www.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oyly.xyz/
Effective URL:
https://www.nytimes.com/section/us
Submission: On March 04 via api (March 4th 2020, 4:33:54 am UTC) from DE

Summary HTTP 115 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 17 domains to perform 115 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	167.99.26.105 167.99.26.105	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
43	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1 1	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
9	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
8	52.45.162.54 52.45.162.54	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.101.22 143.204.101.22	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2013	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	18.195.114.24 18.195.114.24	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:ce00:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
1	100.25.120.185 100.25.120.185	14618 (AMAZON-AES) (AMAZON-AES)
2	34.227.153.53 34.227.153.53	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:303... 2606:4700:3032::6812:216c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.33.211 23.37.33.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
115	28

4 167.99.26.105 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

oyly.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.164 (United States) 1 redirects

ASN54113 (FASTLY, US)

nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cigsvc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::5c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
payments.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients2.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.45.162.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-162-54.compute-1.amazonaws.com

et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-22.fra50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.114.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-114-24.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ce00:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.120.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-120-185.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.153.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-153-53.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::6812:216c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.33.211 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-33-211.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	nytimes.com 1 redirects www.nytimes.com a.et.nytimes.com samizdat-graphql.nytimes.com nytimes.com cigsvc.nytimes.com et.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	642 KB
31	nyt.com g1.nyt.com static01.nyt.com a1.nyt.com	2 MB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net 5290727.fls.doubleclick.net	103 KB
11	google.com 2 redirects news.google.com pay.google.com payments.google.com clients2.google.com adservice.google.com www.google.com	56 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	12 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	234 KB
4	oyly.xyz 1 redirects oyly.xyz	1 MB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	118 KB
2	typekit.net use.typekit.net p.typekit.net	1 KB
2	datadome.co js.datadome.co api-js.datadome.co	23 KB
1	chartbeat.net pnytimes.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.de www.google.de	109 B
1	google.nl adservice.google.nl	171 B
1	gstatic.com www.gstatic.com	82 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
115	17

	Domain	Requested by
22	static01.nyt.com	www.nytimes.com
11	a.et.nytimes.com	www.nytimes.com
10	www.nytimes.com	oyly.xyz www.nytimes.com
9	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
8	et.nytimes.com	www.nytimes.com oyly.xyz
8	g1.nyt.com	www.nytimes.com
5	news.google.com	www.nytimes.com news.google.com
4	oyly.xyz	1 redirects oyly.xyz
3	platform.iteratehq.com	oyly.xyz platform.iteratehq.com
3	pagead2.googlesyndication.com	www.nytimes.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.nytimes.com
2	iteratehq.com	www.nytimes.com
2	errors.client.optimizely.com	www.nytimes.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	pay.google.com	news.google.com
2	samizdat-graphql.nytimes.com	www.nytimes.com
1	p.typekit.net
1	use.typekit.net
1	pnytimes.chartbeat.net	www.nytimes.com
1	a1.nyt.com	oyly.xyz
1	static.chartbeat.com	oyly.xyz
1	www.google.de	www.nytimes.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	mwcm.nytimes.com	www.nytimes.com
1	api-js.datadome.co	www.nytimes.com
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	js.datadome.co	oyly.xyz
1	clients2.google.com	news.google.com
1	www.gstatic.com	www.nytimes.com
1	payments.google.com	1 redirects
1	cigsvc.nytimes.com	www.nytimes.com
1	cdn.optimizely.com	www.nytimes.com
1	nytimes.com	1 redirects
1	www.googletagmanager.com	www.nytimes.com
115	40

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
nytimes.com
cn.nytimes.com
cooking.nytimes.com
parenting.nytimes.com
thewirecutter.com
nytconferences.com
store.nytimes.com
account.nytimes.com
eedition.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
spiderbites.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
a.et.nytimes.com COMODO RSA Domain Validation Secure Server CA	`2018-08-27` - `2020-08-26`	2 years	crt.sh
*.news.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2019-10-08` - `2021-10-21`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.nytimes.com/section/us
Frame ID: D59A994457AB1A4FE54322034B0243D2
Requests: 111 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
Frame ID: BB37DBF968EA0BFEF178196C624BE11C
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=439804
Frame ID: D21E6F2AAB3CF496957BA2E21EDB385E
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu;u8=;u10=http%3A%2F%2Foyly.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus
Frame ID: 1B14DFF7A92EA1DE6967DE969EBC2172
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F24880EC12826842A5142BCB643F8F43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://oyly.xyz/ Page URL
http://oyly.xyz/Home/Process HTTP 302
https://www.nytimes.com/section/us Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

Kestrel (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Page Statistics

115
Requests

97 %
HTTPS

58 %
IPv6

17
Domains

40
Subdomains

28
IPs

5
Countries

4400 kB
Transfer

8016 kB
Size

25
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log In

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://parenting.nytimes.com/
Title: parenting

Search URL Search Domain Scan URL

URL: https://thewirecutter.com/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: http://nytconferences.com/
Title: Live Events

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT store

Search URL Search Domain Scan URL

URL: https://account.nytimes.com/
Title: manage my account

Search URL Search Domain Scan URL

URL: http://eedition.nytimes.com/cgi-bin/signup.cgi?cc=37FYY
Title: replica edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2020 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014892108-Privacy-policy
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://spiderbites.nytimes.com/
Title: Site Map

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oyly.xyz/ Page URL
http://oyly.xyz/Home/Process HTTP 302
https://www.nytimes.com/section/us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://nytimes.com/ads/google/adsbygoogle.js HTTP 301
https://www.nytimes.com/ads/google/adsbygoogle.js

Request Chain 55

https://payments.google.com/payments/v4/js/integrator.js?ss=md HTTP 301
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

Request Chain 84

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=861624109&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Foyly.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=dock&ea=impression&el=gdpr&_u=YAhAAEAB~&jid=1099194620&gjid=1513209749&cid=537015988.1583296417&tid=UA-58630905-2&_gid=1426153552.1583296417&_r=1&gtm=2wg2j0P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd9=9&cd14=null&cd21=collection&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd42=nyt-vi&cd48=null&cd49=&cd51=nyt-vi&cd52=collection&cd54=null&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=slJ5zul8oCQ_mon-YhIFRu&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=slJ5zul8oCQ_mon-YhIFRu&cd172=desktop&cd173=desktop&z=516714784 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_gid=1426153552.1583296417&gjid=1513209749&_v=j81&z=516714784 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_v=j81&z=516714784 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_v=j81&z=516714784&slf_rd=1&random=3867832966

Request Chain 87

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu;u8=;u10=http%3A%2F%2Foyly.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu;u8=;u10=http%3A%2F%2Foyly.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
oyly.xyz/ 3 KB
3 KB 349ms
324ms Document
text/html 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://oyly.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fd5d68c2ad95c95fb7d7fec7b83cb486f928d224383d04e2c9940df5e5e368f4

Request headers

Host: oyly.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 04:33:32 GMT
Content-Type: text/html; charset=utf-8
Server: Kestrel
Cache-Control: no-store,no-cache
Pragma: no-cache
Transfer-Encoding: chunked

GET
H/1.1 200
OK jquery.min.js Show response
oyly.xyz/lib/jquery/dist/ 85 KB
85 KB 169ms
168ms Script
application/javascript 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://oyly.xyz/lib/jquery/dist/jquery.min.js
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

Referer: http://oyly.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 04:33:32 GMT
Last-Modified: Wed, 27 Nov 2019 19:56:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5a55cb8008591"
Content-Length: 86929
Content-Type: application/javascript

GET
H/1.1 200
OK playcanvas-latest.min.js Show response
oyly.xyz/lib/ 1009 KB
1010 KB 311ms
299ms Script
application/javascript 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://oyly.xyz/lib/playcanvas-latest.min.js
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a43bedf6f55ec114cc6274c90f19feecd05d875404b168167b1c62c8dcd41505

Request headers

Referer: http://oyly.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 04:33:32 GMT
Last-Modified: Thu, 21 Nov 2019 18:48:48 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5a09c4f122df3"
Content-Length: 1033715
Content-Type: application/javascript

GET
H2

200

Primary Request us Show response
www.nytimes.com/section/
Redirect Chain

http://oyly.xyz/Home/Process
https://www.nytimes.com/section/us

816 KB
98 KB

65ms
21ms

Document
text/html

151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/section/us

Requested by

Host: oyly.xyz
URL: http://oyly.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f0636fe0908679e694e4fd2a8e7418fe7c1572024af0938b6d36174ad13e496b

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /section/us
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://oyly.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://oyly.xyz/

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Wed, 04 Mar 2020 04:30:02 GMT
last-modified: Wed, 04 Mar 2020 04:30:02 GMT
x-pagetype: vi-collection
x-vi-compatibility: Compatible
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=600,no-cache
x-nyt-route: vi-collection
x-origin-time: 2020-03-04 04:30:04 UTC
accept-ranges: bytes
date: Wed, 04 Mar 2020 04:33:35 GMT
age: 211
x-served-by: cache-jfk8133-JFK, cache-fra19183-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1583296415.177935,VS0,VE1
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=slJ5zul8oCQ_mon-YhIFRu; Expires=Thu, 04 Mar 2021 04:33:35 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Wed, 04 Mar 2020 10:33:35 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhhpnh; Expires=Thu, 04 Mar 2021 04:33:35 GMT; Path=/; Domain=.nytimes.com
x-gdpr: 1
x-frame-options: DENY
x-api-version: F-F-VI
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 99170

Redirect headers

Date: Wed, 04 Mar 2020 04:33:34 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-store,no-cache
Pragma: no-cache
Location: https://www.nytimes.com/section/us

GET
H2 200 web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 22ms
20ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-cache-hits: 14410
age: 12572471
status: 200
x-guploader-uploadid: AEnB2UoZ_LvEh1F_VrfCOidW9TKNGcy4tP3fDnqVWT2wPk-avC_ijrP7yDcMEfsX0Ez7KKNMnRogVlZ0HTlMMUAwgbZipDAN3T1sUDXAAOHkhkYma4tNDD4
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
content-length: 9922
x-served-by: cache-fra19183-FRA
access-control-allow-origin: *
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583296415.217198,VS0,VE0
etag: "b3e9eedd81b658bb38d40b91c6568d7a"
vary: Accept-Encoding, Origin
x-goog-hash: crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
x-goog-generation: 1570567624278152
via: 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9922
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Fri, 09 Oct 2020 16:12:23 GMT

GET
H2 200 global-42db6c8821fec0e2b3837b2ea2ece8fe.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
2 KB 21ms
20ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-42db6c8821fec0e2b3837b2ea2ece8fe.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 976206
x-guploader-uploadid: AEnB2Upn5dX5XxsTnfETZbR0QPHGnbBKJ0y1-R7wTL8dImA2zpGBb5S_xXfg5DU_p4xWEc_hQEHfS5WQ0YfHBryWi853fT3IW28U-s1otbdxV-DD19yiZKQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-21 21:23:30 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 20:53:44 GMT
server: UploadServer
x-timer: S1583296415.216281,VS0,VE1
etag: "42db6c8821fec0e2b3837b2ea2ece8fe"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=kfeHYA==, md5=QttsiCH+wOKzg3suouzo/g==
x-goog-generation: 1582318424792323
expires: Sat, 20 Feb 2021 21:23:30 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 4619
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 1813
content-type: text/css; charset=utf-8
x-cache-hits: 14824

