77.232.142.73.sslip.io Open in urlscan Pro
77.232.142.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://77.232.142.73.sslip.io/
Submission: On December 05 via api (December 5th 2023, 3:12:57 pm UTC) from US — Scanned from US

Summary HTTP 197 Redirects Links 298 Behaviour Indicators

Summary

This website contacted 40 IPs in 2 countries across 25 domains to perform 197 HTTP transactions. The main IP is 77.232.142.73, located in Stockholm, Sweden and belongs to AEZA-AS, GB. The main domain is 77.232.142.73.sslip.io.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.

This is the only time 77.232.142.73.sslip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	77.232.142.73 77.232.142.73	210644 (AEZA-AS) (AEZA-AS)
55	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	13.32.195.219 13.32.195.219	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
5	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
7	52.3.42.214 52.3.42.214	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:200... 2600:9000:2009:e600:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.160.53.102 18.160.53.102	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
5	2602:803:c002... 2602:803:c002:200::52	26667 (RUBICONPR...) (RUBICONPROJECT)
1	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.85.72.59 3.85.72.59	14618 (AMAZON-AES) (AMAZON-AES)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.160.10.20 18.160.10.20	16509 (AMAZON-02) (AMAZON-02)
5	18.165.97.179 18.165.97.179	16509 (AMAZON-02) (AMAZON-02)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
2	18.67.65.113 18.67.65.113	16509 (AMAZON-02) (AMAZON-02)
2 5	18.154.227.100 18.154.227.100	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
7	18.218.135.175 18.218.135.175	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9b	15169 (GOOGLE) (GOOGLE)
1 2	142.251.167.148 142.251.167.148	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24f... 2600:9000:24f3:1200:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4842	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
6	23.213.158.68 23.213.158.68	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	34.201.248.140 34.201.248.140	14618 (AMAZON-AES) (AMAZON-AES)
1	20.40.202.2 20.40.202.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.189.152.57 18.189.152.57	16509 (AMAZON-02) (AMAZON-02)
2	2600:1408:c40... 2600:1408:c400:29::17da:da4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:6e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c08::69	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	23.47.64.23 23.47.64.23	16625 (AKAMAI-AS) (AKAMAI-AS)
197	40

36 77.232.142.73 (Stockholm, Sweden)

ASN210644 (AEZA-AS, GB)
PTR: sore-pump1.aeza.network

77.232.142.73.sslip.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vp.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.195.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-195-219.iad66.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vp.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.3.42.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-42-214.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2009:e600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.53.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-53-102.iad55.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.75 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.85.72.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-72-59.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-20.iad12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.165.97.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-97-179.iad55.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.65.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-113.iad89.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.154.227.100 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-100.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.218.135.175 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-135-175.us-east-2.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f148.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f3:1200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4842 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.213.158.68 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-158-68.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.201.248.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-248-140.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.189.152.57 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-152-57.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:29::17da:da4e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::69 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.64.23 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-64-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9094 static01.nyt.com — Cisco Umbrella Rank: 7033 a1.nyt.com — Cisco Umbrella Rank: 7505 vp.nyt.com — Cisco Umbrella Rank: 15540	9 MB
36	sslip.io 77.232.142.73.sslip.io	1 MB
15	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1487 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2632 lm.serving-sys.com — Cisco Umbrella Rank: 2628	175 KB
15	nytimes.com static01.nytimes.com — Cisco Umbrella Rank: 12707 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 6345 a.et.nytimes.com — Cisco Umbrella Rank: 5692 als-svc.nytimes.com Failed www.nytimes.com — Cisco Umbrella Rank: 3174 static.nytimes.com — Cisco Umbrella Rank: 29430 dd.nytimes.com — Cisco Umbrella Rank: 8656 purr.nytimes.com Failed a.nytimes.com Failed meter-svc.nytimes.com — Cisco Umbrella Rank: 19205	292 KB
11	googlesyndication.com f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	51 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	72 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 8695	180 KB
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 6385 iteratehq.com — Cisco Umbrella Rank: 5693	32 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	2 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537	4 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 tps.doubleverify.com — Cisco Umbrella Rank: 505 tpsc-ue1.doubleverify.com	107 KB
4	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7123	801 B
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 2872 collector.brandmetrics.com — Cisco Umbrella Rank: 3177	20 KB
3	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 695 nytimes-d.openx.net — Cisco Umbrella Rank: 14205	843 B
3	3lift.com 1 redirects tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 372	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	712 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 93 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1498 cs.media.net — Cisco Umbrella Rank: 1381	1 KB
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 3375	81 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	183 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767	24 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 171	324 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	850 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1445	50 KB
197	25

