f07846bee956-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/01/26/multimedia/26xp-shooting03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/01/26/multimedia/26xp-shooting03/merlin_167849376_6f7cbac2-2505-4379-a6a6-f07846bee956-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
451eb3042f77509a4daf0656a4ebffea9243661cd2a4684ff6192febd33eb7c3

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish, 1.1 varnish
age
14589
status
200
x-cache
HIT, HIT
fastly-io-info
ifsz=15826 idim=210x140 ifmt=jpeg ofsz=18070 odim=210x140 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
2, 1
fastly-stats
io=1
content-length
18070
x-served-by
cache-iad2121-IAD, cache-fra19147-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1580074277.252490,VS0,VE1
etag
"zCIsCuVuqcyHGNe+NdZwXgS9/HnKsium9XnPhhUmRJU"
vary
Accept
x-goog-hash
crc32c=pbp/yA==, md5=KgVGBf/kWrAZTPxZiJnrmg==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2UqmBA08gNyyPBe37Q3_31CHkMzm6K_FCn1XxQgLVONGj5vKgvnoeilSOQRu0Umropn6J6Ev_Uta-js7eJ5HdolXnIEeCw
expires
Sun, 26 Jan 2020 17:28:08 GMT
adslot-431216da01bb24bbc25f.js
www.nytimes.com/vi-assets/static-assets/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-431216da01bb24bbc25f.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1d68eabf261370a4ed5be7cd56da6a7acf760621b8515b640272b07c9ebfa062
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
4112
x-api-version
F-X
age
274847
status
200
x-guploader-uploadid
AEnB2Uqpl9P3vyaI1ZhZwc1sRTthTUXIFKUbeToPDEaTXWIo7Lvd8aMsHGI9q8iHwp27tuOnjyLGoZYOiq6f0El6wrK4cLm_rw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
13123
x-origin-time
2020-01-23 17:10:33 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Thu, 23 Jan 2020 17:00:35 GMT
server
UploadServer
x-timer
S1580074277.247578,VS0,VE1
etag
"d4338329de1ac72846b82c8edba7df15"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=D3FLAA==, md5=1DODKd4axyhGuCyO26ffFQ==
x-goog-generation
1579798835933069
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
10656
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 17:10:29 GMT
vendor-7d3ff8c2998e4e32ca30.js
www.nytimes.com/vi-assets/static-assets/ 		805 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3eed1af776a94c28717e8b1e25ca6929c839e8888dc075293a792171cd236021
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
256147
x-api-version
F-X
age
274844
status
200
x-guploader-uploadid
AEnB2Urghji6L_lYXHekQPhh8Q9k8AoSWW1DrfUIDQeZVXvhvziPhpGZAEFa_4N8RFgOGORVzPbzuDa6NWFWAZSSr4XAdWbGYQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
1105
x-origin-time
2020-01-23 17:10:33 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Thu, 23 Jan 2020 17:00:36 GMT
server
UploadServer
x-timer
S1580074277.247930,VS0,VE1
etag
"e120306b173fc15a9e3a118ab02322d4"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=FGk6nA==, md5=4SAwaxc/wVqeOhGKsCMi1A==
x-goog-generation
1579798836570451
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
824052
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 17:10:33 GMT
collections-a737e3a86a3fb6a69ebe.js
www.nytimes.com/vi-assets/static-assets/ 		408 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/collections-a737e3a86a3fb6a69ebe.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ae97abbdab832576d589a315ddaf1a7999959e60eb0a15730bf8aea80d63ee48
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
110027
x-api-version
F-X
age
189564
status
200
x-guploader-uploadid
AEnB2UpE3N7yEo1OEwAEH7KsZbUWHYoIvA5tfc9ZHQfVo-_MCG8u4sGTHbwSYGIfbX_eRadQLsgAw-ALgxCMvr80YG5VUVKpUQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
3648
x-origin-time
2020-01-24 16:51:53 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Fri, 24 Jan 2020 16:24:20 GMT
server
UploadServer
x-timer
S1580074277.247896,VS0,VE1
etag
"9942a29c43d8d5b1fb128f9f9b4ab1b1"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=ggyzow==, md5=mUKinEPY1bH7Eo+fm0qxsQ==
x-goog-generation
1579883060739022
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
417801
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 23 Jan 2021 16:51:52 GMT
main-0fb7cbc1417d31108023.js
www.nytimes.com/vi-assets/static-assets/ 		451 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-0fb7cbc1417d31108023.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d53f29c5021ef1819283734181a1f77c47931f8a1c8588344b7744831804b868
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
125188
x-api-version
F-X
age
261316
status
200
x-guploader-uploadid
AEnB2Urh-WJCETnUF1cKsiNwnQS44kPekesShNexHAV4W3Se3k7fAZPZ4xnJmp9htTG6faA0LDu4rYS69eQVtajIaoUqtkIe3g
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
12241
x-origin-time
2020-01-23 20:56:17 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Thu, 23 Jan 2020 20:36:02 GMT
server
UploadServer
x-timer
S1580074277.247929,VS0,VE1
etag
"2cd7c6883f24bdfbf39e90e3cadb8dd1"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=NlpJLw==, md5=LNfGiD8kvfvznpDjytuN0Q==
x-goog-generation
1579811762216778
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
461408
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 20:56:00 GMT
gtm.js
www.googletagmanager.com/ 		269 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ceee45938bdbb9d891e6dd55d162bd81a1d259a540b71c2b1fb78b82283b5d1b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
*
content-type
application/javascript; charset=UTF-8
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
55861
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
v2
samizdat-graphql.nytimes.com/graphql/ 		0
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-0.5.53 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 google, 1.1 varnish
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-nyt-meridiem
PM
age
21
x-cache
HIT
status
200
samizdat-x-instance
a8e0159
x-samizdat-query-exe-id
837a86d38ab088da
content-length
0
x-served-by
cache-fra19157-FRA
access-control-allow-origin
https://www.nytimes.com
server
samizdat-graphql-0.5.53
x-timer
S1580074277.269396,VS0,VE0
x-nyt-continent
EU
access-control-max-age
300
access-control-allow-methods
GET, POST
x-nyt-region
NI
x-nyt-audience-target-flat
EU:PM
cache-control
max-age=30
access-control-allow-credentials
true
x-nyt-country
DE
accept-ranges
bytes
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
x-cache-hits
3
swg.js
news.google.com/swg/js/v1/ 		125 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ede33e8b476fe12ac4e18f66fdd85f7f4e1445225edd9d3d86afce8d0cfb1d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 23:15:19 GMT
server
sffe
age
253
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38002
x-xss-protection
0
expires
Sun, 26 Jan 2020 22:17:04 GMT
adsbygoogle.js
www.nytimes.com/ads/google/
Redirect Chain
  • https://nytimes.com/ads/google/adsbygoogle.js
  • https://www.nytimes.com/ads/google/adsbygoogle.js
28 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/ads/google/adsbygoogle.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-api-version
F-X
age
422083
status
200
x-guploader-uploadid
AEnB2Uo-zynw5GNzE2Fc9wxqoIP42-fvmNaK5Ru6HEkOmLxCtp4SmssRTXwdPotA6ztIdlaKAJY_mrBzrXooAbfedowPKUA5lw
x-cache
HIT
x-goog-storage-class
REGIONAL
x-cache-hits
11735
x-origin-time
2019-09-18 00:16:01 UTC
x-served-by
cache-hhn4035-HHN
accept-ranges
bytes
last-modified
Fri, 23 Mar 2018 21:06:07 GMT
server
UploadServer
x-timer
S1580074277.303725,VS0,VE1
etag
"45047d08e5481aa5674276ae1810c88d"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=A0srKQ==, md5=RQR9COVIGqVnQnauGBDIjQ==
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-route
ads-static-assets
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
48
expires
Wed, 18 Sep 2019 00:16:00 GMT