GET
H2 200 adslot-df60c69ae832943d22c0.js Show response
www.nytimes.com/vi-assets/static-assets/ 11 KB
5 KB 20ms
20ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-df60c69ae832943d22c0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e0f32d4e30e0a6e969beef61ec0faff6051e64ddf950c08fb85b495811da9c2

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 390179
x-guploader-uploadid: AEnB2UphCiOimkM4wo1JYscgX5ypnoLdm-aW3z1uvWu7CzmkqOoxm4i3wYnEFi_K-9Ewwi5vKmKIWC_gXwmxf6ZXsZ6TLXs7SQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:36 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:34 GMT
server: UploadServer
x-timer: S1583296415.219700,VS0,VE0
etag: "ca4f5029955768da7e187801e2d7d1d0"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=mLsjBQ==, md5=yk9QKZVXaNp+GHgB4tfR0A==
x-goog-generation: 1582904254960427
expires: Sat, 27 Feb 2021 16:10:36 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 11121
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 4276
content-type: application/javascript
x-cache-hits: 14144

GET
H2 200 03virus-washington01-threeByTwoMediumAt2X-v2.jpg
static01.nyt.com/images/2020/03/03/us/03virus-washington01/ 284 KB
284 KB 24ms
23ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-washington01/03virus-washington01-threeByTwoMediumAt2X-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2c4cecad1c8c0ff250579439976e672cc55a64923acfbbae77bca772f6955230

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 7008
status: 200
x-guploader-uploadid: AEnB2UqVfM4_plXQ73MFNoz8Ojns78PInH2B1AWsQjhFLaK7fkIh_HraWvbBpbVsF390vsbPOp3qkQ3jLBvhuJDZSS7_j05xUg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 290576
x-served-by: cache-bwi5134-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 02:36:30 GMT
server: UploadServer
x-timer: S1583296415.221243,VS0,VE2
etag: "9dae3d5da0b061d8d9fee522f4bfc01f"
vary: Origin
x-goog-hash: crc32c=gbmScA==, md5=na49XaCwYdjZ/uUi9L/AHw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 02:36:47 GMT

GET
H2 200 03virus-washington01-thumbStandard.jpg
static01.nyt.com/images/2020/03/03/us/03virus-washington01/ 6 KB
7 KB 29ms
24ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-washington01/03virus-washington01-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 643a5f374bfa5f0c8d5184f7f43b07893bfdf419dec0e0c688a97ce9774404d5

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 9682
status: 200
x-guploader-uploadid: AEnB2UpZ4QmKB-mYnw2nlPIqrEewEzp6lhCCXsFg0pzteALSsYpZ6aB_cj6EKabQ6D1K7m7oqRoPdRE6eJdglWhwdVAzg1fqpQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 4, 2
content-length: 6542
x-served-by: cache-bwi5127-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 01:51:17 GMT
server: UploadServer
x-timer: S1583296415.292955,VS0,VE0
etag: "a202eee15095a201a2a7e1177959fb93"
vary: Origin
x-goog-hash: crc32c=ZxTtUw==, md5=ogLu4VCVogGip+EXeVn7kw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 01:52:14 GMT

GET
H2 200 03nashville-promo-threeByTwoMediumAt2X-v4.jpg
static01.nyt.com/images/2020/03/03/world/03nashville-promo/ 441 KB
441 KB 35ms
30ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/world/03nashville-promo/03nashville-promo-threeByTwoMediumAt2X-v4.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 50c7f1838b1f0e0a7fe90fefa1523c2ba748378305e48c1297277b4b04990a81

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 50303
status: 200
x-guploader-uploadid: AEnB2UrrAzweaqbahUHOj4vTP4LixcpR4aqF2aRaVPJ-Gx9fhyWS44INXC4pva2A7qlWLLF0nohm0-S7W9G4d0O8mkni4ExzmA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 451434
x-served-by: cache-bwi5141-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 14:33:27 GMT
server: UploadServer
x-timer: S1583296415.292943,VS0,VE1
etag: "21adc19f9a8159374700a3333f74232c"
vary: Origin
x-goog-hash: crc32c=JNaZGQ==, md5=Ia3Bn5qBWTdHAKMzP3QjLA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 14:35:11 GMT

GET
H2 200 03nashville-promo-thumbStandard-v3.jpg
static01.nyt.com/images/2020/03/03/world/03nashville-promo/ 7 KB
8 KB 27ms
22ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/world/03nashville-promo/03nashville-promo-thumbStandard-v3.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 755efa871572a1711a45d4d079e05f9d6a13635ce4308a8dae60b133312927e9

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 17071
status: 200
x-guploader-uploadid: AEnB2UoMKIJ6zMUEQ5vbTMkoqeQlKgleE4RUHWd1X3EzBSfcCE5Ni0cL6LzWH1tf4Go5WD-0KIKxEfE3SUjHzipmKF8CSfENtg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 3, 3
content-length: 7533
x-served-by: cache-bwi5134-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:49:03 GMT
server: UploadServer
x-timer: S1583296415.292906,VS0,VE0
etag: "3b70204730626125d887ba8bd90e6d38"
vary: Origin
x-goog-hash: crc32c=2mK87Q==, md5=O3AgRzBiYSXYh7qL2Q5tOA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:49:05 GMT

GET
H2 200 03virus-religion01-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/03/03/us/03virus-religion01/ 95 KB
95 KB 29ms
24ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-religion01/03virus-religion01-threeByTwoMediumAt2X.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d533a6958f89c2a9142bff2b06bc23a888ccea9165dbf7edb5cff9606f54fae1

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 55861
status: 200
x-guploader-uploadid: AEnB2Uq3e9b5yzLFAEsy6uvIyCdIeOQFW5RrZU-_q-L-DmRmjcIlQMAMXP3cRF32NXzx-lsyi7btP3FkRHB9Q_Agj2gEwBaqXA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
content-length: 97221
x-served-by: cache-bwi5134-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 10:00:14 GMT
server: UploadServer
x-timer: S1583296415.292903,VS0,VE0
etag: "8918e7bffcdcaff3aa0432bf7a7761b2"
vary: Origin
x-goog-hash: crc32c=c8o1xA==, md5=iRjnv/zcr/OqBDK/endhsg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 13:02:34 GMT

GET
H2 200 03virus-religion01-thumbStandard.jpg
static01.nyt.com/images/2020/03/03/us/03virus-religion01/ 6 KB
6 KB 27ms
23ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-religion01/03virus-religion01-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0e7538a51c25c7b83a187a12ae055d941a81a12fc70dd1edeb411f275693f59d

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 66378
status: 200
x-guploader-uploadid: AEnB2UpFt__PI0oLJMqJDqnD2B9b3nZgLPUpPahsfpqyZP0xTPsPKpqY7Yj4CXeD9ucR9YpKwaDFKrmJoLBKHUS4JzVD8Uy3GQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 3, 3
content-length: 5971
x-served-by: cache-bwi5120-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 10:00:14 GMT
server: UploadServer
x-timer: S1583296415.292892,VS0,VE0
etag: "9707ee3b205b9181412acf99f991d5e2"
vary: Origin
x-goog-hash: crc32c=kOfyTA==, md5=lwfuOyBbkYFBKs+Z+ZHV4g==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 10:07:16 GMT

GET
H2 200 FPO-DURST-12-threeByTwoMediumAt2X-v2.jpg
static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/ 318 KB
319 KB 59ms
55ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/FPO-DURST-12-threeByTwoMediumAt2X-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 91db50aacff019605bd6632a2e1a844cc662a3373af33a8fb4aff84eeb5abfc9

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 18484
status: 200
x-guploader-uploadid: AEnB2Ur8_kiEIoAFLnO1Awsoz8qqWAwxoz9pjIzNSdcBqQ0ew0Z0xZ971lBOeUpP3XKvjrm1FYxu728r4-GKyE1dwXZxSN62jg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 325902
x-served-by: cache-bwi5123-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:25:29 GMT
server: UploadServer
x-timer: S1583296415.293749,VS0,VE4
etag: "0dc3f3ac44dc9519656b2ffe50fdb21b"
vary: Origin
x-goog-hash: crc32c=fHu7Ew==, md5=DcPzrETclRllay/+UP2yGw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:25:30 GMT

GET
H2 200 FPO-DURST-12-thumbStandard.jpg
static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/ 6 KB
6 KB 52ms
50ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/FPO-DURST-12-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0476b9f4e1652de48e298e06f2c4d65ce15650b96798811e4d5fd3699334d35f

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 18484
status: 200
x-guploader-uploadid: AEnB2UrHx9XD8BEGNlYAsgKP2yD3pk75dO5V82B7RZfhmI5WfcoFSByeBLEW0h7hLFFirDT6qXvlLX7jgfajwmLZqF0Lfafokw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 3
content-length: 6076
x-served-by: cache-bwi5150-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:25:29 GMT
server: UploadServer
x-timer: S1583296415.319943,VS0,VE0
etag: "9c3245a004c11b71dd5f782341b43475"
vary: Origin
x-goog-hash: crc32c=jMpM1Q==, md5=nDJFoATBG3HdX3gjQbQ0dQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:25:30 GMT

GET
H2 200 03dc-trump-videoLarge.jpg
static01.nyt.com/images/2020/03/03/us/politics/03dc-trump/ 106 KB
106 KB 52ms
51ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03dc-trump/03dc-trump-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dbd88786bc26d8f74ca90d0fb57d7f6875eeaae3d4c3fae88a4424bfe725fa24

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 8125
status: 200
x-guploader-uploadid: AEnB2UrDOWas01OXO_8zVMVt7gDb1DaUcbNuir9akCJjwD9UPgO-384rC58EZS31fg0SZtY58QHDtziHW-WpqiN1udBFhDML6A
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
content-length: 108254
x-served-by: cache-bwi5122-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 02:03:38 GMT
server: UploadServer
x-timer: S1583296415.319944,VS0,VE0
etag: "eca584ae7d9833bcc7ff27ce6060490f"
vary: Origin
x-goog-hash: crc32c=BlwndA==, md5=7KWErn2YM7zH/yfOYGBJDw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 02:18:09 GMT

GET
H2 200 coronavirus-us-cases-map-promo-1583277425489-videoLarge.png
static01.nyt.com/images/2020/03/03/us/coronavirus-us-cases-map-promo-1583277425489/ 140 KB
140 KB 53ms
52ms Image
image/png 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/coronavirus-us-cases-map-promo-1583277425489/coronavirus-us-cases-map-promo-1583277425489-videoLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f734e3f571c4d8d7abedddf036063124002749f532a51e9d618f0facf952a247

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 18290
status: 200
x-guploader-uploadid: AEnB2UoJaovqtlm63A7lO8Vy0tYXdBP4a_oeIGRn8FjU1201pQshY-7yuDU3UCJKkp0MRMD0qx0s7N8Eu8PnGwKOV7ERGdvmwQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 39, 1
content-length: 142986
x-served-by: cache-bwi5139-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:17:22 GMT
server: UploadServer
x-timer: S1583296415.319922,VS0,VE1
etag: "0a062d3e90175b88f6c8d2c6144c552a"
vary: Origin
x-goog-hash: crc32c=Jrfxhw==, md5=CgYtPpAXW4j2yNLGFExVKg==
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:28:44 GMT

GET
H2 200 03VIRUS-HEALTH1-videoLarge.jpg
static01.nyt.com/images/2020/03/03/science/03VIRUS-HEALTH1/ 99 KB
99 KB 50ms
47ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/science/03VIRUS-HEALTH1/03VIRUS-HEALTH1-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 485472da610eb5563536090f56a4d9ddd3431db0abc9029aebc277d2694b66d3