	Domain	Requested by
36	77.232.142.73.sslip.io	77.232.142.73.sslip.io rumcdn.geoedge.be www.datadoghq-browser-agent.com
31	static01.nyt.com	77.232.142.73.sslip.io
18	g1.nyt.com	77.232.142.73.sslip.io g1.nyt.com
7	bs.serving-sys.com	f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com secure-ds.serving-sys.com
6	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	77.232.142.73.sslip.io rumcdn.geoedge.be www.datadoghq-browser-agent.com f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com www.googletagservices.com
6	a.et.nytimes.com	77.232.142.73.sslip.io www.datadoghq-browser-agent.com
5	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com tpc.googlesyndication.com www.googletagservices.com
5	sb.scorecardresearch.com	2 redirects 77.232.142.73.sslip.io secure-ds.serving-sys.com
5	aax.amazon-adsystem.com	www.datadoghq-browser-agent.com
5	fastlane.rubiconproject.com	www.datadoghq-browser-agent.com
4	iteratehq.com	www.datadoghq-browser-agent.com
4	pnytimes.chartbeat.net	77.232.142.73.sslip.io
4	tpc.googlesyndication.com	f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com rumcdn.geoedge.be
3	vp.nyt.com	77.232.142.73.sslip.io
3	c.amazon-adsystem.com	77.232.142.73.sslip.io www.datadoghq-browser-agent.com
3	samizdat-graphql.nytimes.com	www.datadoghq-browser-agent.com
2	match.adsrvr.org	2 redirects
2	eb2.3lift.com	1 redirects
2	nytimes-d.openx.net	1 redirects
2	platform.iteratehq.com	77.232.142.73.sslip.io platform.iteratehq.com
2	cdn.doubleverify.com	secure-ds.serving-sys.com 77.232.142.73.sslip.io
2	lm.serving-sys.com	secure-ds.serving-sys.com
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	77.232.142.73.sslip.io www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	dd.nytimes.com	77.232.142.73.sslip.io www.datadoghq-browser-agent.com
2	rumcdn.geoedge.be	77.232.142.73.sslip.io rumcdn.geoedge.be
2	www.googletagmanager.com	77.232.142.73.sslip.io www.googletagmanager.com
1	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
1	cs.media.net
1	www.google.com	rumcdn.geoedge.be
1	tps.doubleverify.com	cdn.doubleverify.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	static.chartbeat.com	77.232.142.73.sslip.io
1	meter-svc.nytimes.com	www.datadoghq-browser-agent.com
1	www.googletagservices.com	f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
1	sentry.io	77.232.142.73.sslip.io
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	prebid.media.net	www.datadoghq-browser-agent.com
1	rtb.openx.net	www.datadoghq-browser-agent.com
1	tlx.3lift.com	www.datadoghq-browser-agent.com
1	ib.adnxs.com	www.datadoghq-browser-agent.com
1	static.nytimes.com	77.232.142.73.sslip.io
1	www.nytimes.com	77.232.142.73.sslip.io
1	static01.nytimes.com	77.232.142.73.sslip.io
1	www.datadoghq-browser-agent.com	77.232.142.73.sslip.io
0	a.nytimes.com Failed	www.datadoghq-browser-agent.com
0	purr.nytimes.com Failed	www.datadoghq-browser-agent.com
0	als-svc.nytimes.com Failed	www.datadoghq-browser-agent.com
197	52