Redirect headers

date
Sun, 26 Jan 2020 21:31:17 GMT
server
Varnish
x-api-version
F-0
location
https://www.nytimes.com/ads/google/adsbygoogle.js
x-cache
HIT
status
301
x-nyt-route
ads-static-assets
x-cache-hits
0
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4032-HHN
franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-cache-hits
4579
age
9350297
status
200
x-guploader-uploadid
AEnB2Uoh-FZIB60X7pEIJhZnxc1peMNLDms9A4npbEVsbtNF36urKU4_57CnBeNkhfIXzXej1i6ePZC_znn1AD7K3FBJ8y8tjA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
19836
x-served-by
cache-fra19127-FRA
last-modified
Tue, 08 Oct 2019 20:47:05 GMT
server
UploadServer
x-timer
S1580074277.279928,VS0,VE0
etag
"d6c06a3d84a57100edad5bf9b84ff739"
vary
Origin
x-goog-hash
crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
x-goog-generation
1570567625340998
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
19836
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 09 Oct 2020 16:12:59 GMT
franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-cache-hits
4592
age
8192419
status
200
x-guploader-uploadid
AEnB2UqUeeFIROyrZRCDrGAW8qF3q8SmjUgl94SxslGB2YpYWastNJFA8vL01JOibp9wKvbixIFsJXiC0JnunCNzELCIbprm9IYd35lGRDC3zpE8IX2U8gU
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
20312
x-served-by
cache-fra19127-FRA
last-modified
Tue, 08 Oct 2019 20:47:05 GMT
server
UploadServer
x-timer
S1580074277.279814,VS0,VE0
etag
"b44c88f09ca7ce914b836d4ae72891b8"
vary
Origin
x-goog-hash
crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
x-goog-generation
1570567625401061
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
20312
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 23 Oct 2020 01:50:59 GMT
cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-cache-hits
2238
age
2220574
status
200
x-guploader-uploadid
AEnB2UoKeaarF7SOO4G6_8y9wT2j4TCBm3czShZNXLf458huxLaKhOtZI4DiPWmCqXOlebv-tJ1zA-_CcHh4KpxWYob58m3JdCpZZMkkO-7-QXlGEk1NtAE
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
28276
x-served-by
cache-fra19127-FRA
last-modified
Tue, 08 Oct 2019 20:47:04 GMT
server
UploadServer
x-timer
S1580074277.279835,VS0,VE0
etag
"530cfb72378419eedb60da7e266ad5f1"
vary
Origin
x-goog-hash
crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
x-goog-generation
1570567624458394
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
28276
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
font/woff2
expires
Thu, 31 Dec 2020 04:41:43 GMT
imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
g1.nyt.com/fonts/family/imperial/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-cache-hits
23
age
9350256
status
200
x-guploader-uploadid
AEnB2UrKpJ5QhM7u0Alo4Kxv_tetyz_Q-mnWHnWwaLAXATdzmr7BZTr7LF__dVLBzyj31seUDINw3D7KuXcn2em-RJU1PA_z2A6MzIcx45mEVAWzA534Cfw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
28252
x-served-by
cache-fra19127-FRA
last-modified
Tue, 08 Oct 2019 20:47:05 GMT
server
UploadServer
x-timer
S1580074277.279836,VS0,VE0
etag
"40c94ccc25e2212b8946a7d732251d86"
vary
Origin
x-goog-hash
crc32c=L+c2+A==, md5=QMlMzCXiISuJRqfXMiUdhg==
x-goog-generation
1570567625851656
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
28252
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 09 Oct 2020 16:13:40 GMT
cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-cache-hits
4008
age
1804682
status
200
x-guploader-uploadid
AEnB2UrBHhfC8T87BCWZleK-joiGZQSkpv4eQiiLdYsf9quX_aJAHptqdHQsn6fzBATP9RrEUf5l65lQZzFXWFGfDAcUcJldr8pr2fY6VpjmEXT03i3yhZE
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
29076
x-served-by
cache-fra19127-FRA
last-modified
Tue, 08 Oct 2019 20:47:04 GMT
server
UploadServer
x-timer
S1580074277.279888,VS0,VE0
etag
"a3ed7afe3eaa0a873f3fbd379f8c491b"
vary
Origin
x-goog-hash
crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
x-goog-generation
1570567624300845
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
29076
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 05 Jan 2021 00:13:14 GMT
imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
g1.nyt.com/fonts/family/imperial/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-cache-hits
4338
age
8187788
status
200
x-guploader-uploadid
AEnB2UrRYW0rJewh9VC6wBA7ivsefbynISZ2T7qpKm5Mq8Mvpk2LLrqnA4Q7rKI1GN7KuaR4oSMQz3GBy0xuJqEPmZEe22ijhw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
29016
x-served-by
cache-fra19127-FRA
last-modified
Tue, 08 Oct 2019 20:47:05 GMT
server
UploadServer
x-timer
S1580074277.279845,VS0,VE0
etag
"2531995fefd3b997f9c4d564ebe89268"
vary
Origin
x-goog-hash
crc32c=1n93EQ==, md5=JTGZX+/TuZf5xNVk6+iSaA==
x-goog-generation
1570567625845342
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
29016
x-nyt-pagetype
nyt5-asset
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 23 Oct 2020 03:08:08 GMT
v2
samizdat-graphql.nytimes.com/graphql/ 		97 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-0.5.53 /
Resource Hash
5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
nyt-app-version
0.0.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

x-samizdat-query-sup-code
date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-nyt-meridiem
PM
age
0
x-cache
MISS
status
200
samizdat-x-instance
a8e0159
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
a7485bd2e1978f76
content-length
98
x-served-by
cache-fra19183-FRA
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
NI
server
samizdat-graphql-0.5.53
x-timer
S1580074277.304528,VS0,VE103
x-nyt-continent
EU
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type
application/json
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:PM
cache-control
max-age=30
access-control-allow-credentials
true
x-nyt-country
DE
accept-ranges
bytes
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-431216da01bb24bbc25f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2b25d683cf9bad7693d678fbafa815a9821eeb30680ea2a1f9ae6b00059d6c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"410 / 792 of 1000 / last-modified: 1579978971"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16249
x-xss-protection
0
expires
Sun, 26 Jan 2020 21:31:17 GMT
payframe
pay.google.com/gp/p/ui/ Frame 39AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9ksrE6M50Ls+W/jDP8aXjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-9ksrE6M50Ls+W/jDP8aXjw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
content-type
text/html; charset=utf-8
x-ua-compatible
IE=edge
expires
Sun, 26 Jan 2020 21:31:17 GMT
date
Sun, 26 Jan 2020 21:31:17 GMT
cache-control
private, max-age=3600
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
script-src 'report-sample' 'nonce-9ksrE6M50Ls+W/jDP8aXjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-9ksrE6M50Ls+W/jDP8aXjw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=196=A5CcHIyIU8GN2kt87L9Si-XJTEi6BO517NGMMOcmTsEISB3P2FHTaIov2j2hfbTYu4BqB1NNUFYi9obEmmW0Sg8zN8BGt5hg_CcY6biGaCt76PQVEeqqtdqULle7nXGvG1xupEP2Qw9zdUEAmr6BDavF5cE8-at_QorJMX6GtVI; expires=Mon, 27-Jul-2020 21:31:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
swg-button.css
news.google.com/swg/js/v1/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 20:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Sep 2019 18:02:27 GMT
server
sffe
age
2207
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5809
x-xss-protection
0
expires
Sun, 26 Jan 2020 21:44:30 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame E762 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=438909
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KHZ9XMAVFoWAIFUZZgl0Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-KHZ9XMAVFoWAIFUZZgl0Gw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
news.google.com
:scheme
https
:path
/swg/_/ui/v1/serviceiframe?_=438909
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
content-type
text/html; charset=utf-8
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Jan 2020 21:31:17 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-KHZ9XMAVFoWAIFUZZgl0Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-KHZ9XMAVFoWAIFUZZgl0Gw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=196=MvsW4uzHcYR-GRZlknzTQ2FatRECqtJrq4YRVzYvEVFX-D9nB-B7f1wa956lWpDFPdKLzen0tDHE5A6-aULTO3Th1nWpTEKfbvTPFut2rNmDDOOyWH5F_P36CytEQ3QT_bsz7v3EPkJOKBEMM2_U9tJBr0cBcAtSN0edRpO30AM; expires=Mon, 27-Jul-2020 21:31:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Oct 2018 21:24:31 GMT
server
sffe
age
478
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1049
x-xss-protection
0
expires
Sun, 26 Jan 2020 22:13:19 GMT
pay
pay.google.com/gp/p/ui/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay?_=438909
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
m=b2,aist,ist,qst
www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.wWpMqGu2GIY.O/am=VUg/d=1/ct=zgms/rs=AChpKPCcQdP32OrEDX02-TLtMmtUKr4Xsg/
Redirect Chain
  • https://payments.google.com/payments/v4/js/integrator.js?ss=md
  • https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.wWpMqGu2GIY.O/am=VUg/d=1/ct=zgms/rs=AChpKPCcQdP32OrEDX02-TLtMmtUKr4Xsg/m=b2,aist,ist,qst
0
82 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.wWpMqGu2GIY.O/am=VUg/d=1/ct=zgms/rs=AChpKPCcQdP32OrEDX02-TLtMmtUKr4Xsg/m=b2,aist,ist,qst
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Jan 2020 19:23:22 GMT
server
sffe
age
265805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
83696
x-xss-protection
0
expires
Fri, 22 Jan 2021 19:41:13 GMT