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 20501
status: 200
x-guploader-uploadid: AEnB2Ur-wltj-thIPF9hNHVzz54FTEQzY_HtEQ_Es5KGrn4DYKdpl1LmLxXkxGeUs9bdcSeRosge4m9ndaGbgxC_CKAO-i1wPA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
content-length: 101385
x-served-by: cache-bwi5151-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 22:50:14 GMT
server: UploadServer
x-timer: S1583296415.324509,VS0,VE0
etag: "f0fccd56bbb7feb4423f65324dfe85a8"
vary: Origin
x-goog-hash: crc32c=I3mMWA==, md5=8PzNVru3/rRCP2UyTf6FqA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 22:51:54 GMT

GET
H2 200 merlin_168830418_8f69779a-7daa-4afe-98ac-a8a38eab09d8-videoLarge.jpg
static01.nyt.com/images/2020/03/03/business/03DC-Fed-01/ 31 KB
32 KB 45ms
45ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/business/03DC-Fed-01/merlin_168830418_8f69779a-7daa-4afe-98ac-a8a38eab09d8-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d42e60fd52c55ff118b8bdedb7a2b6f842af7fdcfae8e1d586b5cd2ebda54720

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 42111
status: 200
x-guploader-uploadid: AEnB2UrNwnvDvLEWAjuqv97o0KbIbn6KFW-NzYy5SWs3TZfsaIP0cNbmLkaLxeWuB_BYEpGcnCNiXQmpNIUOoBjmbBRjldfYmg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 3, 2
content-length: 32194
x-served-by: cache-bwi5143-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 16:42:41 GMT
server: UploadServer
x-timer: S1583296415.356427,VS0,VE0
etag: "9178b3967dd7a8e05205f9aa40bf9eea"
vary: Origin
x-goog-hash: crc32c=jj+Ulg==, md5=kXizln3XqOBSBfmqQL+e6g==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 16:51:44 GMT

GET
H2 200 merlin_169961982_1e71d8e3-1164-477c-bf1c-58d611001fbd-videoLarge.jpg
static01.nyt.com/images/2020/03/03/us/politics/03dc-virus-1-sub/ 79 KB
80 KB 43ms
42ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03dc-virus-1-sub/merlin_169961982_1e71d8e3-1164-477c-bf1c-58d611001fbd-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 66722bbae6b00aba39daf09445f9d984141b9a980c0a4d4c85e3ed32774fad36

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 11111
status: 200
x-guploader-uploadid: AEnB2Up3RHlHoYVbd1L2tI4Vrvzr_UPZfvwYlmho-jc_E6m1o7aqMkQYht3AVZtw9I4JYJ2acBwpIY2RtP1xU8YBtAqJXp7TUg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 2
content-length: 81149
x-served-by: cache-bwi5147-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 01:27:20 GMT
server: UploadServer
x-timer: S1583296415.378001,VS0,VE0
etag: "7e1ee193892c7c6639d36127a7f86882"
vary: Origin
x-goog-hash: crc32c=r8USeQ==, md5=fh7hk4ksfGY502Enp/hogg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 01:28:23 GMT

GET
H2 200 03campaign-ledeall-biden-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03campaign-ledeall-biden/ 14 KB
14 KB 34ms
32ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03campaign-ledeall-biden/03campaign-ledeall-biden-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 04d393f6c6313d588dbd262c8dffbb6c8e2ac1a91eb4ce9b96a595823ae1b46a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 3342
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=13899 idim=210x140 ifmt=jpeg ofsz=13946 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
fastly-stats: io=1
content-length: 13946
x-served-by: cache-bwi5130-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.393626,VS0,VE1
etag: "03zGMfTh/V6jA7Uuxi4+4obl5q/74EeOqNveiMe4QeA"
vary: Accept
x-goog-hash: crc32c=Elaclg==, md5=WLPvoJTKDndc1KQcSKOieg==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Uq8BHo1IPsl7GABNdKg-j5XiiFndoTTW87CIUNsY3nk0dAJ2rVqZSGgORSCSzXJceTBLtOBn-h5odn9e74W-9RIA7ATwQ
expires: Wed, 04 Mar 2020 03:37:53 GMT

GET
H2 200 merlin_169150608_00be6fe3-46c3-4b08-a907-f4f76735fa59-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03dc-surveillance/ 11 KB
12 KB 21ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03dc-surveillance/merlin_169150608_00be6fe3-46c3-4b08-a907-f4f76735fa59-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f7fe86b6c41e18095f074651bd4f7b00909fbfbf865d963346ef51fb6a4245c7

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 11344
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=11675 idim=210x140 ifmt=jpeg ofsz=11722 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 11722
x-served-by: cache-bwi5139-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.410037,VS0,VE1
etag: "QkYnVtOuO5srs0B9PWrAKhUCZPY/Aw+51vgKOfbFzGY"
vary: Accept
x-goog-hash: crc32c=Prhylg==, md5=j+KxaE+DDqZP5ci7kpelfA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Uoi8SZ-VLObVUcUXzCqyEzUNLaxK7Ah8JFMn_A1cEs632PlQpkEY0c-obxRDTNCEDcstzsxP6A2VomPtvcsdQBEEMKljQ
expires: Wed, 04 Mar 2020 01:24:31 GMT

GET
H2 200 03xp-conversion-image1-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/03xp-conversion-image1/ 18 KB
18 KB 21ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03xp-conversion-image1/03xp-conversion-image1-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bda95de87a38089fbd2fb913f2679f8ee91a144d41d847ceca9427cc8aa61a3a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 13334
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=15942 idim=210x140 ifmt=jpeg ofsz=18286 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 18286
x-served-by: cache-bwi5127-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.417576,VS0,VE1
etag: "c1Des4ddyl00ChzyImcu3cGXvmcsvSklmm/8lYF024I"
vary: Accept
x-goog-hash: crc32c=PvzJnw==, md5=D+in/yQ2Aq3sRLyd/17Sww==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UqSuDG8FrPSZgHQWCQGeDZf8pfp83dkW8wZ8rchAANKSvQcxgYoGgeGhrzb4wcmWyCqVmwg9B4o7A52jlbWLkfm3VVCOQ
expires: Wed, 04 Mar 2020 00:51:20 GMT

GET
H2 200 merlin_169980075_7b34012d-7639-4ff0-94ab-5fdaf39047fe-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03california-vote/ 19 KB
20 KB 20ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03california-vote/merlin_169980075_7b34012d-7639-4ff0-94ab-5fdaf39047fe-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8de1a2af8497415267f13a34defbe502977d35a70fe6547df22c7043ad530875

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 13334
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=16312 idim=210x140 ifmt=jpeg ofsz=19502 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 19502
x-served-by: cache-bwi5135-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.421024,VS0,VE1
etag: "oR4IlzhgquRDhY/C80YhsQQx6AggsdIfiGMaLWVLoWk"
vary: Accept
x-goog-hash: crc32c=cKGsFw==, md5=xcm962qSUG0t4N9h2IJPtQ==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UoER1W-vErwon2-LuCVgFbuoXOEV2FvS0wq3ugcwt4E_PRwZKu5DxYQCZEDsYi23nAt2D5Du8PYSIMDV2-5w_ihloq9nQ
expires: Wed, 04 Mar 2020 00:51:20 GMT

GET
H2 200 03Miranda1-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/04/obituaries/03Miranda1/ 15 KB
15 KB 20ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/obituaries/03Miranda1/03Miranda1-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e305b3db3ab1b0896c34763db9d4a7ad1116daa72dfe94dd3698a0d53eacfc26

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 14053
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=12570 idim=210x140 ifmt=jpeg ofsz=15184 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 15184
fastly-io-warning: Failed to apply profile
x-served-by: cache-bwi5128-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.422525,VS0,VE1
etag: "CxUivKnyblVr4aBuk5VLMR5q/0a2QpHJLC+Kuco97co"
vary: Accept
x-goog-hash: crc32c=zuBWJQ==, md5=YJse65MaqcuQUeMF2FeuFA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UprEl8YLE9P6bc3rV2Nia1h8qGuBv29-Hd024EXRWIfk_HeHdB8S9kBuR0Eq4wBlm26s3kS9OSafLtOy2IZGIPLeQWk-Q
expires: Wed, 04 Mar 2020 00:39:22 GMT

GET
H2 200 04CLI-BECK1-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/04/climate/04CLI-BECK1/ 9 KB
9 KB 21ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/climate/04CLI-BECK1/04CLI-BECK1-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f6263f46a7d8ae21bed064210bd18fdf69ff280d1828e1efd8bb03d1addf0404

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 14889
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=9890 idim=210x140 ifmt=jpeg ofsz=9180 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 9180
x-served-by: cache-bwi5137-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.426775,VS0,VE1
etag: "WqNkwBMvQSmTfCj3uBA087a+I2/aPsQ1Enr35Yo4BT0"
vary: Accept
x-goog-hash: crc32c=XB+98g==, md5=LmiR2qNEvjo+M4Q3Rg2NbA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UoAM7b3DABghZIIyZ5tbxmNbx4ZK9cEoGUxXT5aDMIKgMnsX3nOEciustEQXJevpG1za59-DhsFBOKIKQj8Q1KMFaTR6Q
expires: Wed, 04 Mar 2020 00:25:25 GMT

GET
H2 200 03campaign-scene-1-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03campaign-scene-1/ 13 KB
13 KB 20ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03campaign-scene-1/03campaign-scene-1-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ba8b538be0a519c4bbf5f77737c8c31a850909a1ada2f016d1b60ccad91d012b

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 15995
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=12325 idim=210x140 ifmt=jpeg ofsz=13360 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
fastly-stats: io=1
content-length: 13360
x-served-by: cache-bwi5126-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.426784,VS0,VE0
etag: "d7cR9zhEE745gG8oEly/aL3hIUBucQagsLkqsIPyUuU"
vary: Accept
x-goog-hash: crc32c=QBWw8g==, md5=JFKmhFuN8UdU0Lp9R41hIQ==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UqvUMiSFXL2dm0L0WcmtUp2ASVC1jtL5jL1OKIdOAubBs9OkOADuUv2riVi8EInjMVvHejfrWXQs2NDirTWpTGLjGbenw
expires: Wed, 04 Mar 2020 00:06:59 GMT

GET
H2 200 merlin_169975617_9e6b84fb-7d64-4c25-b78f-f3ea0085169e-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03delegates/ 12 KB
13 KB 20ms
20ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03delegates/merlin_169975617_9e6b84fb-7d64-4c25-b78f-f3ea0085169e-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cc9a548ffa713008b9f66a357839e4b04e263ecee566a7217da415ce369fa9bf

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 16120
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=11953 idim=210x140 ifmt=jpeg ofsz=12548 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
fastly-stats: io=1
content-length: 12548
x-served-by: cache-bwi5124-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.431308,VS0,VE0
etag: "KvbSReAko8NkNSopBgVW5ghEWN4MIEFFOMEMeCsQ2XI"
vary: Accept
x-goog-hash: crc32c=04Qwyw==, md5=FkUsJAE397z6daQ09eObgQ==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Uo5kuWKNZfSTLIqULzmEpGgdvaEnsmO7VlpyoQctleWHwQCj3bys9BUtVP-aCthHmYTsBSXeek76o68kbQC61ZFi5fGRA
expires: Wed, 04 Mar 2020 00:04:55 GMT