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
cn.nytimes.com
cooking.nytimes.com
theathletic.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
eminem.stilldre.online R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.et.nytimes.com R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-10-23` - `2024-11-21`	a year	crt.sh
meter-svc.nytimes.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
secure-ds.serving-sys.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
lm.serving-sys.com Amazon RSA 2048 M01	`2023-09-26` - `2024-10-25`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
iteratehq.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://77.232.142.73.sslip.io/
Frame ID: 9506136903555ACD41B7CCB2B4083914
Requests: 159 HTTP requests in this frame

Frame: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 962DC719C6AF2ADD50F003C972ED2E72
Requests: 1 HTTP requests in this frame

Frame: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB4CF59DCF347EBF7F1FC9FB2A25BA10
Requests: 24 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F
Frame ID: FAD06DF4565E7EA40A75003074EA388E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5072.js
Frame ID: 9C1B819854702E2307373A509FCEB92A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D17684C6AE4DD5F0B835FB04F7B0CC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D31BDE7F84A7B221AE89DC1B4A1B916D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

197
Requests

76 %
HTTPS

35 %
IPv6

25
Domains

52
Subdomains

40
IPs

2
Countries

11891 kB
Transfer

19958 kB
Size

27
Cookies

298 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/es/
Title: Español

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/todayspaper
Title: Today’s Paper

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/us
Title: U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/nyregion
Title: New York

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/california-today
Title: California

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/education
Title: Education

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/science
Title: Science

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/climate
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/upshot
Title: The Upshot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/magazine
Title: The Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/2024-election
Title: 2024 Elections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-supreme-court
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-congress
Title: Congress

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/joe-biden
Title: Biden Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/trump-attorney-general-ny-inquiry
Title: Trump Civil Fraud Trial

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/donald-trump-investigations
Title: Trump Investigations

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/abortion-news
Title: Abortion in the U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing
Title: The MorningMake sense of the day’s news and ideas.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/upshot
Title: The UpshotAnalysis that explains politics, policy and everyday life.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters
Title: See all newsletters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-daily
Title: The DailyThe biggest stories of our time, in 20 minutes a day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/election-run-up-podcast
Title: The Run-UpOn the campaign trail with Astead Herndon.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/podcasts
Title: See all podcasts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/africa
Title: Africa

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/americas
Title: Americas

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/asia
Title: Asia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/australia
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/canada
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/middleeast
Title: Middle East

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/israel-hamas-gaza
Title: Israel-Hamas War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/ukraine-russia
Title: Russia-Ukraine War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing-europe
Title: Morning Briefing: EuropeGet what you need to know to start your day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-interpreter
Title: The InterpreterOriginal analysis on the week’s biggest global stories.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/australia-letter
Title: Australia LetterNews, features and opinion for readers in the region.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/canada-letter
Title: Canada LetterBackstories and analysis from our Canadian correspondents.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/media
Title: Media

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/markets-overview
Title: Finance and Markets

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/dealbook
Title: DealBook

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology/personaltech
Title: Personal Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/energy-environment
Title: Energy Transition

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/your-money
Title: Your Money

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/economy-business-us
Title: U.S. Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/artificial-intelligence
Title: Artificial Intelligence

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/subject/organized-labor
Title: Organized Labor

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/subject/retirement
Title: Retirement

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/dealbook
Title: DealBookThe most crucial business and policy news you need to know.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/hard-fork
Title: Hard ForkOur tech journalists help you make sense of the rapidly changing tech world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts
Title: Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/books
Title: Books

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/books/best-sellers
Title: Best Sellers

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/dance
Title: Dance

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/television
Title: Television

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/theater
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/pop-culture
Title: Pop Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/t-magazine
Title: T Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/design
Title: Visual Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/critics-picks
Title: Critic’s Picks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/books-to-read
Title: What to Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/what-to-watch
Title: What to Watch

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/playlist
Title: What to Listen To