Redirect headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
301
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
268
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.wWpMqGu2GIY.O/am=VUg/d=1/ct=zgms/rs=AChpKPCcQdP32OrEDX02-TLtMmtUKr4Xsg/m=b2,aist,ist,qst
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-rqmAe6CGn7DXjwj3DsNkcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
expires
Mon, 01 Jan 1990 00:00:00 GMT
gr_full_2.0.6.js
clients2.google.com/gr/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://clients2.google.com/gr/gr_full_2.0.6.js
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
age
1181
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8665
x-xss-protection
0
expires
Sun, 26 Jan 2020 22:11:36 GMT
entitlements
news.google.com/swg/_/api/v1/publication/nytimes.com/ 		2 B
965 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PVowoamt+ci7RZ/FIkiHsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-PVowoamt+ci7RZ/FIkiHsw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-PVowoamt+ci7RZ/FIkiHsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-PVowoamt+ci7RZ/FIkiHsw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
vi_article.js
cdn.optimizely.com/public/3013110282/s/ 		485 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/public/3013110282/s/vi_article.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-0fb7cbc1417d31108023.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2310526c7b7207f2e2b1f3f9f5b33912dab1341f548c62a26021ad836076aeaf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
8DXyxax8.5bAaAjmFPDilbTYbnW97.qz
content-encoding
gzip
x-amz-request-id
5ACB22D9A6DB4442
status
200
access-control-max-age
86400
date
Sun, 26 Jan 2020 21:31:17 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
133986
x-amz-id-2
YtrNgmVQ8FQhbrSTZ2j5occvgsXpJY3EEJhCVM0UCTajvwejypeUWQ/aOFbEWrJkTyl+n4hWvuk=
last-modified
Fri, 24 Jan 2020 16:06:28 GMT
server
AmazonS3
etag
"ba05f7d73c933a3f1e57733af0ce7b6e"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
11930
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
ip_seg_v2.rep
cigsvc.nytimes.com/r1/jp/ 		170 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?&callback=callback
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jan 2020 21:31:17 GMT
via
1.1 varnish
x-timer
S1580074277.417412,VS0,VE185
x-served-by
cache-fra19183-FRA
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript;charset=UTF-8
status
200
cache-control
no-cache, no-cache="set-cookie"
x-cache-hits
0
accept-ranges
bytes
content-length
170
expires
0
vendors~collections~search-872953cd41af101b3043.js
www.nytimes.com/vi-assets/static-assets/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~collections~search-872953cd41af101b3043.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
26219c50825d5f117def82cec153691cbb69a540f193ac3475225f9cb6173284
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
9954
x-api-version
F-X
age
274848
status
200
x-guploader-uploadid
AEnB2UqtgU7Yqu4491YTqmuHPL7buJguGPdetMgDZfV9kqWO3J76VFvdMWgVanOtTo5jyUw8NiunDjbCOTZDS6DRD1uMePBMJg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
4955
x-origin-time
2020-01-23 17:10:49 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Thu, 23 Jan 2020 17:00:36 GMT
server
UploadServer
x-timer
S1580074277.451100,VS0,VE1
etag
"82c568b20f681336dcc1f05fd0bef687"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=BaDDaw==, md5=gsVosg9oEzbcwfBf0L72hw==
x-goog-generation
1579798836651179
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
45151
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 17:10:29 GMT
vendors~collections-190ad2eea2d9c359cf30.js
www.nytimes.com/vi-assets/static-assets/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~collections-190ad2eea2d9c359cf30.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8d88ab139995fe6b8a1ef2ac68de663524a71cf805567af8f4431841a73bd3d9
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
8120
x-api-version
F-X
age
274848
status
200
x-guploader-uploadid
AEnB2UqpE4ranhd8K28CsJYAT809aQaWZfvfdqqHjjfSioqACdCWBi5JJjsG2wEl2lPppNvKK3hcHEmDaWazXQ6tfNgrD9qeLw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
4952
x-origin-time
2020-01-23 17:10:49 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Thu, 23 Jan 2020 17:00:36 GMT
server
UploadServer
x-timer
S1580074277.451070,VS0,VE1
etag
"24d91e544b5cbaf53b52d04c0a5cb51a"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=4eKHBQ==, md5=JNkeVEtcuvU7UtBMCly1Gg==
x-goog-generation
1579798836696392
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
28362
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 17:10:29 GMT
answerpage~bestsellers~collections~hubpage~reviews~search~slideshow~timeswire~trending~weddings~your~a22cb264-ae07a231015f3129f23a.js
www.nytimes.com/vi-assets/static-assets/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/answerpage~bestsellers~collections~hubpage~reviews~search~slideshow~timeswire~trending~weddings~your~a22cb264-ae07a231015f3129f23a.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c4876dae58d79e83c9618288a0e81c71eaf846ff59aa3afa7de948d80cec104a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
content-length
8277
x-api-version
F-X
age
274849
status
200
x-guploader-uploadid
AEnB2UpP3mmPIEDixhruWzMCWw2j-86q_VDFkTyoEOQD8MtD4LPddANJh6-6HqtidimX7anlnAp6Q1ACKFvG4NpJz7GYWa0aQg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-cache-hits
4999
x-origin-time
2020-01-23 17:10:35 UTC
x-served-by
cache-hhn4035-HHN
last-modified
Thu, 23 Jan 2020 17:00:35 GMT
server
UploadServer
x-timer
S1580074277.451751,VS0,VE0
etag
"91404925d8c95a17c020b098f9298c7a"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=HlBdSg==, md5=kUBJJdjJWhfAILCY+SmMeg==
x-goog-generation
1579798835988355
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
28570
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 Jan 2021 17:10:29 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
/
et.nytimes.com/ 		880 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://et.nytimes.com/
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
ad778df3bd80165ddc0b8e65aa5635ba1aac654205ac1debd87caf7705c2bd3e

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.nytimes.com
Date
Sun, 26 Jan 2020 21:30:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
880
Content-Type
application/json
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
tags.js
js.datadome.co/ 		123 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-104.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
fc0f2abacd8dfdce33be101faac14e4ad17306c4b6f37c156ccbf86a8968e391
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
age
3412
x-cache
Hit from cloudfront
status
200
date
Sun, 26 Jan 2020 20:34:26 GMT
content-length
21393
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 13:34:23 GMT
server
Apache
etag
"1eb71-59c41e21bd83a-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
SQlhmathYOYpDsP8ZdG6E0dlVP1y41pidho5imJMuBLq42avviPs4g==
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
pixel.gif
et.nytimes.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://et.nytimes.com/pixel.gif?subject=ab-expose&test=DFP_als&variant=1_als&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-355-Production&et2_pageview_id=eRNaSFAiBWkXRjBEitZmvlDZ
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1580074277516&ns_c=UTF-8&c8=U.S.%20News%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&c9=http%3A%2F%2Fxlhz....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1580074277516&ns_c=UTF-8&c8=U.S.%20News%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&c9=http%3A%2F%2Fxlhz...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1580074277516&ns_c=UTF-8&c8=U.S.%20News%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&c9=http%3A%2F%2Fxlhz.site%2F&cs_ak_ss=1
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Jan 2020 21:31:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1580074277516&ns_c=UTF-8&c8=U.S.%20News%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&c9=http%3A%2F%2Fxlhz.site%2F&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 26 Jan 2020 21:31:17 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
et.nytimes.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://et.nytimes.com/pixel.gif?subject=ab-expose&test=dfp_adslot4v2&variant=1_external&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-355-Production&et2_pageview_id=eRNaSFAiBWkXRjBEitZmvlDZ
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020011602.js
securepubads.g.doubleclick.net/gpt/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e453876fb642a6b08b3ffafdc3b7c241de26aae0ee58db079e635fc1f682ef02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Jan 2020 20:10:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
61843
x-xss-protection
0
expires
Sun, 26 Jan 2020 21:31:17 GMT
meter.js
meter-svc.nytimes.com/ 		513 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referer=http%3A%2F%2Fxlhz.site%2F
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.35.241 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
241.35.241.35.bc.googleusercontent.com
Software
/
Resource Hash
f8ff149df77b50b4ee8e02297ca3fe5800998ff46b8fbe3f6554456fa0e31226