GET
H2 200 merlin_169988214_68805c07-7a8e-41f4-91ab-0efb86a6eea7-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03campaign-ledeall-sanders2/ 15 KB
15 KB 21ms
21ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03campaign-ledeall-sanders2/merlin_169988214_68805c07-7a8e-41f4-91ab-0efb86a6eea7-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 094076e1ffd08827b64e61e10cc1cf59c1948135082a173230e149b81c3b119d

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1508
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=14721 idim=210x140 ifmt=jpeg ofsz=15172 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
fastly-stats: io=1
content-length: 15172
x-served-by: cache-bwi5123-BWI, cache-fra19183-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583296415.439222,VS0,VE1
etag: "2dft3OqanqIbAckj2vxt7vRWKalDOG9ps0jkSsMI6Ik"
vary: Accept
x-goog-hash: crc32c=ICJrqg==, md5=yC2FRnNwnMdJJyu/8xih1g==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UrM1PTP9wEU2PYy2ZHSQ_T6JDXoJusrVAQJusIUEzHTYC09JAc1I_bKXHljk9_NSErtTzIzV8OdDHbFkIErOdTmNJSAkg
expires: Wed, 04 Mar 2020 04:08:26 GMT

GET
H2 200 vendor-af4ece1529932f717d31.js Show response
www.nytimes.com/vi-assets/static-assets/ 807 KB
252 KB 40ms
37ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb71626a34be4f2c6159597e984a506ad6eeb622e927efc06629be1a0deaf944

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 390179
x-guploader-uploadid: AEnB2UoBV8KznXlzChz8XtmcBYLIvbFhNycD-nG2eTW9zdVnAst03VEHNZgZZyrVfv_vRvFxFGOcTWI51wt3q-PfaKGWwnG7Qw5af4xNIgyRR0SV8pI2I9g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:36 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583296415.293730,VS0,VE0
etag: "1fbb72ae7a54576c5818acec60aeede3"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=RNKL0w==, md5=H7tyrnpUV2xYGKzsYK7t4w==
x-goog-generation: 1582904255610610
expires: Sat, 27 Feb 2021 16:10:36 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 826000
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 257046
content-type: application/javascript
x-cache-hits: 697

GET
H2 200 collections-7d3782ed458d47bce88a.js Show response
www.nytimes.com/vi-assets/static-assets/ 435 KB
115 KB 40ms
37ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/collections-7d3782ed458d47bce88a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

244d6f7fb2c90144ed282f16dc6fa7a47ea302bb415a05ff2e9a973b4da68903

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 390166
x-guploader-uploadid: AEnB2UqqQgv_CjoMM7Deqa6w0xiP-LmyYw1JWcvtuuGZIf78Pgc5jy3On8fpXZ8dzlOSEDO_Unru8kqozxNjs8tXyCjfTeBaJA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:49 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 14:59:03 GMT
server: UploadServer
x-timer: S1583296415.293714,VS0,VE0
etag: "275e804dfe1c132c1a0ac823e5d016e3"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=MUC/sA==, md5=J16ATf4cEywaCsgj5dAW4w==
x-goog-generation: 1582901943495155
expires: Sat, 27 Feb 2021 16:10:49 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 445445
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 117100
content-type: application/javascript
x-cache-hits: 5362

GET
H2 200 main-d9338936524886deb17e.js Show response
www.nytimes.com/vi-assets/static-assets/ 463 KB
125 KB 39ms
36ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

945014dcd60469e50bf03305fe4c18e28ef319f6b750b9be7d5894d7f54823fd

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 390179
x-guploader-uploadid: AEnB2UpL4T1thQeuUFgI_S11GL-q9tpODTblg5xEDZZcMZSezjO2JsBVGnDTUcklqyiM84vr0sHJTz3fP3-cacUGD_M9PSppAQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:36 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583296415.293703,VS0,VE0
etag: "dbdba7f953447c6e78b156091699a276"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=T85L2g==, md5=29un+VNEfG54sVYJFpmidg==
x-goog-generation: 1582904255449391
expires: Sat, 27 Feb 2021 16:10:36 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 473600
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 127504
content-type: application/javascript
x-cache-hits: 12564

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
55 KB 65ms
62ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8da4bce296f4043ff4924211a785f59ccdc59b83ae3d8cadd2c29ccf5e95f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56140
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 130ms
104ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

OPTIONS
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 0
548 B 81ms
20ms XHR
text/plain 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.65 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 google, 1.1 varnish
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-nyt-meridiem: AM
age: 32
x-cache: HIT
status: 200
samizdat-x-instance: a8e0066
x-samizdat-query-exe-id: 91b1a39700cc0c13
content-length: 0
x-served-by: cache-fra19182-FRA
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-0.5.65
x-timer: S1583296415.320080,VS0,VE0
x-nyt-continent: EU
access-control-max-age: 300
access-control-allow-methods: GET, POST
x-nyt-region: NB
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
x-cache-hits: 3

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 127 KB
38 KB 35ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b6109ebb33e991f5b3c7ce32ca1706e18741d0ddebfdef3f279b93617b26d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 03:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 19:14:10 GMT
server: sffe
age: 2670
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38366
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:39:05 GMT

GET
H2

200

adsbygoogle.js Show response
www.nytimes.com/ads/google/
Redirect Chain

https://nytimes.com/ads/google/adsbygoogle.js
https://www.nytimes.com/ads/google/adsbygoogle.js

28 B
786 B

21ms
20ms

Script
text/javascript

151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/google/adsbygoogle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 371405
status: 200
x-guploader-uploadid: AEnB2UqIMwXrcT-jFcE18AdObli7YAV7s1pWGja8rD1vJO6ldRyVYMM9ptPEbFnxhGXUBznuPS_IERxA8qnrBh3p-wZiqjejLZZ8ffRSwgTrWlTkoHrpP40
x-cache: HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 7491
x-origin-time: 2020-02-21 21:23:28 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 23 Mar 2018 21:06:07 GMT
server: UploadServer
x-timer: S1583296415.420120,VS0,VE0
etag: "45047d08e5481aa5674276ae1810c88d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=A0srKQ==, md5=RQR9COVIGqVnQnauGBDIjQ==
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-route: ads-static-assets
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 48
expires: Fri, 21 Feb 2020 21:23:28 GMT

Redirect headers

date: Wed, 04 Mar 2020 04:33:35 GMT
server: Varnish
x-api-version: F-0
location: https://www.nytimes.com/ads/google/adsbygoogle.js
x-cache: HIT
status: 301
x-nyt-route: ads-static-assets
x-cache-hits: 0
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-ams21038-AMS

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 65ms
62ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 101
age: 12572437
status: 200
x-guploader-uploadid: AEnB2Uoh-FZIB60X7pEIJhZnxc1peMNLDms9A4npbEVsbtNF36urKU4_57CnBeNkhfIXzXej1i6ePZC_znn1AD7K3FBJ8y8tjA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 19836
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583296415.326137,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
vary: Origin
x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
x-goog-generation: 1570567625340998
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:12:59 GMT

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 24ms
21ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 107
age: 611569
status: 200
x-guploader-uploadid: AEnB2UqBs5kQZQ-YwghejvUuLCqtrRBpt2ye1irMZ_B9k6ohL_hwastdYw69tzbmka98UE9aMCzFxqUH1XpEGHEOabx6gYfxEQKY-omiY1SEyAuUdMbK5FU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 20312
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583296415.325519,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
vary: Origin
x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
x-goog-generation: 1570567625401061
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 25 Feb 2021 02:40:45 GMT

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 24ms
21ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 82
age: 5442711
status: 200
x-guploader-uploadid: AEnB2UoKeaarF7SOO4G6_8y9wT2j4TCBm3czShZNXLf458huxLaKhOtZI4DiPWmCqXOlebv-tJ1zA-_CcHh4KpxWYob58m3JdCpZZMkkO-7-QXlGEk1NtAE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28276
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583296415.325504,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
vary: Origin
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
x-goog-generation: 1570567624458394
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28276
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 31 Dec 2020 04:41:43 GMT

GET
H2 200 imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
28 KB 24ms
21ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 18
age: 12572393
status: 200
x-guploader-uploadid: AEnB2UrKpJ5QhM7u0Alo4Kxv_tetyz_Q-mnWHnWwaLAXATdzmr7BZTr7LF__dVLBzyj31seUDINw3D7KuXcn2em-RJU1PA_z2A6MzIcx45mEVAWzA534Cfw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28252
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583296415.325476,VS0,VE0
etag: "40c94ccc25e2212b8946a7d732251d86"
vary: Origin
x-goog-hash: crc32c=L+c2+A==, md5=QMlMzCXiISuJRqfXMiUdhg==
x-goog-generation: 1570567625851656
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28252
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:13:40 GMT

GET
H2 200 cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 65ms
63ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 91
age: 2425498
status: 200
x-guploader-uploadid: AEnB2Uqn7g_8sDpkD5XLCElzGvj_6DmzZbBHZ_UgojElUcTemIZ6Ct1Poo2ztNFIHXibM_yHgknQ4Ksw_Q5HRWMpSCFfxgwB4Q
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28604
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583296415.326127,VS0,VE0
etag: "a22ae3ed1e775ce90ced16f1822f4ddc"
vary: Origin
x-goog-hash: crc32c=zgCcGg==, md5=oirj7R53XOkM7Rbxgi9N3A==
x-goog-generation: 1570567624224052
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28604
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 04 Feb 2021 02:48:36 GMT

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 65ms
63ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 92
age: 5026819
status: 200
x-guploader-uploadid: AEnB2UrBHhfC8T87BCWZleK-joiGZQSkpv4eQiiLdYsf9quX_aJAHptqdHQsn6fzBATP9RrEUf5l65lQZzFXWFGfDAcUcJldr8pr2fY6VpjmEXT03i3yhZE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 29076
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583296415.326123,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
vary: Origin
x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
x-goog-generation: 1570567624300845
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29076
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 05 Jan 2021 00:13:14 GMT

GET
H2 200 imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
29 KB 54ms
52ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-cache-hits: 66
age: 11409926
status: 200
x-guploader-uploadid: AEnB2UrRYW0rJewh9VC6wBA7ivsefbynISZ2T7qpKm5Mq8Mvpk2LLrqnA4Q7rKI1GN7KuaR4oSMQz3GBy0xuJqEPmZEe22ijhw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 29016
x-served-by: cache-fra19182-FRA
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583296415.326101,VS0,VE0
etag: "2531995fefd3b997f9c4d564ebe89268"
vary: Origin
x-goog-hash: crc32c=1n93EQ==, md5=JTGZX+/TuZf5xNVk6+iSaA==
x-goog-generation: 1570567625845342
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29016
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 23 Oct 2020 03:08:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 68ms
28ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-df60c69ae832943d22c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

ed29140be51471aa7515eeb1ee4024e6e5b08739d811c98f78b07fd5fd095dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "446 / 793 of 1000 / last-modified: 1583259544"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14517
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:33:35 GMT

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 97 B
635 B 121ms
120ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.65 /
Resource Hash: 5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647

Request headers

Origin: https://www.nytimes.com
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/section/us
nyt-app-version: 0.0.5
Sec-Fetch-Dest: empty