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/10/27/arts/music/music-fivemins-collection.html
Title: 5 Minutes to Make You Love Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/read-like-the-wind
Title: Read Like the WindBook recommendations from our critics.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/watching
Title: WatchingStreaming TV and movie recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/book-review-podcast
Title: Book ReviewThe podcast that takes you inside the literary world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/popcast-pop-music-podcast
Title: PopcastPop music news, new songs and albums, and artists of note.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well
Title: Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/food
Title: Food

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion/weddings
Title: Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/style
Title: Style

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion
Title: Fashion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/realestate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love
Title: Modern Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-hunt
Title: The Hunt

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/social-qs
Title: Social Q’s

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-ethicist
Title: The Ethicist

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/eat
Title: Eat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/move
Title: Move

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/mind
Title: Mind

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/family
Title: Family

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/live
Title: Live

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ask-well
Title: Ask Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/open-thread-fashion
Title: Open ThreadThe latest news on what we wear, by our chief fashion critic.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/love-letter
Title: Love LetterReal stories of relationship highs, lows and woes.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love-podcast
Title: Modern LoveThe complicated love lives of real people.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/contributors
Title: Guest Essays

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/editorials
Title: Editorials

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/op-docs
Title: Op-Docs

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/opinion-video
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/letters
Title: Letters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/international-world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/business-economics
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/environment
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/charles-m-blow
Title: Charles M. Blow

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/jamelle-bouie
Title: Jamelle Bouie

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/david-brooks
Title: David Brooks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/gail-collins
Title: Gail Collins

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/ross-douthat
Title: Ross Douthat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/maureen-dowd
Title: Maureen Dowd

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/david-french
Title: David French

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/thomas-l-friedman
Title: Thomas L. Friedman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/michelle-goldberg
Title: Michelle Goldberg

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/ezra-klein
Title: Ezra Klein

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/nicholas-kristof
Title: Nicholas Kristof

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/paul-krugman
Title: Paul Krugman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/carlos-lozada
Title: Carlos Lozada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/tressie-mcmillan-cottom
Title: Tressie McMillan Cottom

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/pamela-paul
Title: Pamela Paul

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/lydia-polgreen
Title: Lydia Polgreen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/bret-stephens
Title: Bret Stephens

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/zeynep-tufekci
Title: Zeynep Tufekci

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/matter-of-opinion
Title: Matter of OpinionThoughts, aloud. With Michelle Cottle, Ross Douthat, Carlos Lozada and Lydia Polgreen.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein-podcast
Title: The Ezra Klein ShowDiscussions of ideas that matter, plus book recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/audio/app
Title: Download the Audio app on iOS.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-headlines
Title: The Headlines

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/podcasts/serial-productions.html
Title: Serial Productions

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/reporter-reads
Title: Reporter Reads

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/the-sunday-read
Title: The Sunday Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/10/19/podcasts/serial-kids-rutherford-county.html
Title: The Kids of Rutherford CountyA series about how one county illegally jailed children.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/audio
Title: AudioOur editors share their favorite listens from the New York Times Audio app.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/all-access
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords
Title: Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/spelling-bee
Title: Spelling Bee

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/mini
Title: The Mini Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/wordle/index.html
Title: Wordle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/daily/
Title: The Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/vertex
Title: Vertex

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/connections
Title: Connections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/sudoku
Title: Sudoku

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/letter-boxed
Title: Letter Boxed

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/tiles
Title: Tiles

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/spelling-bee-forum
Title: Spelling Bee Forum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/daily-crossword-column
Title: Wordplay Column

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/wordle-review
Title: Wordle Review

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/submit-crossword-puzzles-the-new-york-times.html
Title: Submit a Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/puzzle-making
Title: Meet Our Crossword Constructors

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/09/19/crosswords/mini-to-maestro-part-1.html
Title: Mini to Maestro

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/upshot/wordle-bot.html
Title: Wordlebot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/gameplay
Title: GameplayPuzzles, brain teasers, solving tips and more.