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
via
1.1 google
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
Set-Cookie
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
alt-svc
clear
content-length
513
preferences
purr.nytimes.com/v1/ 		3 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://purr.nytimes.com/v1/preferences
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
server
Google Frontend
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
6af67e4a89103b66545bf8462cbd08ac
cache-control
private
access-control-allow-credentials
true
content-length
3
expires
Sun, 26 Jan 2020 21:31:17 GMT
data-layer
a.nytimes.com/svc/nyt/ 		865 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=http%3A%2F%2Fxlhz.site%2F&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0ca66e262b4aed6267d59d9b2e4a2a51637fcc477517a3fe080b5b371e25403a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:17 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
e4709ec53d8c3bc48c9e9d574be3060f
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
525
expires
Sun, 26 Jan 2020 21:31:17 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6782
date
Sun, 26 Jan 2020 19:38:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 26 Jan 2020 21:38:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=549423151144837&correlator=2930089697354819&output=ldjh&impl=fif&adsid=NT&eid=21065428%2C21065353%2C21065391%2C21065304&vrg=2020011602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200126&iu=%2F29390238%2Fnyt%2Fus%2Fsectionfront&sz=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&scp=div%3Dtop%26pos%3Dtop%26request_time%3D883&cust_params=edn%3Dus%26sov%3D1%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1580073026305%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_bofa%252Cgs_society_religion%252Cgs_society%252Cgs_politics%252Cneg_mastercard%252Cneg_google%252Cneg_fcli%252Cgs_politics_misc%252Cgs_health_misc%252Cneg_ibmtest%252Cgs_health%252Cneg_ibm%252Cgv_safe%252Cgs_t%26sub%3Danon%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_amzn_0_control%252Cdfp_als_1_als%252Cdfp_als_home_1_als%252Cmkt_dfp_ods_2_test%252Cmc_dfp_topbar_bar_anon_1019_1_login%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_ad_counting_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_1_25cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cdfp_messaging_flexframe_ctr_0_control%26page_view_id%3DeRNaSFAiBWkXRjBEitZmvlDZ%26aid%3DOEYDNTb-b1ZpGQrszsUdss&cookie_enabled=1&bc=31&abxe=1&lmt=1580073793&dt=1580074278046&dlt=1580074277176&idt=844&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=64&adk=634834303&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxlhz.site%2F&dssz=37&icsg=50245616&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0&msz=1585x0&ga_vid=1448094233.1580074278&ga_sid=1580074278&ga_hid=2008622736&fws=4&ohw=1585
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
bb5dde89f47aedb3ac045ced1339d4a763fc2d1396e45207491d072d967dc3c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9773
x-xss-protection
0
google-lineitem-id
5231866240
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295555952
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020011602.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011602.js?21065428
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b2bd84dc001c544114fdcf9f1d58dfe7ae0cc08844365f36a7c40e42cf490d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Jan 2020 20:10:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24252
x-xss-protection
0
expires
Sun, 26 Jan 2020 21:31:18 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		409 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=549423151144837&correlator=2930089697354819&output=ldjh&impl=fif&adsid=NT&eid=21065428%2C21065353%2C21065391%2C21065304&vrg=2020011602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200126&iu=%2F29390238%2Fnyt%2Fus%2Fsectionfront&sz=150x50&scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D898&cust_params=edn%3Dus%26sov%3D1%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1580073026305%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_bofa%252Cgs_society_religion%252Cgs_society%252Cgs_politics%252Cneg_mastercard%252Cneg_google%252Cneg_fcli%252Cgs_politics_misc%252Cgs_health_misc%252Cneg_ibmtest%252Cgs_health%252Cneg_ibm%252Cgv_safe%252Cgs_t%26sub%3Danon%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_amzn_0_control%252Cdfp_als_1_als%252Cdfp_als_home_1_als%252Cmkt_dfp_ods_2_test%252Cmc_dfp_topbar_bar_anon_1019_1_login%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_ad_counting_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_1_25cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cdfp_messaging_flexframe_ctr_0_control%26page_view_id%3DeRNaSFAiBWkXRjBEitZmvlDZ%26aid%3DOEYDNTb-b1ZpGQrszsUdss&cookie_enabled=1&bc=31&abxe=1&lmt=1580073793&dt=1580074278057&dlt=1580074277176&idt=844&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=2873317091&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxlhz.site%2F&dssz=38&icsg=137489199088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1448094233.1580074278&ga_sid=1580074278&ga_hid=2008622736&fws=132&ohw=1585
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9b2b872265e22d97fda3c73e78d8ca3345f33c70bbea858ffa79e158dbae5b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
213
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=549423151144837&correlator=2930089697354819&output=ldjh&impl=fif&adsid=NT&eid=21065428%2C21065353%2C21065391%2C21065304&vrg=2020011602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200126&iu=%2F29390238%2Fnyt%2Fus%2Fsectionfront&sz=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&scp=div%3Dmid1%26pos%3Dmid1%26request_time%3D903&cust_params=edn%3Dus%26sov%3D1%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1580073026305%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_bofa%252Cgs_society_religion%252Cgs_society%252Cgs_politics%252Cneg_mastercard%252Cneg_google%252Cneg_fcli%252Cgs_politics_misc%252Cgs_health_misc%252Cneg_ibmtest%252Cgs_health%252Cneg_ibm%252Cgv_safe%252Cgs_t%26sub%3Danon%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_amzn_0_control%252Cdfp_als_1_als%252Cdfp_als_home_1_als%252Cmkt_dfp_ods_2_test%252Cmc_dfp_topbar_bar_anon_1019_1_login%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_ad_counting_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_1_25cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cdfp_messaging_flexframe_ctr_0_control%26page_view_id%3DeRNaSFAiBWkXRjBEitZmvlDZ%26aid%3DOEYDNTb-b1ZpGQrszsUdss&cookie_enabled=1&bc=31&abxe=1&lmt=1580073793&dt=1580074278063&dlt=1580074277176&idt=844&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1105&adk=2341692046&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxlhz.site%2F&dssz=38&icsg=137489199088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x142&msz=1585x0&ga_vid=1448094233.1580074278&ga_sid=1580074278&ga_hid=2008622736&fws=4&ohw=1585
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
67375f8dea18f2efa780b2892a03c51c4bd30595f98157f7268cf4715aded1c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10037
x-xss-protection
0
google-lineitem-id
5231866240
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295555958
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		419 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=549423151144837&correlator=2930089697354819&output=ldjh&impl=fif&adsid=NT&eid=21065428%2C21065353%2C21065391%2C21065304&vrg=2020011602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200126&iu=%2F29390238%2Fnyt%2Fus%2Fsectionfront&sz=1x1%7C640x480&scp=div%3Dinterstitial%26pos%3Dinterstitial%26request_time%3D909&cust_params=edn%3Dus%26sov%3D1%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1580073026305%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_bofa%252Cgs_society_religion%252Cgs_society%252Cgs_politics%252Cneg_mastercard%252Cneg_google%252Cneg_fcli%252Cgs_politics_misc%252Cgs_health_misc%252Cneg_ibmtest%252Cgs_health%252Cneg_ibm%252Cgv_safe%252Cgs_t%26sub%3Danon%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_amzn_0_control%252Cdfp_als_1_als%252Cdfp_als_home_1_als%252Cmkt_dfp_ods_2_test%252Cmc_dfp_topbar_bar_anon_1019_1_login%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_ad_counting_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_1_25cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cdfp_messaging_flexframe_ctr_0_control%26page_view_id%3DeRNaSFAiBWkXRjBEitZmvlDZ%26aid%3DOEYDNTb-b1ZpGQrszsUdss&cookie_enabled=1&bc=31&abxe=1&lmt=1580073793&dt=1580074278069&dlt=1580074277176&idt=844&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=1591558105&uci=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxlhz.site%2F&dssz=38&icsg=137489199088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1448094233.1580074278&ga_sid=1580074278&ga_hid=2008622736&fws=644&ohw=1585
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
634fc9acaea8fce475ab24b07db3342ae7c9d98c96f412cbfaecfd8e54901b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api-js.datadome.co/js/ 		2 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.48.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-48-166.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 26 Jan 2020 21:31:18 GMT
Server
DataDome
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
2
Expires
0
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2008622736&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fxlhz.site%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=dock&ea=impression&el=gdpr&_u=YAhAAEAB~&jid=704375775&gjid=841670899&cid=1448094233.1580074278&tid=UA-58630905-2&_gid=1753417768.1580074278&_r=1&gtm=2wg1f1P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd9=9&cd14=null&cd21=collection&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd42=nyt-vi&cd48=null&cd49=&cd51=nyt-vi&cd52=collection&cd54=null&cd57=0&cd58=0&cd59=&cd60=&cd63=OEYDNTb-b1ZpGQrszsUdss&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=OEYDNTb-b1ZpGQrszsUdss&cd172=desktop&cd173=desktop&z=710764098
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jan 2020 21:31:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=549423151144837&correlator=2930089697354819&output=ldjh&impl=fif&adsid=NT&eid=21065428%2C21065353%2C21065391%2C21065304&vrg=2020011602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200126&iu=%2F29390238%2Fnyt%2Fus%2Fsectionfront&sz=300x250%7C300x600&scp=div%3Dmid2%26pos%3Dmid2%26request_time%3D1008&cust_params=edn%3Dus%26sov%3D1%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1580073026305%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_bofa%252Cgs_society_religion%252Cgs_society%252Cgs_politics%252Cneg_mastercard%252Cneg_google%252Cneg_fcli%252Cgs_politics_misc%252Cgs_health_misc%252Cneg_ibmtest%252Cgs_health%252Cneg_ibm%252Cgv_safe%252Cgs_t%26sub%3Danon%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_amzn_0_control%252Cdfp_als_1_als%252Cdfp_als_home_1_als%252Cmkt_dfp_ods_2_test%252Cmc_dfp_topbar_bar_anon_1019_1_login%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_ad_counting_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_1_25cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cdfp_messaging_flexframe_ctr_0_control%26page_view_id%3DeRNaSFAiBWkXRjBEitZmvlDZ%26aid%3DOEYDNTb-b1ZpGQrszsUdss&cookie_enabled=1&bc=31&abxe=1&lmt=1580073793&dt=1580074278170&dlt=1580074277176&idt=844&frm=20&biw=1585&bih=1200&oid=3&adx=1091&ady=1544&adk=912483668&uci=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxlhz.site%2F&dssz=38&icsg=137489199088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&ga_vid=1448094233.1580074278&ga_sid=1580074278&ga_hid=2008622736&fws=4&ohw=1585
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4810b66e3841c5e0563bd7ea0ad626b57e554716fdef97a6703c733e7d3dbda3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2686
x-xss-protection
0
google-lineitem-id
5225569571
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294632873
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=549423151144837&correlator=2930089697354819&output=ldjh&impl=fif&adsid=NT&eid=21065428%2C21065353%2C21065391%2C21065304&vrg=2020011602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200126&iu=%2F29390238%2Fnyt%2Fus%2Fsectionfront&sz=300x250%7C300x600&scp=div%3Dmid3%26pos%3Dmid3%26request_time%3D1021&cust_params=edn%3Dus%26sov%3D1%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1580073026305%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_bofa%252Cgs_society_religion%252Cgs_society%252Cgs_politics%252Cneg_mastercard%252Cneg_google%252Cneg_fcli%252Cgs_politics_misc%252Cgs_health_misc%252Cneg_ibmtest%252Cgs_health%252Cneg_ibm%252Cgv_safe%252Cgs_t%26sub%3Danon%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_amzn_0_control%252Cdfp_als_1_als%252Cdfp_als_home_1_als%252Cmkt_dfp_ods_2_test%252Cmc_dfp_topbar_bar_anon_1019_1_login%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_ad_counting_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_1_25cents%252Cmkt_dfp_intl_pricing_med_conv_2_75cents%252Cdfp_messaging_flexframe_ctr_0_control%26page_view_id%3DeRNaSFAiBWkXRjBEitZmvlDZ%26aid%3DOEYDNTb-b1ZpGQrszsUdss&cookie_enabled=1&bc=31&abxe=1&lmt=1580073793&dt=1580074278181&dlt=1580074277176&idt=844&frm=20&biw=1585&bih=1200&oid=3&adx=1093&ady=1338&adk=343490638&uci=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxlhz.site%2F&dssz=38&icsg=137489199088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&ga_vid=1448094233.1580074278&ga_sid=1580074278&ga_hid=2008622736&fws=4&ohw=1585
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
66dd6559ebf473dc57bcde43428a6d0808af8236924a4a6405bad588a279a6e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2605
x-xss-protection
0
google-lineitem-id
5231866240
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295849459
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
et.nytimes.com/ 		105 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxlhz.site%2F&clientTimeStamp=1580074278205&totalTime=0&evtUUID=654d39e4-e41a-438e-84c4-1a79fb3a8d87&gtm=GTM-P528B3-355-Production&page_view_id=eRNaSFAiBWkXRjBEitZmvlDZ&performance=%7B%22first-paint%22%3A361%2C%22first-contentful-paint%22%3A361%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&et2_pageview_id=eRNaSFAiBWkXRjBEitZmvlDZ&sourceApp=nyt-vi&assetData=%7B%22url%22%3A%22https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus%22%2C%22wordCount%22%3A0%2C%22id%22%3A100000004047817%2C%22publishedDate%22%3A1449687013000%2C%22publishedTimestamp%22%3A1449687013000%2C%22lastUpdatedTimestamp%22%3A1579886633000%2C%22uri%22%3A%22nyt%3A%2F%2Flegacycollection%2F11f72ab4-7cd0-540a-93cc-f35b32cd013d%22%2C%22section%22%3A%22U.S.%22%2C%22sectionContent%22%3A%22us%22%2C%22contentTone%22%3A%22NEWS%22%2C%22slug%22%3A%22us%22%2C%22source%22%3A%22nyt_cms%22%2C%22derivedDesk%22%3A%22national_desk%22%2C%22type%22%3A%22sectioncollection%22%2C%22languageName%22%3A%22English%22%2C%22languageCode%22%3A%22en%22%2C%22jkiddSrc%22%3A%22fe%22%7D&skipFilter=%5B%22content%22%2C%22jkiddata%22%5D&callback=window.EventTracker.cb0&pageMetaData=%7B%22PT%22%3A%22collection%22%2C%22CG%22%3A%22U.S.%22%2C%22SCG%22%3A%22%22%2C%22byl%22%3A%22%22%2C%22tom%22%3A%22%22%2C%22hdl%22%3A%22%22%2C%22ptime%22%3A%2220151209135013%22%2C%22cre%22%3A%22%22%2C%22articleid%22%3A100000004047817%2C%22channels%22%3A%22%22%2C%22CN%22%3A%22us%22%2C%22CT%22%3A%22sectionfront%22%2C%22backfilled%22%3A%22articleid%2CCG%22%7D&additionalClientData=%7B%22ul%22%3A%22en-US%22%2C%22js%22%3A%22Yes%22%2C%22jv%22%3A%221.5%22%2C%22fi%22%3A%22No%22%2C%22tz%22%3A1%2C%22bh%22%3A22%2C%22cd%22%3A24%2C%22sr%22%3A%221600x1200%22%2C%22bs%22%3A%221600x1200%22%2C%22jo%22%3A%22No%22%2C%22or%22%3A%22land%22%7D
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
c910f4026a20e50712016d2d4e212f43d262d8cb5faacdb9b20e7fd79b944d6f