Response headers

x-samizdat-query-sup-code
date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-nyt-meridiem: AM
age: 0
x-cache: MISS
status: 200
samizdat-x-instance: a8e0066
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 0f7f712e085bd341
content-length: 98
x-served-by: cache-fra19183-FRA
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: NB
server: samizdat-graphql-0.5.65
x-timer: S1583296415.420046,VS0,VE100
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 vi_article.js Show response
cdn.optimizely.com/public/3013110282/s/ 384 KB
117 KB 6ms
6ms Script
text/javascript 2a02:26f0:6c00:181::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/3013110282/s/vi_article.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d247b1d1593bd99f20a224e2dfeb16c6838906bd292589770ced6b4c6713d137

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: dvDpXF4Zip3MGQLRUPRBddiE4H_qqgOs
content-encoding: gzip
x-amz-request-id: 06793609A0F05387
status: 200
access-control-max-age: 86400
date: Wed, 04 Mar 2020 04:33:35 GMT
x-amz-replication-status: PENDING
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 119082
x-amz-id-2: HTsspxLOc8tucM76TjeuhqH1wL0jxGKwrztH3J6yhNmgedLlACvwN1YgTYf8gVmOUPvoaR44Z3w=
last-modified: Thu, 27 Feb 2020 19:40:27 GMT
server: AmazonS3
etag: "6bfb76e02e11aed7f9954e279562892a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 11981
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ip_seg_v2.rep Show response
cigsvc.nytimes.com/r1/jp/ 170 B
529 B 161ms
113ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?&callback=callback
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 04:33:35 GMT
via: 1.1 varnish
x-timer: S1583296416.576072,VS0,VE94
x-served-by: cache-hhn4044-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: no-cache, no-cache="set-cookie"
x-cache-hits: 0
accept-ranges: bytes
content-length: 170
expires: 0

GET
H2 200 vendors~audio~capsule~cityguides~collections~home~liveblog~paidpost~slideshow~story~video-a0858e7019e1cacc56e5.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
11 KB 22ms
21ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~cityguides~collections~home~liveblog~paidpost~slideshow~story~video-a0858e7019e1cacc56e5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

366e4c8ace6dc121105fc314b7f16460c4b4104d9332df35dada900f13b73d94

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 390176
x-guploader-uploadid: AEnB2Ur_SeuFUUvxxAFhLkmqQVTVQiqfLU6ib9KX9i460CkzCOXaVLcB8QYiU2nhpx7sEaVqKK118N1M9mwktJuU9XRAeMGlAw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:39 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583296416.585717,VS0,VE0
etag: "15ea2c11caaeb29731c5a05e605e22a4"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=330J8w==, md5=FeosEcquspcxxaBeYF4ipA==
x-goog-generation: 1582904255574957
expires: Sat, 27 Feb 2021 16:10:39 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 50949
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 10820
content-type: application/javascript
x-cache-hits: 11426

GET
H2 200 vendors~collections~search-ea1b23ff3c707b0e23b6.js Show response
www.nytimes.com/vi-assets/static-assets/ 44 KB
10 KB 24ms
23ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~collections~search-ea1b23ff3c707b0e23b6.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7183c7c50e8cff0e4cb7344483d5f69ec786ef306383c7a3a2d2b1ced6a54b7f

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 976206
x-guploader-uploadid: AEnB2UoGmhpFmMG1qIQ2b6UmiA9N_sZKRHsYDxFDhRIdPHhQENqlJZEyBR4QAmmKHbZ7tPwhSUaPrc0bVZRzg5uaJnTueJUHsdCuVmHTAjhlEyx0LiLae8A
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-21 21:23:29 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 20:53:45 GMT
server: UploadServer
x-timer: S1583296416.585713,VS0,VE0
etag: "293774f25a0a2afac04168ec8195b52d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=YImd6A==, md5=KTd08loKKvrAQWjsgZW1LQ==
x-goog-generation: 1582318425300280
expires: Sat, 20 Feb 2021 21:23:29 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 44694
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 9886
content-type: application/javascript
x-cache-hits: 6939

GET
H2 200 vendors~collections-2504d14f604a7a4963cd.js Show response
www.nytimes.com/vi-assets/static-assets/ 28 KB
8 KB 23ms
22ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~collections-2504d14f604a7a4963cd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2f1854fe522e040274f3f7ff6099b5ad70baf11f08aa79e9481eaa4818a9d2f9

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 913642
x-guploader-uploadid: AEnB2UpjtzTOfhqNZSWv3AffrAA9ckMB3zk0rillHS29Qfm0djlUNensMrGRFwt17vWbt4uIXkFcHpT3kTMeein-Aa70crYe3g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-22 14:46:13 UTC
x-served-by: cache-fra19183-FRA
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 23:03:04 GMT
server: UploadServer
x-timer: S1583296416.585788,VS0,VE0
etag: "de39c6ede84c26e052d3946caf97ec2d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=ZiyRuw==, md5=3jnG7ehMJuBS05Rsr5fsLQ==
x-goog-generation: 1582326184419383
expires: Sun, 21 Feb 2021 14:46:13 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 28375
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 8126
content-type: application/javascript
x-cache-hits: 5137

GET
H2 200 payframe
pay.google.com/gp/p/ui/ Frame BB37 0
0 111ms
76ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WUFIA44lmYkiX8520ojFzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-WUFIA44lmYkiX8520ojFzg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
expires: Wed, 04 Mar 2020 04:33:35 GMT
date: Wed, 04 Mar 2020 04:33:35 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-WUFIA44lmYkiX8520ojFzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-WUFIA44lmYkiX8520ojFzg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=199=JYHtL1D4C4ag6P8P8wZcZ9u_20R_yZvpZ4KZaccw-guc55ejA4vTsSDdhv9qxX05GlHBPKw3S6XRTkqFuSz_qeTgdEEC15JWNNUZA_Hv3Cb6VzOQeM7Y5FD0t6xdDyGAX8NmqChGA7I5KPJ40Zngq85RKeEy0qhK1U4vjnB2Id8; expires=Thu, 03-Sep-2020 04:33:35 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 04:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 213
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5809
x-xss-protection: 0
expires: Wed, 04 Mar 2020 05:20:02 GMT

GET
H2 200 serviceiframe
news.google.com/swg/_/ui/v1/ Frame D21E 0
0 82ms
81ms Document
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=439804

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-84uZDrVTw/J3RQlgH8i6AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-84uZDrVTw/J3RQlgH8i6AQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=439804
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 04 Mar 2020 04:33:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-84uZDrVTw/J3RQlgH8i6AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-84uZDrVTw/J3RQlgH8i6AQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=199=Kn38UrRZpRO6t4UzTKHqgZXstXvn4-PTPf0C1ef70xAy1Jkec43ErrWK_jRXPhCOmT34fn8FF2MHEz2xDvhncFQ-M4p82EeA7tNRUAByOfokj24W5iTQhLxgTHSKoXe1_BJUlHQLADoQxGX3q9xfo-WvacuPl4pgObeVpdwL-Bc; expires=Thu, 03-Sep-2020 04:33:35 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 6ms
6ms Other
image/svg+xml 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 04 Mar 2020 03:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 21:24:31 GMT
server: sffe
age: 2533
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:41:22 GMT

GET
H2 200 pay
pay.google.com/gp/p/ui/ 0
0 104ms
78ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/gp/p/ui/pay?_=439804
Requested by: Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2

200

m=b2,aist,ist,qst
www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/
Redirect Chain

https://payments.google.com/payments/v4/js/integrator.js?ss=md
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

0
82 KB

6ms
5ms

Other
text/javascript

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 16:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 16:16:35 GMT
server: sffe
age: 473731
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 83696
x-xss-protection: 0
expires: Fri, 26 Feb 2021 16:58:06 GMT

Redirect headers

date: Wed, 04 Mar 2020 04:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 301
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 269
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-fg98Tw2LHsu6xsg3nfywpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gr_full_2.0.6.js
clients2.google.com/gr/ 0
9 KB 33ms
7ms Other
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients2.google.com/gr/gr_full_2.0.6.js

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 04 Mar 2020 03:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
age: 3488
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8665
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:35:27 GMT

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
983 B 76ms
76ms Fetch
application/json 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rhebCZHq3Daij6LQf5jOXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-rhebCZHq3Daij6LQf5jOXQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-rhebCZHq3Daij6LQf5jOXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-rhebCZHq3Daij6LQf5jOXQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 614 B
1 KB 496ms
163ms XHR
application/json 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: 723f8f5273a39571d370d3990340264929dc0ae120eb093d932e249bc90a088d

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Wed, 04 Mar 2020 04:34:02 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 614
Content-Type: application/json

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
js.datadome.co/ 128 KB
22 KB 92ms
30ms Script
text/javascript 143.204.101.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: oyly.xyz
URL: http://oyly.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.22 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-22.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

ed8ab4b5ad016ad6b66cd70b80eebb79b8da7c98ad5e385a1ff45b8a9f70a141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:08:13 GMT
content-encoding: gzip
age: 1522
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=15768000
content-length: 22430
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 09:08:06 GMT
server: Apache
etag: "20144-59f8b0f249752-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: sHFF2F_WYc3UZyCzGxD0Z2zqCrbUlMGQfSuULWwK5sQeFJNRYznqpA==
expires: Wed, 04 Mar 2020 05:08:13 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK pixel.gif
et.nytimes.com/ 0
0 435ms
118ms Image
application/json 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.nytimes.com/pixel.gif?subject=ab-expose&test=DFP_als&variant=1_als&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-361-Production&et2_pageview_id=-RLax09dtteOMqSdKGMQNXwa
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 200
OK pixel.gif
et.nytimes.com/ 0
0 456ms
126ms Image
application/json 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.nytimes.com/pixel.gif?subject=ab-expose&test=dfp_adslot4v2&variant=1_external&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-361-Production&et2_pageview_id=-RLax09dtteOMqSdKGMQNXwa
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
171 B 44ms
14ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
249 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020022701.js Show response
securepubads.g.doubleclick.net/gpt/ 164 KB
60 KB 28ms
27ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

dfc3f558d7ab9659f6fc3a1c61fa7c5c6c905adecd8bff069652254c13f84b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61148
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:33:35 GMT

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 513 B
1 KB 267ms
226ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referer=http%3A%2F%2Foyly.xyz%2F
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.35.241 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 40440b3c3ec92e9c208bb91c71cea990072bd9adca3492d39f28d70c03cfd797

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:36 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 513

GET
H2 200 preferences
purr.nytimes.com/v1/ 0
0 142ms
115ms Fetch
text/html 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/preferences
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:36 GMT
server: Google Frontend
status: 200
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 22d7bf8607399cb9839ddf1e5d042648
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Wed, 04 Mar 2020 04:33:36 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1 KB
2 KB 751ms
717ms XHR
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=http%3A%2F%2Foyly.xyz%2F&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 405438e18e8b7f45691111f6383ffe4f42c49cd35ad7b1aa9c09dd97a7292f32

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: gzip
status: 200
x-appengine-log-flush-count: 1
content-length: 680
expires: Wed, 04 Mar 2020 04:33:37 GMT
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: b1c83f5d1ad46dd900df82858e1a7cc3
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
x-jkidd-testing-keys: regi=; ip=[2a01:4f8:192:5414::2]:80; agent=slJ5zul8oCQ_mon-YhIFRu; asset=https://www.nytimes.com/section/us;

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4
date: Wed, 04 Mar 2020 04:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 04 Mar 2020 06:33:32 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 101 B
805 B 104ms
104ms XHR
application/json 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: 0f5dfa165e877e77aa52e44909b23d0fabb3473fce542d4c820eea6c5de5b345