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-recipes
Title: Easy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/dinner-recipes
Title: Dinner

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/43843372-quick-recipes
Title: Quick

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/healthy-recipes
Title: Healthy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/breakfast
Title: Breakfast

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegetarian
Title: Vegetarian

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegan-recipes
Title: Vegan

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-chicken-recipes
Title: Chicken

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-pasta-recipes
Title: Pasta

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/desserts
Title: Dessert

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/thanksgiving
Title: Thanksgiving Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-weeknight
Title: Easy Weeknight

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/32998034-our-newest-recipes
Title: Newest Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/2370458-one-pot-dinner-recipes
Title: One-Pot Meals

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/950138-amazing-slow-cooker-recipes
Title: Slow Cooker Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/comfort-food
Title: Comfort Food

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/entertaining
Title: Party Recipes

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/cooking
Title: The Cooking NewsletterCulinary inspiration from Sam Sifton and Melissa Clark.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-veggie
Title: The VeggieDelicious vegetarian recipes and tips from Tanya Sichynsky.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/five-weeknight-dishes
Title: Five Weeknight DishesDinner ideas for busy people from Emily Weinstein.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter
Title: WirecutterReviews and recommendations for thousands of products.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/kitchen-dining/
Title: Kitchen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/electronics/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/sleep/
Title: Sleep

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/appliances/
Title: Appliances

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/home-garden/
Title: Home and Garden

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/make-a-plan/moving/
Title: Moving

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/gifts/
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/deals/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/baby-kid/
Title: Baby and Kid

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/health-fitness/
Title: Health and Fitness

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-air-purifier/
Title: Air Purifier

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-electric-toothbrush/
Title: Electric Toothbrush

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-pressure-washer/
Title: Pressure Washer

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-cordless-stick-vacuum/
Title: Cordless Stick Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-office-chair/
Title: Office Chair

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-robot-vacuum/
Title: Robot Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-recommendation
Title: The RecommendationThe best independent reviews, expert advice and intensively researched deals.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/clean-everything
Title: Clean EverythingStep-by-step advice on how to keep everything in your home squeaky clean.

Search URL Search Domain Scan URL

URL: https://theathletic.com/
Title: The Athletic

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://theathletic.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://theathletic.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-football/
Title: NCAAF

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-basketball/
Title: NCAAM

Search URL Search Domain Scan URL

URL: https://theathletic.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://theathletic.com/womens-college-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://theathletic.com/formula-1/
Title: Formula 1

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://theathletic.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://theathletic.com/tag/a1-must-read-stories/
Title: Must-Read Stories

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/standings/
Title: NFL Standings

Search URL Search Domain Scan URL

URL: https://theathletic.com/5029170/2023/11/06/free-agents-mlb-list/
Title: MLB Free Agency

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-pulse
Title: The PulseDelivering the top stories in sports, Sunday to Friday.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-windup
Title: The WindupThe biggest stories in baseball, by Levi Weaver with Ken Rosenthal.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-bounce
Title: The BounceEssential NBA news from Zach Harper and Shams Charania.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/full-time
Title: Full TimeThe biggest women's soccer stories, from Emily Olsen, Meg Linehan & Steph Yang

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/12/05/world/israel-hamas-war-gaza-news
Title: LIVEDec. 5, 2023, 10:10 a.m. ET2m ago2m agoIsraeli Forces Enter Southern Gaza’s Largest City as Fears Grow for CiviliansIsrael has stepped up its attacks in Khan Younis amid growing concerns that there is nowhere left for civilians to flee.See more updates 6+

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/world/middleeast/israel-hamas-sexual-violence-un.html
Title: A meeting at the U.N. accused the body of ignoring the rape and mutilation of women in the Oct. 7 assault on Israel.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/podcasts/ukraine-aid-israel-gaza.html
Title: <img src="https://static01.nyt.com/images/2023/12/05/multimedia/05headlines-audio-gwqm/05headlines-audio-gwqm-square640.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A person wearing a military camouflage uniform is firing a large weapon out from a hiding place." class="css-122y91a"/>The HeadlinesAudioU.S. aid for Ukraine is running low, and more.6 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/technology/ai-chatgpt-google-meta.html
Title: Inside the A.I. Arms Race That Changed Silicon Valley ForeverChatGPT’s release a year ago set off a desperate scramble among tech companies and alarm from some of the people who helped invent it.15 min read<img src="https://static01.nyt.com/images/2023/11/21/business/00tech-ai-03/00tech-ai-03-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of shadowy figures at computer screens and keyboards." class="css-122y91a"/>Hokyoung Kim