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:06 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/javascript
50550
tags.bluekai.com/site/ 		41 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/50550?ret=js&limit=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.19.42.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-42-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Jan 2020 21:31:18 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
41
BK-Server
71a5
Expires
Thu, 01 Dec 1994 16:00:00 GMT
activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;...
5290727.fls.doubleclick.net/ Frame 863D
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUds...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;u8=;u10=http%3A%2F%2Fxlhz.site%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5290727.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;u8=;u10=http%3A%2F%2Fxlhz.site%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlQQaIGWbmK6J-HfaHD6XjaWHk_BBjJZrnFn1qxyA8rl2BgI1jshXGbtaaa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 26 Jan 2020 21:31:18 GMT
expires
Sun, 26 Jan 2020 21:31:18 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
436
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 26 Jan 2020 21:31:18 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJr_y7CboucCFT7DuwgdQ4sH4A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7533232634910;gtm=2wg1f1;auiddc=74261147.1580074278;u4=;u5=undefined;u6=undefined;u7=OEYDNTb-b1ZpGQrszsUdss;u8=;u10=http%3A%2F%2Fxlhz.site%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
IDE=AHWqTUlQQaIGWbmK6J-HfaHD6XjaWHk_BBjJZrnFn1qxyA8rl2BgI1jshXGbtaaa; expires=Fri, 19-Feb-2021 21:31:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
chartbeat.js
static.chartbeat.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:8a00:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 20:35:07 GMT
content-encoding
gzip
last-modified
Tue, 29 Oct 2019 02:24:02 GMT
server
nginx
age
3371
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=7200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
H_oMCNfBABEmqp-PT2PV-t-xO88WVvJa1_6R6-T0IqkpYbmh5Zk2cQ==
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
expires
Sun, 26 Jan 2020 22:35:07 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.41.26 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Aug 2019 15:56:57 GMT
Server
Apache
ETag
"31600f9-6afc-590a29f6f4dd4"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9603
Expires
Sun, 02 Feb 2020 21:31:18 GMT
show-ads.js
a1.nyt.com/analytics/ 		45 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
x-cache-hits
310
age
13293
status
200
x-guploader-uploadid
AEnB2UrWczyLDI_vJM37EJX0Zw2WIuF6Hr8eElC74wwZwqm8GUv8jTOBaZmNR4Ust_UplO1hErkTiRblFul2Kwck_NAlIapalwYFYQiE3rARnBNs5FRdR30
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
65
x-served-by
cache-fra19183-FRA
access-control-allow-origin
*
last-modified
Thu, 28 Mar 2019 13:58:23 GMT
server
UploadServer
x-timer
S1580074278.227650,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
x-goog-generation
1553781503379173
via
1.1 varnish
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
45
x-nyt-pagetype
nyt-dti-analytic
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 Jun 2019 17:44:55 GMT
comscore-streaming.js
a1.nyt.com/analytics/ 		103 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/comscore-streaming.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
x-cache-hits
425
age
16744
status
200
x-guploader-uploadid
AEnB2Upos0rAx0sRONM8yBh8IHHgtPe7guDrmuRPr2ZNMk-duphmuuSJTrl99V_C73xVXWVoiR8TMzWEdLUdNxac66SSXelbXa7zq9MNO_fTY65J-FT4T1k
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS
content-length
18717
x-served-by
cache-fra19183-FRA
access-control-allow-origin
*
last-modified
Thu, 28 Mar 2019 13:58:22 GMT
server
UploadServer
x-timer
S1580074278.228199,VS0,VE0
etag
"04e0b9556a78ce5cedf86a34e5483036"
vary
Accept-Encoding
x-goog-hash
crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
x-goog-generation
1553781502928656
via
1.1 varnish
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
105675
x-nyt-pagetype
nyt-dti-analytic
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 23 Jun 2019 16:48:22 GMT
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=2008622736&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fxlhz.site%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aAjAAEAB~&jid=&gjid=&cid=1448094233.1580074278&tid=UA-58630905-2&_gid=1753417768.1580074278&gtm=2wg1f1P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd4=U.S.&cd9=9&cd10=xlhz.site&cd13=xlhz.site&cd14=national_desk&cd15=earned&cd16=referring_links&cd17=100000004047817&cd21=collection&cd23=U.S.&cd26=2015&cd27=2015-12-09-13&cd28=Wednesday&cd29=13&cd30=1579886633000&cd34=NEWS&cd36=us&cd37=0&cd42=nyt-vi&cd48=December&cd49=blurb_under_100&cd51=nyt-vi&cd52=collection&cd54=national_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=OEYDNTb-b1ZpGQrszsUdss&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=OEYDNTb-b1ZpGQrszsUdss&cd172=desktop&cd173=desktop&z=213822039
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jan 2020 02:04:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
761226
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
mwcm.nytimes.com/capi/metered_assets/ 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=1&ma=1&counted=false&granted=true&us=anon&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
age
0, 0
x-cache
MISS
status
200
x-served-by
cache-fra19183-FRA
access-control-allow-origin
https://www.nytimes.com
server
Google Frontend
x-cmots-campaign-names
{"barOne":"MAG_web_anon_new-journey-rollout","dock":"MAG_web_anon_new-journey-rollout","inlineUnit":"MAG_web_anon_new-journey-rollout","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer
S1580074278.238830,VS0,VE514
vary
x-nyt-cig-edu-b2b, x-nyt-user-status, x-nyt-country, x-nyt-device, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 varnish
x-cloud-trace-context
265d737bebb2b80b3c792d2514ece862
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-params
accept-ranges
bytes, bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4649 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sun, 26 Jan 2020 20:34:24 GMT
expires
Mon, 25 Jan 2021 20:34:24 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3414
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1579695672934178"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28080
x-xss-protection
0
expires
Sun, 26 Jan 2020 21:31:18 GMT
ping
pnytimes.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fsection%2Fus&u=BDSqlmCVXaJzBnv24d&d=nytimes.com&g=16698&g0=us%2Cnational_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2635&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=http%3A%2F%2Fxlhz.site%2F&b=1333&t=bmnkoDRu9Rc6jODKCH7KzTDELtc-&V=118&i=U.S.%20News%20-%20The%20New%20York%20Times&tz=-60&_acct=anon&sn=1&sv=C7PGD9BnENpLxDx1CC8fHmzrB4Ua&sr=http%3A%2F%2Fxlhz.site%2F&sd=1&im=06679ff3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.17.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-17-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 26 Jan 2020 21:31:18 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
/
et.nytimes.com/ 		105 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxlhz.site%2F&clientTimeStamp=1580074278205&totalTime=32&evtUUID=654d39e4-e41a-438e-84c4-1a79fb3a8d87&gtm=GTM-P528B3-355-Production&incognitoEnabled=false&activeTime=0&page_view_id=eRNaSFAiBWkXRjBEitZmvlDZ&performance=%7B%22first-paint%22%3A361%2C%22first-contentful-paint%22%3A361%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22meter%22%2C%22context%22%3A%22b3fc6e3%22%2C%22label%22%3A%220%22%2C%22region%22%3A%22false%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=eRNaSFAiBWkXRjBEitZmvlDZ&sourceApp=nyt-vi&callback=window.EventTracker.cb1&datumId=2321210f9c754f37
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
aefdec4ee5b0e7e2ebda40c195f0116ac4509f69e6b97df1e952ab7c0c804713