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Wed, 04 Mar 2020 04:34:18 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 101
Content-Type: application/json

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
729 B 79ms
79ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=383353179319383&correlator=1551663945904402&output=ldjh&impl=fif&adsid=NT&eid=21065352&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1742&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583296202061%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%26page_view_id%3D-RLax09dtteOMqSdKGMQNXwa%26sov%3D1%26aid%3DslJ5zul8oCQ_mon-YhIFRu&cookie_enabled=1&bc=31&abxe=1&lmt=1583296202&dt=1583296416937&dlt=1583296415200&idt=1689&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=64&adks=634834303&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Foyly.xyz%2F&dssz=39&icsg=213887984&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0&msz=1585x0&ga_vid=537015988.1583296417&ga_sid=1583296417&ga_hid=861624109&fws=4&ohw=1585&btvi=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

0cbb7b2aff9f88d194a83e996cd2db032576a06eafc5db167939393fff4c42fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020022701.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 31ms
31ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

8b81c098f8cd1362848b2d9b10a139bbf07ed1aa0411712c7d502d31a1734506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25762
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:33:36 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 22ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
394 B 60ms
59ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=383353179319383&correlator=1551663945904402&output=ldjh&impl=fif&adsid=NT&eid=21065352&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1760&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583296202061%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%26page_view_id%3D-RLax09dtteOMqSdKGMQNXwa%26sov%3D1%26aid%3DslJ5zul8oCQ_mon-YhIFRu&cookie_enabled=1&bc=31&abxe=1&lmt=1583296202&dt=1583296416960&dlt=1583296415200&idt=1689&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2873317091&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Foyly.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=537015988.1583296417&ga_sid=1583296417&ga_hid=861624109&fws=132&ohw=1585

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

32afc8fcd526c458dd06164b34767d96f9ec99cb81d4cca0e3d2cc7a10f4d4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
398 B 77ms
76ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=383353179319383&correlator=1551663945904402&output=ldjh&impl=fif&adsid=NT&eid=21065352&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dmid1%26pos%3Dmid1%26request_time%3D1780&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583296202061%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%26page_view_id%3D-RLax09dtteOMqSdKGMQNXwa%26sov%3D1%26aid%3DslJ5zul8oCQ_mon-YhIFRu&cookie_enabled=1&bc=31&abxe=1&lmt=1583296202&dt=1583296417017&dlt=1583296415200&idt=1689&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=1125&adks=2341692046&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Foyly.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x142&msz=1585x0&ga_vid=537015988.1583296417&ga_sid=1583296417&ga_hid=861624109&fws=4&ohw=1585&btvi=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

4a37c13ecee6b460cf2d67c55cdba2400440bef34df96a58111c87a7bf82aa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
525 B 73ms
73ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=383353179319383&correlator=1551663945904402&output=ldjh&impl=fif&adsid=NT&eid=21065352&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C640x480&prev_scp=div%3Dinterstitial%26pos%3Dinterstitial%26request_time%3D1835&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583296202061%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%26page_view_id%3D-RLax09dtteOMqSdKGMQNXwa%26sov%3D1%26aid%3DslJ5zul8oCQ_mon-YhIFRu&cookie_enabled=1&bc=31&abxe=1&lmt=1583296202&dt=1583296417025&dlt=1583296415200&idt=1689&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1591558105&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Foyly.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=537015988.1583296417&ga_sid=1583296417&ga_hid=861624109&fws=644&ohw=1585

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

2791fc54c978d877c844432dc8f988fe645bafa730fa1650cd47fc779d14a3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
api-js.datadome.co/js/ 2 B
279 B 116ms
26ms XHR
application/json 18.195.114.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.114.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-114-24.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 04 Mar 2020 04:33:37 GMT
Server: DataDome
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 2
Expires: 0

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 22 KB
4 KB 264ms
257ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=1&ma=1&counted=false&granted=true&us=anon&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: gzip
age: 0, 0
x-cache: MISS
status: 200
x-served-by: cache-hhn4044-HHN
access-control-allow-origin: https://www.nytimes.com
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_anon_new-journey-rollout","dock":"MAG_web_anon_new-journey-rollout","inlineUnit":"MAG_web_anon_new-journey-rollout","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1583296417.100333,VS0,VE238
vary: x-nyt-cig-edu-b2b, x-nyt-user-status, x-nyt-country, x-nyt-device, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: dfa84d580a159d524434f4e759cd8ac1
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-params
accept-ranges: bytes, bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
105ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
667 B 35ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=383353179319383&r=150x50&w=0&h=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 04:33:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=861624109&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Foyly.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_gid=1426153552.1583296417&gjid=1513209749&_v=j81&z=516714784
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_v=j81&z=516714784
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_v=j81&z=516714784&slf_rd=1&random=3867832966

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_v=j81&z=516714784&slf_rd=1&random=3867832966

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 04:33:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Mar 2020 04:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=537015988.1583296417&jid=1099194620&_v=j81&z=516714784&slf_rd=1&random=3867832966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 313 B
206 B 83ms
82ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=383353179319383&correlator=1551663945904402&output=ldjh&impl=fif&adsid=NT&eid=21065352&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=div%3Dmid2%26pos%3Dmid2%26request_time%3D1951&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583296202061%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%26page_view_id%3D-RLax09dtteOMqSdKGMQNXwa%26sov%3D1%26aid%3DslJ5zul8oCQ_mon-YhIFRu&cookie=ID%3D5659e6779803db84%3AT%3D1583296417%3AS%3DALNI_MZV_PkheIBebpG4AmGmj-bvJmhqLw&cookie_enabled=1&bc=31&abxe=1&lmt=1583296202&dt=1583296417143&dlt=1583296415200&idt=1689&frm=20&biw=1585&bih=1200&oid=3&adxs=1093&adys=1359&adks=4155779674&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Foyly.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AA2WTGPNxr0CeNnB2GY4q-ltPz59%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3&ga_vid=537015988.1583296417&ga_sid=1583296417&ga_hid=861624109&fws=4&ohw=1585&btvi=1

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

02b53865665115192c191d6ab89cb6d0dfab39efc1e34bc233a9f08ed1593c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 114ms
112ms Script
application/javascript 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Foyly.xyz%2F&clientTimeStamp=1583296417160&totalTime=0&evtUUID=fe33a245-14a2-4a9e-a583-e838fc83f340&gtm=GTM-P528B3-361-Production&page_view_id=-RLax09dtteOMqSdKGMQNXwa&performance=%7B%22first-paint%22%3A425%2C%22first-contentful-paint%22%3A425%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&et2_pageview_id=-RLax09dtteOMqSdKGMQNXwa&sourceApp=nyt-vi&assetData=%7B%22url%22%3A%22https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus%22%2C%22wordCount%22%3A0%2C%22id%22%3A100000004047817%2C%22publishedDate%22%3A1449687013000%2C%22publishedTimestamp%22%3A1449687013000%2C%22lastUpdatedTimestamp%22%3A1583286833000%2C%22uri%22%3A%22nyt%3A%2F%2Flegacycollection%2F11f72ab4-7cd0-540a-93cc-f35b32cd013d%22%2C%22section%22%3A%22U.S.%22%2C%22sectionContent%22%3A%22us%22%2C%22contentTone%22%3A%22NEWS%22%2C%22slug%22%3A%22us%22%2C%22source%22%3A%22nyt_cms%22%2C%22derivedDesk%22%3A%22national_desk%22%2C%22type%22%3A%22sectioncollection%22%2C%22languageName%22%3A%22English%22%2C%22languageCode%22%3A%22en%22%2C%22jkiddSrc%22%3A%22fe%22%7D&skipFilter=%5B%22content%22%2C%22jkiddata%22%5D&callback=window.EventTracker.cb0&pageMetaData=%7B%22PT%22%3A%22collection%22%2C%22CG%22%3A%22U.S.%22%2C%22SCG%22%3A%22%22%2C%22byl%22%3A%22%22%2C%22tom%22%3A%22%22%2C%22hdl%22%3A%22%22%2C%22ptime%22%3A%2220151209135013%22%2C%22cre%22%3A%22%22%2C%22articleid%22%3A100000004047817%2C%22channels%22%3A%22%22%2C%22CN%22%3A%22us%22%2C%22CT%22%3A%22sectionfront%22%2C%22backfilled%22%3A%22articleid%2CCG%22%7D&additionalClientData=%7B%22ul%22%3A%22en-US%22%2C%22js%22%3A%22Yes%22%2C%22jv%22%3A%221.5%22%2C%22fi%22%3A%22No%22%2C%22tz%22%3A1%2C%22bh%22%3A5%2C%22cd%22%3A24%2C%22sr%22%3A%221600x1200%22%2C%22bs%22%3A%221600x1200%22%2C%22jo%22%3A%22No%22%2C%22or%22%3A%22land%22%7D
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: 1a83e4977f18ec66342adcd0bf2fe762cdbb72d16b7463fb9a5808f820e4b824

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 04:34:19 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H2

200

activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu...
5290727.fls.doubleclick.net/ Frame 1B14
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIF...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6...

0
0

35ms
35ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu;u8=;u10=http%3A%2F%2Foyly.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu;u8=;u10=http%3A%2F%2Foyly.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl8CDk_zIblaJ-Vnk3QgyX1A3xA8lwdwpim1fyIoxumMkGLSoN81jHRVAkq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 04 Mar 2020 04:33:37 GMT
expires: Wed, 04 Mar 2020 04:33:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 435
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 04 Mar 2020 04:33:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3rnOT-_-cCFdPFuwgdkj8BiA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3031386395510;gtm=2wg2j0;auiddc=196677494.1583296417;u4=;u5=undefined;u6=undefined;u7=slJ5zul8oCQ_mon-YhIFRu;u8=;u10=http%3A%2F%2Foyly.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 25ms
7ms Script
application/x-javascript 2600:9000:20eb:ce00:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:ce00:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:04:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 1757
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: f_MI6Cly32QjsTuC15FbhEytY7Qu2CUUR0bNCK0wAYGJh4PYDK0TSQ==
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
expires: Wed, 04 Mar 2020 06:04:20 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
561 B 30ms
20ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: gzip
x-cache-hits: 558
age: 38599
status: 200
x-guploader-uploadid: AEnB2UrWczyLDI_vJM37EJX0Zw2WIuF6Hr8eElC74wwZwqm8GUv8jTOBaZmNR4Ust_UplO1hErkTiRblFul2Kwck_NAlIapalwYFYQiE3rARnBNs5FRdR30
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 65
x-served-by: cache-fra19183-FRA
access-control-allow-origin: *
last-modified: Thu, 28 Mar 2019 13:58:23 GMT
server: UploadServer
x-timer: S1583296417.227733,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
x-goog-generation: 1553781503379173
via: 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 13 Jun 2019 17:44:55 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=861624109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Foyly.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aAjAAEAB~&jid=&gjid=&cid=537015988.1583296417&tid=UA-58630905-2&_gid=1426153552.1583296417&gtm=2wg2j0P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd4=U.S.&cd9=9&cd10=oyly.xyz&cd13=oyly.xyz&cd14=national_desk&cd15=earned&cd16=referring_links&cd17=100000004047817&cd21=collection&cd23=U.S.&cd26=2015&cd27=2015-12-09-13&cd28=Wednesday&cd29=13&cd30=1583286833000&cd34=NEWS&cd36=us&cd37=0&cd42=nyt-vi&cd48=December&cd49=blurb_under_100&cd51=nyt-vi&cd52=collection&cd54=national_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=slJ5zul8oCQ_mon-YhIFRu&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=slJ5zul8oCQ_mon-YhIFRu&cd172=desktop&cd173=desktop&z=1016474913