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/03/technology/ai-openai-musk-page-altman.html
Title: Ego, Fear and Money: How the A.I. Fuse Was Lit

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/business/china-evergrande-default-debt.html
Title: Chinese Developer’s Crash Was Propelled by Questionable AccountingBlame for China Evergrande’s downfall has been placed on Chinese lending policies, but poor corporate oversight was hiding in plain sight.7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/business/china-debt-moodys-outlook.html
Title: China’s rising debt spurred the ratings agency Moody’s to lower the country’s credit outlook.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/best-of
Title: Best of 2023

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/01/movies/best-movies-of-2023.html
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/29/arts/television/best-tv-shows-2023.html
Title: TV Shows

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/28/books/review/best-books-2023.html
Title: Books

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/30/arts/music/best-albums-2023.html
Title: Albums

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/theater/best-theater-2023.html
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/arts/best-podcasts-2023.html
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/02/arts/best-video-games-2023.html
Title: Video Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/arts/television/best-comedy-of-2023.html
Title: The Best Comedy of 2023It’s time to stop taking Jim Gaffigan for granted, and more surprising takeaways from specials, stand-up sets and other funny moments this year.6 min read<img src="https://static01.nyt.com/images/2023/12/10/multimedia/10BEST-COMEDY-02-vbmk/10BEST-COMEDY-02-vbmk-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A man in a black shirt and suit jacket holds a microphone." class="css-122y91a"/>Prime Video

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/nyregion/nyc-working-class-tax-rich.html
Title: New York’s Millionaire Class Is Growing. Other People Are Leaving.Despite an exodus earlier in the pandemic, wealthy New Yorkers are increasing in number, raising questions about the state’s tax policies.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/theater/new-york-theater.html
Title: New York City’s small Off Broadway theaters are cutting back as they struggle to recover from the pandemic.7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/world/europe/putin-visit-saudi-arabia-uae.html
Title: Putin to Visit Saudi Arabia and U.A.E. on WednesdayPresident Vladimir Putin of Russia is making a series of diplomatic trips, as Ukraine tries to shore up eroding Western support for its war effort.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/world/europe/ukraine-aid-zelensky-congress.html
Title: President Volodymyr Zelensky will address U.S. senators before they vote on aid to Ukraine.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/science/mexico-axolotl-biology.html
Title: What It Takes to Save the AxolotlBiologists in Mexico are working to reintroduce a treasured amphibian to the wild. But first they must revive an ancient method of farming.10 min readLuis Antonio Rojas for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/cop28-climate-change-summit.html
Title: What to Know

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/30/climate/cop28-global-progress-carbon-emissions.html
Title: Predicting Progress on Emissions