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:30 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/javascript
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F4CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sun, 26 Jan 2020 20:34:24 GMT
expires
Mon, 25 Jan 2021 20:34:24 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3414
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
50136
stags.bluekai.com/site/ 		62 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/50136?limit=1&id=OEYDNTb-b1ZpGQrszsUdss&gtmcb=1602822787
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-109-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Jan 2020 21:31:18 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
91b6
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cookie set 50134
stags.bluekai.com/site/ Frame F2E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&phint=referrer%3Dhttp%3A%2F%2Fxlhz.site%2F&phint=section%3DU.S.&phint=subsection%3D&phint=pagetype%3Dcollection&phint=keywords%3D&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype%3Dsectioncollection&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=63647587
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-109-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.nytimes.com/section/us
Accept-Encoding
gzip, deflate, br
Cookie
bkdc=phx; bku=5LD99YRank8ETf6l
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

Content-Type
text/html
Content-Length
1756
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma
no-cache
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control
max-age=0, no-cache, no-store
BK-Server
cc86
Date
Sun, 26 Jan 2020 21:31:18 GMT
Connection
keep-alive
Set-Cookie
bku=5LD99YRank8ETf6l; expires=Fri, 24-Jul-2020 21:31:18 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 509B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sun, 26 Jan 2020 20:34:24 GMT
expires
Mon, 25 Jan 2021 20:34:24 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3414
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame B533 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXzn9rXjRE-wkMrTjf52sRgFc4yQfHZCuCx5TFVOq9umoJ_2ly587ccCgscguE6xJPRYMwkWl0Ow8Br1u1PErFVkK255denwep7EI3iSrgyiR0qZmL2aJw4W2SEOzAsh8rw7bbP2zoBISciX11W8iPSwaYCLIOWmsVeGCQojKDb9-WHc6JaH-1_2jeSCbi2g9vSaFonvxVF6wO8qm-O_iClCrokIUkkJUb095YM3BVuFsGydUhznCvarJuu65SFbTMPkNV-ajGERTILJdW_waZ6dAnqjB29q9sDk5sj_sJtw2WF5NapZU6Eeu2r25O&sig=Cg0ArKJSzJP0UNAe9-2XEAE&urlfix=1&adurl=
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jan 2020 21:31:18 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
B23204913.260916439;dc_pre=COvL3LCboucCFdfEuwgdpWwAKA;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame B533
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_pre=COvL3LCboucCFdfEuwgdpWwAKA;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rd...
7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_pre=COvL3LCboucCFdfEuwgdpWwAKA;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
69e3ed932ab3b69f6dd05c60629d8a549d246056714c4d0e9b104d1315bd91c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Jan 2020 21:31:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_pre=COvL3LCboucCFdfEuwgdpWwAKA;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B533 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1579695672934178"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27829
x-xss-protection
0
expires
Sun, 26 Jan 2020 21:31:18 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame B533 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDbwLTtkwEQARgBMggqFIgenomAFg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011602.js?21065428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92cf74dd512181b762a156a3adec939ccb0c9d57cd86c8e92e474bb3e4fd4bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 22 Jan 2020 18:24:07 GMT
x-content-type-options
nosniff
server
cafe
age
356831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10681
x-xss-protection
0
expires
Wed, 29 Jan 2020 18:24:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B533 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B23204913.260916439;dc_pre=COvL3LCboucCFdfEuwgdpWwAKA;dc_trk_aid=456584897;dc_trk_cid=124814348;ord=237375623;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 13:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 May 2018 20:45:00 GMT
server
sffe
age
29590
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
expires
Mon, 25 Jan 2021 13:18:08 GMT
truncated
/ Frame B533 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3a9f3963bee7bbf02b80ac9c8d0904957ac7fa20d0f67230ddd3d73defe099e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7333 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.nytimes.com/section/us
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
8395
date
Sun, 26 Jan 2020 13:18:27 GMT
expires
Mon, 25 Jan 2021 13:18:27 GMT
last-modified
Wed, 09 May 2018 20:45:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29571
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
et.nytimes.com/ 		105 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxlhz.site%2F&clientTimeStamp=1580074278205&totalTime=592&evtUUID=654d39e4-e41a-438e-84c4-1a79fb3a8d87&gtm=GTM-P528B3-355-Production&adBlockEnabled=false&activeTime=0&page_view_id=eRNaSFAiBWkXRjBEitZmvlDZ&performance=%7B%22first-paint%22%3A361%2C%22first-contentful-paint%22%3A361%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=eRNaSFAiBWkXRjBEitZmvlDZ&sourceApp=nyt-vi&callback=window.EventTracker.cb2&datumId=2321210f9c754f37&agentId=OEYDNTb-b1ZpGQrszsUdss
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
ce18daf27894603ec741924e063ab217f5ef8b2ed8e9f84a4c028c11eb896a38