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 11:56:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 491809
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 313 B
203 B 85ms
84ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=383353179319383&correlator=1551663945904402&output=ldjh&impl=fif&adsid=NT&eid=21065352&vrg=2020022701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=div%3Dmktg%26pos%3Dmktg%26request_time%3D2051&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583296202061%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%26page_view_id%3D-RLax09dtteOMqSdKGMQNXwa%26sov%3D1%26aid%3DslJ5zul8oCQ_mon-YhIFRu&cookie=ID%3D5659e6779803db84%3AT%3D1583296417%3AS%3DALNI_MZV_PkheIBebpG4AmGmj-bvJmhqLw&cookie_enabled=1&bc=31&abxe=1&lmt=1583296202&dt=1583296417241&dlt=1583296415200&idt=1689&frm=20&biw=1585&bih=1200&oid=3&adxs=1093&adys=1359&adks=195518668&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Foyly.xyz%2F&dssz=54&icsg=2202445451200&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AA2WTGPNxr0CeNnB2GY4q-ltPz59%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3&ga_vid=537015988.1583296417&ga_sid=1583296417&ga_hid=861624109&fws=4&ohw=1585&btvi=2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

acdfb8cf7c6380cd55769e8b8fe487fc6632f6c84b80962ee8ad478497c8a41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
168 B 326ms
106ms Image
image/gif 100.25.120.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fsection%2Fus&u=BvDpPdBU8eyaBFpyjg&d=nytimes.com&g=16698&g0=us%2Cnational_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3819&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=http%3A%2F%2Foyly.xyz%2F&b=2332&t=CDz_BtDb7f4LBGVnMODs6NUeDqLizR&V=118&i=U.S.%20News%20-%20The%20New%20York%20Times&tz=-60&_acct=anon&sn=1&sv=CpP6ttBHgoIWBm4vF2BLiSUqBtNDwT&sr=http%3A%2F%2Foyly.xyz%2F&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.120.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-120-185.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Wed, 04 Mar 2020 04:33:37 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 144ms
143ms Script
application/javascript 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Foyly.xyz%2F&clientTimeStamp=1583296417160&totalTime=4&evtUUID=fe33a245-14a2-4a9e-a583-e838fc83f340&gtm=GTM-P528B3-361-Production&page_view_id=-RLax09dtteOMqSdKGMQNXwa&performance=%7B%22first-paint%22%3A425%2C%22first-contentful-paint%22%3A425%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22meter%22%2C%22context%22%3A%22dd5d041%22%2C%22label%22%3A%220%22%2C%22region%22%3A%22false%22%7D%2C%22priority%22%3Atrue%2C%22subject%22%3A%22impression%22%2C%22gtm%22%3A%22GTM-P528B3-361-Production%22%2C%22sourceApp%22%3A%22nyt-vi%22%7D%5D&et2_pageview_id=-RLax09dtteOMqSdKGMQNXwa&sourceApp=nyt-vi&callback=window.EventTracker.cb1&datumId=dfaec73bca2e10bf
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: 967b8ad811e9ba6971a5e33f2d419edaf6529b95759f766e8a46f1d7abec6e8b

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 04:33:37 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
721 B 129ms
129ms Script
application/javascript 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Foyly.xyz%2F&clientTimeStamp=1583296417160&totalTime=204&evtUUID=fe33a245-14a2-4a9e-a583-e838fc83f340&gtm=GTM-P528B3-361-Production&incognitoEnabled=false&adBlockEnabled=false&activeTime=0&page_view_id=-RLax09dtteOMqSdKGMQNXwa&performance=%7B%22first-paint%22%3A425%2C%22first-contentful-paint%22%3A425%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=-RLax09dtteOMqSdKGMQNXwa&sourceApp=nyt-vi&callback=window.EventTracker.cb2&datumId=dfaec73bca2e10bf&agentId=slJ5zul8oCQ_mon-YhIFRu
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: ef915bf9b7a9e03c6ef8e630e4db43b0128b12e6606643495239caee6386c1e6

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 04:33:37 GMT
Connection: keep-alive
Content-Length: 105
Content-Type: application/javascript

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
99ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
739 B 117ms
116ms Script
application/javascript 52.45.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Foyly.xyz%2F&clientTimeStamp=1583296417160&totalTime=209&evtUUID=fe33a245-14a2-4a9e-a583-e838fc83f340&gtm=GTM-P528B3-361-Production&activeTime=0&page_view_id=-RLax09dtteOMqSdKGMQNXwa&performance=%7B%22first-paint%22%3A425%2C%22first-contentful-paint%22%3A425%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=-RLax09dtteOMqSdKGMQNXwa&sourceApp=nyt-vi&callback=window.EventTracker.cb3&datumId=dfaec73bca2e10bf&agentId=slJ5zul8oCQ_mon-YhIFRu
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-162-54.compute-1.amazonaws.com
Software: /
Resource Hash: 6041f68043e9902c7f93de6c89c967be04d2a2e82fb7f2a0722c4dd84ea101cf

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 04:33:37 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
407 B 132ms
131ms XHR
text/plain 34.227.153.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-53.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 04 Mar 2020 04:33:37 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.nytimes.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 28ms
16ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020022701&st=env

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f8781acf16fe89bf29f7870af73ef1c560ce3b824eecd5c738d93e0448fc107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5108
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 34ms
15ms Script
application/javascript 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: oyly.xyz
URL: http://oyly.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745cd78d254d001a46755c9620bcc45783131a4bf0362d44e05078fc3297f082

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 20:06:39 GMT
server: cloudflare
age: 55
etag: W/"dfd3824ef58640d4a0c2c803c301ba08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 56e8e15229d796bc-FRA
x-amz-request-id: DB18EB0FB37FE6E8
x-amz-id-2: 3/eO8hOFD8zug/mMGF60tJvaP5P9u11o45pjnQFM5vP772aWCZkvyDZRP0DyVOmlawRkjsthFxU=

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 04 Mar 2020 04:33:37 GMT

GET
H2 200 sdk-prod-c0c249c1f855a09dbee9.js Show response
platform.iteratehq.com/ 810 KB
221 KB 15ms
15ms Script
application/javascript 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-c0c249c1f855a09dbee9.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92a9cd8f714ce5b96883a3eca69b09325119d23a99c08e81f805aaf3ec624b8

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 20:06:34 GMT
server: cloudflare
age: 980538
etag: W/"1e86462adaefd00f70649e16a72a77b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 56e8e15249ed96bc-FRA
x-amz-request-id: F849A6CBF53B15E1
x-amz-id-2: h+acTo3anuEfutK4ejtMzYEGTCSOQCYTB04P30IxydI2NNJS7BjWHP2szlkveZ3xbbkOVULyQQ4=

GET
H2 200 style-678f598e9656ea26a2bab173e40f76a6.css
platform.iteratehq.com/ 135 KB
11 KB 13ms
13ms Stylesheet
text/css 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-678f598e9656ea26a2bab173e40f76a6.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddf90f1b1347fc3b25ec438499c75811b4992e51e3b9d24a4b2bf725e8af19e

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 04:33:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Feb 2020 22:23:37 GMT
server: cloudflare
age: 1317868
etag: W/"678f598e9656ea26a2bab173e40f76a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-ray: 56e8e15249ec96bc-FRA
x-amz-request-id: 120B4AC0B93E6DB7
x-amz-id-2: jzgVDokRtUlJwK+ShdiO2OKVzYLEtalbCR/V+mp0NiY04Oos9sXbVQ2YWl9fVydB2V34toZh9OM=

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F248 0
0 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 04 Mar 2020 03:47:30 GMT
expires: Thu, 04 Mar 2021 03:47:30 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2767
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 uek0ylt.css
use.typekit.net/ 2 KB
833 B 97ms
21ms Stylesheet
text/css 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uek0ylt.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-33-211.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cb59ff8622df48faf8b8c06bddee7e40309c16a9c0f5ab19a796505fecf3c263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Wed, 04 Mar 2020 04:33:37 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 633

OPTIONS
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 0
571 B 229ms
212ms Fetch 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

date: Wed, 04 Mar 2020 04:33:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
status: 200
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 56e8e1538c0cd6bd-FRA
access-control-allow-headers: Authorization, Content-Type
content-length: 0

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
241 B 105ms
105ms XHR
text/plain 34.227.153.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 04 Mar 2020 04:33:37 GMT
Content-Type: text/plain

GET
H/1.1 200
OK p.css
p.typekit.net/ 5 B
334 B 6ms
5ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uek0ylt&ht=tk&f=26969.26972&a=37539318&app=typekit&e=css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 04 Mar 2020 04:33:37 GMT
Last-Modified: Mon, 04 Feb 2019 20:56:28 GMT
Server: nginx
ETag: "5c58a6fc-5"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5
Expires: Fri, 03 May 2019 09:19:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020022701&jk=383353179319383&bg=!-Pul--NYJNkVEJttn_UCAAAAVVIAAAAKmQFbsiA73g33B3XJiCfpLO5tGBupyEFq_tnBlMOZYDMYeU12T4PCSKirV0uCtNjD41GfgzZaKxkbAuCwYwYBYrOnMLXTKvuP0R5C5RKc-2d8bAWmLAS8otMV4HB7D2ncLlpVYQlQcKHfAn_r8NIyVmsy1hBFueE5kNnDiXxKUtvOlRAxnSTaowlZIBoI7ED_4lDYQZZK0fYnZrmGMI-Y5BK6tguWtHZLeDW2jS51lvEeuveWrNfDNoTI78K7w3yl86J45LBwXnuLXSPv_5OUDjNjkvXLSN272AH8opGH6l6BP6wfb9Sz4xSOmRCsste79pTXuKY3k-TkuIAibMoSt60U4aCsD6vtDl_R1FQC6-5EOhp27MCiAThq0pwohkm9K79xYTvtg84MuuyrLrfWROAm3KCjBP8di0hRS2NRDVrdb7itWUINL94Db7Q0P3F2iAv6GkQNv2uK1ouH628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 04:33:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 259 B
530 B 170ms
169ms Fetch
application/json 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fdd97dbd4e72bbf5cb234d87ccd5da51e961b62b9339aec84cd42b88fe30f6

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Mar 2020 04:33:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 56e8e154ee33d6bd-FRA