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:24 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/javascript
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
/
et.nytimes.com/ 		105 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxlhz.site%2F&clientTimeStamp=1580074278205&totalTime=601&evtUUID=654d39e4-e41a-438e-84c4-1a79fb3a8d87&gtm=GTM-P528B3-355-Production&activeTime=0&page_view_id=eRNaSFAiBWkXRjBEitZmvlDZ&performance=%7B%22first-paint%22%3A361%2C%22first-contentful-paint%22%3A361%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=eRNaSFAiBWkXRjBEitZmvlDZ&sourceApp=nyt-vi&callback=window.EventTracker.cb3&datumId=2321210f9c754f37&agentId=OEYDNTb-b1ZpGQrszsUdss
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.30.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-30-163.compute-1.amazonaws.com
Software
/
Resource Hash
d5183ae5a726713d6324f30aaae4869fadf5f8181686884b93c538ab5a26a02a

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:31 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/javascript
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
cs.js
sb.scorecardresearch.com/c2/3005403/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/3005403/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 21:31:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2013 17:55:29 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1384365329"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Wed, 29 Jan 2020 21:31:19 GMT
log
errors.client.optimizely.com/ 		13 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.203.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-203-209.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sun, 26 Jan 2020 21:31:19 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
loader.js
platform.iteratehq.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: xlhz.site
URL: http://xlhz.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526e10ecc84880b1fc81d56c55c1fc297394a4ff0e6bbcc380cadce333a2bc2a

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 19:50:41 GMT
server
cloudflare
age
494
etag
W/"4a2bb510c0de53a4f9f1d8e4a1c1656e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
55b597d4bdbb97ae-FRA
x-amz-request-id
CFFA43A687BBEB54
x-amz-id-2
mq7cmrM9x2U4b6HIiP3H4ikOB4nZnKK2vDTVKCQqfse8A7F5UFqcXjqxWpZiKgB+Qh0dVoO6+tE=
sdk-prod-d7dd9df5a9b5126fe4c1.js
platform.iteratehq.com/ 		806 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/sdk-prod-d7dd9df5a9b5126fe4c1.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5360c07bf4de79d1d5ea49eef9b51078a107496638637c517ede5344a1d500f8

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 19:50:34 GMT
server
cloudflare
age
265145
etag
W/"adf96fe94df46d5c94bf03c1a123e784"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
cf-ray
55b597d4dddd97ae-FRA
x-amz-request-id
FFB15293F931FEC5
x-amz-id-2
x8omCFr3dS5uz/ObNsVG6KArlaAl6w5is7Tf5aP0Dmxw40kWVTW1JCpBhEKVkFBPcmuhIOr5vmk=
style-c6bf16e12786347c41d46a907b7630a9.css
platform.iteratehq.com/ 		135 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/style-c6bf16e12786347c41d46a907b7630a9.css
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bcb9cec4d688a616c25124be8f19751ddc6513d780085387a1a80cc500ab64

Request headers

Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 21:31:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 19:50:34 GMT
server
cloudflare
age
265145
etag
W/"c6bf16e12786347c41d46a907b7630a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
cf-ray
55b597d4dde097ae-FRA
x-amz-request-id
0550A321422DC0EA
x-amz-id-2
UxAIkhyQKteG3KtntrtWIl6DSBpEH1k0pwtybakLj0PD4v+qCAzN1cr12ZdgKbQbEFxMivW+7Lk=
embed
iteratehq.com/api/v1/surveys/ 		0
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-7d3ff8c2998e4e32ca30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Referer
https://www.nytimes.com/section/us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
authorization,content-type

Response headers

date
Sun, 26 Jan 2020 21:31:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST
status
200
cache-control
no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
55b597d5f9b39808-FRA
access-control-allow-headers
Authorization, Content-Type
content-length
0
embed
iteratehq.com/api/v1/surveys/ 		259 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdb65370c01b39f11207b92111917f9c7afe60ce239af8f205c048b342243ed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type
application/json

Response headers

date
Sun, 26 Jan 2020 21:31:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
55b597d70aaf9808-FRA
log
errors.client.optimizely.com/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.203.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-203-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Sun, 26 Jan 2020 21:31:19 GMT
Content-Type
text/plain
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/section/us
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| observer object| NYTD number| viHeadScriptSize object| vi object| __tti object| perfMetrics function| nyt_et object| dataLayer object| swgUserInfoXhrObject object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge boolean| INSTALL_RAVEN boolean| SwGEntitlement function| testCookie function| placeGpt object| googletag object| AdSlot4 string| alsVariant object| __preloadedData object| webpackJsonp object| SUBSCRIPTIONS object| SWG object| UrlCache object| __core-js_shared__ object| core object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| __SECRET_LIGHTS__ object| optimizely object| NYToptly object| google_tag_manager object| nytAnalytics string| ddjskey object| ddoptions boolean| _adBlockCheck object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken undefined| _ function| sprintf function| vsprintf string| sov object| meter boolean| NYT_VI_RENDERED boolean| initialDeviceTypeResizeCallback boolean| notprod string| GoogleAnalyticsObject function| ga object| _0x2055 function| _0x5b92 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| ddAnalyzerData number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| google_tag_data object| gaplugins object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls function| EventTracker number| pageEventTrackerTimeout object| pageEventTracker number| ln object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| opty_payload undefined| jkidd_data_user_tracking object| dl_user object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType object| params object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired boolean| adBlockDetected object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| bk_results object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_ignore_meta boolean| bk_allow_multiple_calls object| ns_ function| setImmediate function| clearImmediate undefined| Raven object| iterateprovider

27 Cookies

Domain/Path Name / Value
.bluekai.com/ Name: bku
Value: 5LD99YRank8ETf6l
.bluekai.com/ Name: bkdc
Value: phx
.doubleclick.net/ Name: IDE
Value: AHWqTUlD6dWdX8tZBJOcuKJJ__E2nfjcYBkwC5BDFROTl8zlX47VebBuVu9hgu_X
news.google.com/ Name: OTZ
Value: 5296171_52_52_123900_48_436380
.nytimes.com/ Name: nyt-a
Value: OEYDNTb-b1ZpGQrszsUdss
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22:false%7D
.google.com/ Name: S
Value: billing-ui-v3=r7L8gpuafwHvXzWZY_42OoGtib1YfnEc:billing-ui-v3-efe=r7L8gpuafwHvXzWZY_42OoGtib1YfnEc
.pay.google.com/ Name: _gid
Value: GA1.3.737916561.1580074278
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22:false%7D
.pay.google.com/ Name: _gat_UA1168580691
Value: 1
www.nytimes.com/ Name: _cb
Value: BDSqlmCVXaJzBnv24d
www.nytimes.com/ Name: _chartbeat2
Value: .1580074278260.1580074278260.1.C7PGD9BnENpLxDx1CC8fHmzrB4Ua.1
.nytimes.com/ Name: _gat_UA-58630905-2
Value: 1
www.nytimes.com/ Name: _cb_ls
Value: 1
.pay.google.com/ Name: _ga
Value: GA1.3.1301547216.1580074278
.nytimes.com/ Name: nyt-m
Value: 8014011481C89A17E6632B1A311395E5&vr=l.4.0.0.0.0&ft=i.0&iru=i.0&er=i.1580074278&ica=i.0&rc=i.0&vp=i.0&prt=i.0&n=i.2&ird=i.0&s=s.core&e=i.1580515200&imu=i.1&iue=i.0&ier=i.0&iub=i.0&igd=i.0&g=i.0&fv=i.0&iir=i.0&uuid=s.d3ae7072-f3d8-475a-9291-1c463e901dba&iga=i.0&t=i.1&v=i.0&cav=i.0&ifv=i.0&imv=i.0&igf=i.0&ira=i.0&pr=l.4.0.0.0.0&igu=i.1
.nytimes.com/ Name: _gcl_au
Value: 1.1.74261147.1580074278
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1580074277946&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/ Name: walley_gid
Value: GA1.2.1753417768.1580074278
.nytimes.com/ Name: walley
Value: GA1.2.1448094233.1580074278
.nytimes.com/ Name: nyt-purr
Value: cfh
www.nytimes.com/ Name: _cb_svref
Value: http%3A%2F%2Fxlhz.site%2F
.nytimes.com/ Name: nyt-gdpr
Value: 1
pay.google.com/ Name: OTZ
Value: 5296171_52_52_123900_48_436380
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_
.google.com/ Name: NID
Value: 196=C-meGHrzVNZ-nA3fb7QQ4_sIj4wYMsiXBkeL995OZdjd9x6MjpWq2BhtgiAie0muppQ1ZybIlIRc7DiRHvyk6l5vpTo1H5BabPLngojQww-D_udkbOFmd-Qa8X32EeDZEj04B1BAJ5fDVMrDX2b7KV7V5sxQidApYOtY4cWUflI
.nytimes.com/ Name: __gads
Value: ID=29997c4471fa1421:T=1580074278:S=ALNI_MYC_iZOkAaBJKEOuxVuAsSw2UGmQQ

12 Console Messages

Source Level URL
Text
console-api log URL: https://news.google.com/swg/js/v1/swg.js(Line 27)
Message:
Subscriptions Runtime: 0.1.22.91
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-0fb7cbc1417d31108023.js(Line 1)
Message:
<!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api warning (Line 2)
Message:
et2 snippet should only load once per page
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'defineSizeMapping' of null
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011602.js?21065428(Line 6)
Message:
Invalid GPT size specification: []
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-0fb7cbc1417d31108023.js(Line 1)
Message:
Service Worker: content is cached

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
api-js.datadome.co
cdn.optimizely.com
cdnjs.cloudflare.com
cigsvc.nytimes.com
clients2.google.com
errors.client.optimizely.com
et.nytimes.com
g1.nyt.com
iteratehq.com
js.datadome.co
meter-svc.nytimes.com
mwcm.nytimes.com
news.google.com
nytimes.com
pay.google.com
payments.google.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.chartbeat.com
static01.nyt.com
tags.bkrtx.com
tags.bluekai.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
xlhz.site
104.108.41.26
143.204.214.104
151.101.113.164
151.101.13.164
151.101.65.164
172.217.16.198
2.16.31.65
2.19.42.73
216.58.208.34
23.5.109.152
2600:9000:2057:8a00:18:1fcd:349:ca21
2606:4700:3036::6812:206c
2606:4700::6811:4004
2a00:1450:4001:806::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:820::2008
2a00:1450:4001:820::200e
2a00:1450:4001:825::2013
2a00:1450:400c:c0b::5c
2a00:1450:400c:c0c::5c
2a02:26f0:6c00:181::13b8
3.120.48.166
34.211.213.227
34.235.203.209
34.237.17.44
35.241.35.241
50.17.30.163
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05bcb9cec4d688a616c25124be8f19751ddc6513d780085387a1a80cc500ab64
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ca66e262b4aed6267d59d9b2e4a2a51637fcc477517a3fe080b5b371e25403a
0e4d971a5cb7344c1e6e35524a98c21e26b6c0ef8039617dac37622f95d9024e
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1d68eabf261370a4ed5be7cd56da6a7acf760621b8515b640272b07c9ebfa062
1dc5189d4f01bb24373da5777606214357924586206b50dda15c72a6fac04300
2310526c7b7207f2e2b1f3f9f5b33912dab1341f548c62a26021ad836076aeaf
25f5142494a3cf516f7d216d8e5651a4dbd444416534ebd59d74f9ff7b032c1d
2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190
26219c50825d5f117def82cec153691cbb69a540f193ac3475225f9cb6173284
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd
2b25d683cf9bad7693d678fbafa815a9821eeb30680ea2a1f9ae6b00059d6c9e
2c1ea91345c67385ca912f554c8a396b7bb7fb7360bb0b57fe1b8a6a862dff0f
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
386191468f381805ab289f406e0173a1e3b3cae9b8ba280e7ad3366296acc414
3c94b3ff6f97e39d511b3490e687bcf8a554fa0ac63949e36df901182ad9d39b
3eed1af776a94c28717e8b1e25ca6929c839e8888dc075293a792171cd236021
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451eb3042f77509a4daf0656a4ebffea9243661cd2a4684ff6192febd33eb7c3
4810b66e3841c5e0563bd7ea0ad626b57e554716fdef97a6703c733e7d3dbda3
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526e10ecc84880b1fc81d56c55c1fc297394a4ff0e6bbcc380cadce333a2bc2a
5360c07bf4de79d1d5ea49eef9b51078a107496638637c517ede5344a1d500f8
549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
576dc505683eccbff74e480e72245b53c9b30e40afd00f2fea2ccc9b3bd5b24a
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724
5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647
632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e
634fc9acaea8fce475ab24b07db3342ae7c9d98c96f412cbfaecfd8e54901b7d
66dd6559ebf473dc57bcde43428a6d0808af8236924a4a6405bad588a279a6e3
67375f8dea18f2efa780b2892a03c51c4bd30595f98157f7268cf4715aded1c8
69e3ed932ab3b69f6dd05c60629d8a549d246056714c4d0e9b104d1315bd91c3
6a53efa9491b81b9b113203fe403b09a4770779d1d82c4cebb3cd823ddb0654b
746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
884bd1998746a95f4b16f442da4a1af0c8afa236393473fb43130e176d2d347f
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d88ab139995fe6b8a1ef2ac68de663524a71cf805567af8f4431841a73bd3d9
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
92cf74dd512181b762a156a3adec939ccb0c9d57cd86c8e92e474bb3e4fd4bdb
9b2b872265e22d97fda3c73e78d8ca3345f33c70bbea858ffa79e158dbae5b19
9bdb65370c01b39f11207b92111917f9c7afe60ce239af8f205c048b342243ed
a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be
a3a9f3963bee7bbf02b80ac9c8d0904957ac7fa20d0f67230ddd3d73defe099e
a43bedf6f55ec114cc6274c90f19feecd05d875404b168167b1c62c8dcd41505
ad778df3bd80165ddc0b8e65aa5635ba1aac654205ac1debd87caf7705c2bd3e
ae97abbdab832576d589a315ddaf1a7999959e60eb0a15730bf8aea80d63ee48
aefdec4ee5b0e7e2ebda40c195f0116ac4509f69e6b97df1e952ab7c0c804713
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd
b2bd84dc001c544114fdcf9f1d58dfe7ae0cc08844365f36a7c40e42cf490d7d
bb5dde89f47aedb3ac045ced1339d4a763fc2d1396e45207491d072d967dc3c7
c4876dae58d79e83c9618288a0e81c71eaf846ff59aa3afa7de948d80cec104a
c910f4026a20e50712016d2d4e212f43d262d8cb5faacdb9b20e7fd79b944d6f
c9d6bdcacd87c3b957c320c0f4d579e267d473ac8b0b4c0f891c2be957eb1a12
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce18daf27894603ec741924e063ab217f5ef8b2ed8e9f84a4c028c11eb896a38
ceee45938bdbb9d891e6dd55d162bd81a1d259a540b71c2b1fb78b82283b5d1b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5183ae5a726713d6324f30aaae4869fadf5f8181686884b93c538ab5a26a02a
d53f29c5021ef1819283734181a1f77c47931f8a1c8588344b7744831804b868
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e453876fb642a6b08b3ffafdc3b7c241de26aae0ee58db079e635fc1f682ef02
ecde345fbe435fb1e1b9d1c7ee8e032f4c3e78f5ebb0d9d3c92ba79027c0e4b2
ede33e8b476fe12ac4e18f66fdd85f7f4e1445225edd9d3d86afce8d0cfb1d66
f8da5ece26c16204c0b249082dde3341459890da3c909805c10400f3beccf468
f8ff149df77b50b4ee8e02297ca3fe5800998ff46b8fbe3f6554456fa0e31226
fc0f2abacd8dfdce33be101faac14e4ad17306c4b6f37c156ccbf86a8968e391
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629