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:09:52	Name: IDE Value: AHWqTUl8CDk_zIblaJ-Vnk3QgyX1A3xA8lwdwpim1fyIoxumMkGLSoN81jHRVAkq
news.google.com/	1970-01-19 08:31:28	Name: OTZ Value: 5349874_52_52_123900_48_436380
.nytimes.com/	1970-01-19 16:33:52	Name: nyt-a Value: slJ5zul8oCQ_mon-YhIFRu
.nytimes.com/	1970-01-19 07:49:26	Name: edu_cig_opt Value: %7B%22isEduUser%22:false%7D
.google.com/	1969-12-31 23:59:59	Name: S Value: billing-ui-v3=6ml9c442oDiXfj5Ady9k13rrwwPfBaO2:billing-ui-v3-efe=6ml9c442oDiXfj5Ady9k13rrwwPfBaO2
.pay.google.com/	1970-01-19 07:49:42	Name: _gid Value: GA1.3.926321813.1583296416
.nytimes.com/	1970-01-19 07:49:26	Name: b2b_cig_opt Value: %7B%22isCorpUser%22:false%7D
.pay.google.com/	1970-01-19 07:48:16	Name: _gat_UA1168580691 Value: 1
www.nytimes.com/	1970-01-19 17:17:04	Name: _cb Value: BvDpPdBU8eyaBFpyjg
.nytimes.com/	1970-01-19 07:48:16	Name: _gat_UA-58630905-2 Value: 1
www.nytimes.com/	1970-01-19 17:17:04	Name: _chartbeat2 Value: .1583296417249.1583296417249.1.CpP6ttBHgoIWBm4vF2BLiSUqBtNDwT.1
www.nytimes.com/	1970-01-19 17:17:04	Name: _cb_ls Value: 1
.pay.google.com/	1970-01-20 01:19:28	Name: _ga Value: GA1.3.814967131.1583296416
.nytimes.com/	1970-01-21 03:37:42	Name: nyt-m Value: 50705A3E98B180CF2CB85AB25296D417&igd=i.0&iga=i.0&iru=i.0&er=i.1583296416&fv=i.0&ird=i.0&e=i.1585699200&rc=i.0&v=i.0&ft=i.0&s=s.core&iue=i.0&iub=i.0&ica=i.0&uuid=s.06c61254-8b8b-409f-8418-ec5a4dd32ab1&n=i.2&g=i.0&imu=i.1&igu=i.1&ifv=i.0&igf=i.0&ier=i.0&vr=l.4.0.0.0.0&prt=i.0&cav=i.0&imv=i.0&ira=i.0&iir=i.0&t=i.1&pr=l.4.0.0.0.0&vp=i.0
.nytimes.com/	1970-01-19 09:57:52	Name: _gcl_au Value: 1.1.196677494.1583296417
.nytimes.com/	1970-01-19 16:33:52	Name: nyt-jkidd Value: uid=0&lastRequest=1583296417027&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 07:49:42	Name: walley_gid Value: GA1.2.1426153552.1583296417
.nytimes.com/	1970-01-20 01:19:28	Name: walley Value: GA1.2.537015988.1583296417
.nytimes.com/	1970-01-19 16:33:52	Name: nyt-purr Value: cfhhpnh
www.nytimes.com/	1970-01-19 07:48:18	Name: _cb_svref Value: http%3A%2F%2Foyly.xyz%2F
.nytimes.com/	1970-01-20 01:19:28	Name: __gads Value: ID=5659e6779803db84:T=1583296417:S=ALNI_MZV_PkheIBebpG4AmGmj-bvJmhqLw
.nytimes.com/	1970-01-19 07:48:38	Name: nyt-gdpr Value: 1
pay.google.com/	1970-01-19 08:31:28	Name: OTZ Value: 5349874_52_52_123900_48_436380
.nytimes.com/	1970-01-19 17:17:46	Name: purr-cache Value: <K0<r<C_<G_
.google.com/	1970-01-19 12:11:47	Name: NID Value: 199=kzfAMTRSfe74ZnD4XiuHGCBddlD_kdo1u4ZkVoXWbLgzSVzFhuAm3Blx3bx5JAt1a41odT5NZasj9dIa1ohK61-VovIwuNQpfCo6uwqjHYgQ7Ug_AMozHIuHu7lSZ8LR7xA3jnTRpiLqTOALMoP6VYkw3r7nCP86P-k9FU2Unx4

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js(Line 1) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 29) Message: Subscriptions Runtime: 0.1.22.95
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Invalid GPT size specification: []
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'defineSizeMapping' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022701.js(Line 6) Message: Invalid GPT size specification: []
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js(Line 1) Message: Service Worker: content is cached

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.nl
api-js.datadome.co
cdn.optimizely.com
cigsvc.nytimes.com
clients2.google.com
errors.client.optimizely.com
et.nytimes.com
g1.nyt.com
iteratehq.com
js.datadome.co
meter-svc.nytimes.com
mwcm.nytimes.com
news.google.com
nytimes.com
oyly.xyz
p.typekit.net
pagead2.googlesyndication.com
pay.google.com
payments.google.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
100.25.120.185
143.204.101.22
151.101.113.164
151.101.13.164
151.101.65.164
167.99.26.105
172.217.23.130
18.195.114.24
216.58.208.38
23.37.33.211
2600:9000:20eb:ce00:18:1fcd:349:ca21
2606:4700:3032::6812:216c
2a00:1450:4001:800::2001
2a00:1450:4001:800::2013
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2013
2a00:1450:4001:816::2003
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:400c:c00::9a
2a00:1450:400c:c0a::5c
2a02:26f0:6c00:181::13b8
2a02:26f0:6c00:28d::19fd
34.227.153.53
35.241.35.241
52.45.162.54
02b53865665115192c191d6ab89cb6d0dfab39efc1e34bc233a9f08ed1593c96
0476b9f4e1652de48e298e06f2c4d65ce15650b96798811e4d5fd3699334d35f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d393f6c6313d588dbd262c8dffbb6c8e2ac1a91eb4ce9b96a595823ae1b46a
094076e1ffd08827b64e61e10cc1cf59c1948135082a173230e149b81c3b119d
0cbb7b2aff9f88d194a83e996cd2db032576a06eafc5db167939393fff4c42fd
0e7538a51c25c7b83a187a12ae055d941a81a12fc70dd1edeb411f275693f59d
0f5dfa165e877e77aa52e44909b23d0fabb3473fce542d4c820eea6c5de5b345
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1a83e4977f18ec66342adcd0bf2fe762cdbb72d16b7463fb9a5808f820e4b824
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1f8781acf16fe89bf29f7870af73ef1c560ce3b824eecd5c738d93e0448fc107
244d6f7fb2c90144ed282f16dc6fa7a47ea302bb415a05ff2e9a973b4da68903
2791fc54c978d877c844432dc8f988fe645bafa730fa1650cd47fc779d14a3f2
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd
2c4cecad1c8c0ff250579439976e672cc55a64923acfbbae77bca772f6955230
2f1854fe522e040274f3f7ff6099b5ad70baf11f08aa79e9481eaa4818a9d2f9
32afc8fcd526c458dd06164b34767d96f9ec99cb81d4cca0e3d2cc7a10f4d4bf
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
366e4c8ace6dc121105fc314b7f16460c4b4104d9332df35dada900f13b73d94
3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2
3ddf90f1b1347fc3b25ec438499c75811b4992e51e3b9d24a4b2bf725e8af19e
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
40440b3c3ec92e9c208bb91c71cea990072bd9adca3492d39f28d70c03cfd797
405438e18e8b7f45691111f6383ffe4f42c49cd35ad7b1aa9c09dd97a7292f32
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
485472da610eb5563536090f56a4d9ddd3431db0abc9029aebc277d2694b66d3
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4a37c13ecee6b460cf2d67c55cdba2400440bef34df96a58111c87a7bf82aa9c
4e0f32d4e30e0a6e969beef61ec0faff6051e64ddf950c08fb85b495811da9c2
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
50c7f1838b1f0e0a7fe90fefa1523c2ba748378305e48c1297277b4b04990a81
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647
6041f68043e9902c7f93de6c89c967be04d2a2e82fb7f2a0722c4dd84ea101cf
60fdd97dbd4e72bbf5cb234d87ccd5da51e961b62b9339aec84cd42b88fe30f6
632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e
643a5f374bfa5f0c8d5184f7f43b07893bfdf419dec0e0c688a97ce9774404d5
66722bbae6b00aba39daf09445f9d984141b9a980c0a4d4c85e3ed32774fad36
7183c7c50e8cff0e4cb7344483d5f69ec786ef306383c7a3a2d2b1ced6a54b7f
723f8f5273a39571d370d3990340264929dc0ae120eb093d932e249bc90a088d
745cd78d254d001a46755c9620bcc45783131a4bf0362d44e05078fc3297f082
746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122
755efa871572a1711a45d4d079e05f9d6a13635ce4308a8dae60b133312927e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b81c098f8cd1362848b2d9b10a139bbf07ed1aa0411712c7d502d31a1734506
8de1a2af8497415267f13a34defbe502977d35a70fe6547df22c7043ad530875
91db50aacff019605bd6632a2e1a844cc662a3373af33a8fb4aff84eeb5abfc9
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
945014dcd60469e50bf03305fe4c18e28ef319f6b750b9be7d5894d7f54823fd
967b8ad811e9ba6971a5e33f2d419edaf6529b95759f766e8a46f1d7abec6e8b
a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be
a43bedf6f55ec114cc6274c90f19feecd05d875404b168167b1c62c8dcd41505
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
acdfb8cf7c6380cd55769e8b8fe487fc6632f6c84b80962ee8ad478497c8a41b
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd
b92a9cd8f714ce5b96883a3eca69b09325119d23a99c08e81f805aaf3ec624b8
ba8b538be0a519c4bbf5f77737c8c31a850909a1ada2f016d1b60ccad91d012b
bda95de87a38089fbd2fb913f2679f8ee91a144d41d847ceca9427cc8aa61a3a
c9b6109ebb33e991f5b3c7ce32ca1706e18741d0ddebfdef3f279b93617b26d8
cb59ff8622df48faf8b8c06bddee7e40309c16a9c0f5ab19a796505fecf3c263
cc9a548ffa713008b9f66a357839e4b04e263ecee566a7217da415ce369fa9bf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d247b1d1593bd99f20a224e2dfeb16c6838906bd292589770ced6b4c6713d137
d42e60fd52c55ff118b8bdedb7a2b6f842af7fdcfae8e1d586b5cd2ebda54720
d533a6958f89c2a9142bff2b06bc23a888ccea9165dbf7edb5cff9606f54fae1
dbd88786bc26d8f74ca90d0fb57d7f6875eeaae3d4c3fae88a4424bfe725fa24
dfc3f558d7ab9659f6fc3a1c61fa7c5c6c905adecd8bff069652254c13f84b9b
e305b3db3ab1b0896c34763db9d4a7ad1116daa72dfe94dd3698a0d53eacfc26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8da4bce296f4043ff4924211a785f59ccdc59b83ae3d8cadd2c29ccf5e95f73
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed29140be51471aa7515eeb1ee4024e6e5b08739d811c98f78b07fd5fd095dc1
ed8ab4b5ad016ad6b66cd70b80eebb79b8da7c98ad5e385a1ff45b8a9f70a141
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef915bf9b7a9e03c6ef8e630e4db43b0128b12e6606643495239caee6386c1e6
f0636fe0908679e694e4fd2a8e7418fe7c1572024af0938b6d36174ad13e496b
f6263f46a7d8ae21bed064210bd18fdf69ff280d1828e1efd8bb03d1addf0404
f734e3f571c4d8d7abedddf036063124002749f532a51e9d618f0facf952a247
f7fe86b6c41e18095f074651bd4f7b00909fbfbf865d963346ef51fb6a4245c7
fb71626a34be4f2c6159597e984a506ad6eeb622e927efc06629be1a0deaf944
fd5d68c2ad95c95fb7d7fec7b83cb486f928d224383d04e2c9940df5e5e368f4
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.nytimes.com Open in urlscan Pro 151.101.13.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

58 %IPv6

17 Domains

40 Subdomains

28 IPs

5 Countries

4400 kBTransfer

8016 kBSize

25 Cookies

21 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

58 %
IPv6

17
Domains

40
Subdomains

28
IPs

5
Countries

4400 kB
Transfer

8016 kB
Size

25
Cookies

115 HTTP transactions
0 data transactions