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/09/14/climate/sultan-al-jaber-uae-cop28.html
Title: Who Is Sultan Al Jaber?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/climate/climate-change-faq.html
Title: Climate F.A.Q.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/climate/cop28-fossil-fuels.html
Title: It’s Big Oil vs. Science at the U.N. Climate SummitAs negotiators work to agree on a final text, attention has turned to a fundamental question: Will the talks call for a phaseout of fossil fuels?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/climate/renewable-energy-inflation-climate-cop28.html
Title: Renewable energy could be a casualty in the war on inflation. Here’s why.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/climate/cop28-climate-faith-religion.html
Title: A pavilion at the COP28 summit dedicated to spirituality offers a space for meditation, prayer and hope.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/us/politics/chris-christie-republicans-2024.html
Title: Some Republicans Have a Blunt Message for Chris Christie: Drop OutSeveral anti-Trump Republican donors and strategists are pushing Mr. Christie to end his presidential campaign and back Nikki Haley.6 min read<img src="https://static01.nyt.com/images/2023/12/04/multimedia/04pol-christie-topart-wltq/04pol-christie-topart-wltq-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Chris Christie stands holding a microphone as men and women sit around him, with an American flag visible at the back of the room." class="css-122y91a"/>Sophie Park for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/world/africa/johannesburg-squatters-building-fire.html
Title: This Building Was Deemed ‘Outright Inhumane.’ But They Say It’s Home.They know their building in Johannesburg is every bit as dangerous as one that burned last summer, killing 77, but it’s one they might not otherwise have.8 min read<img src="https://static01.nyt.com/images/2023/10/20/multimedia/00safrica-building-promo/00safrica-building-01-cwlt-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A man stands in a room while a child walks through a dark hallway in a dilapidated building." class="css-122y91a"/>Joao Silva/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/israel-protests-free-speech.html
Title: <img src="https://static01.nyt.com/images/2018/04/02/opinion/michelle-goldberg/michelle-goldberg-thumbLarge-v2.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Michelle Goldberg" class="css-122y91a"/>Michelle GoldbergThe Backlash to Anti-Israel Protests Threatens Free Speech4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/liz-cheney-memoir.html
Title: <img src="https://static01.nyt.com/images/2022/09/09/opinion/katherine-miller/katherine-miller-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Katherine Miller" class="css-122y91a"/>Katherine MillerThe Resolute Liz Cheney5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/taiwan-kinmen-china.html
Title: S. Leo ChiangAt Dinner, My Mother Casually Reminded Me That I Should Have a Plan if China Invades2 min readS. Leo Chiang

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/sandra-day-oconnor-marriage.html
Title: Patti DavisSandra Day O’Connor Told a Truth About Marriage That Few Others Dared To4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/ezra-klein-podcast-tareq-baconi.html
Title: <img src="https://static01.nyt.com/images/2023/12/05/podcasts/05eks-baconi/05eks-baconi-square640-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="" class="css-122y91a"/>The Ezra Klein ShowAudio‘This Is How Hamas Is Seeing This’67 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/biden-primary-democrats-republicans.html
Title: Hans NoelThere Is a Better Way to Pick a Presidential Nominee6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/police-crime-data.html
Title: Jeff AsherAn Early Warning That Policing May Be in Decline4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/climate-change-europe-conservatives.html
Title: <img src="https://static01.nyt.com/images/2023/12/05/opinion/05hockenos/05hockenos-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration shows a tree with most of its branches cut off and a man in a suit sawing of the branch he is standing on." class="css-122y91a"/>Paul HockenosHow to Stop the Biggest Threat to Europe’s Green Transition4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/opinion/sickle-cell-therapy-fda.html
Title: The OpinionsAudioA Brutal Disease, Gene Therapy and a Chance to Undo Past Wrongs11 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/rich-nations-climate-change-summit.html
Title: Erle C. Ellis1.5 Degrees Is Not the Problem5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/jetblue-spirit-airlines-merger.html
Title: Tim WuThe Bigger Airlines Get, the Worse They Become5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/desantis-newsom-oconnor-kissinger.html
Title: Gail Collins and Bret StephensThere Are Politicians Who Lie More Than Is Strictly Necessary7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/oren-cass-republicans-unions.html
Title: Jane CoastonThis Conservative Likes It When J.D. Vance and Elizabeth Warren Work Together11 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/republicans-abortion-pro-life.html
Title: Liz MairRepublicans Are Finding Out That ‘Pro-Life’ Means a Lot of Things to a Lot of People5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/bloomberg-businessweek-print-journalism.html
Title: Peter CoyWho Ever Said Magazines Need to Be Ink on Paper?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/opinion/seasons-nature-winter.html
Title: Margaret RenklLove Letter to a Season I Never Loved When I Was Young4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/briefing/how-trump-would-govern.html
Title: <img src="https://static01.nyt.com/images/2022/03/15/multimedia/the-morning-icon/the-morning-icon-square320.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A dark yellow circle against a light yellow background with the words "The Morning" written in black on the top left." class="css-122y91a"/>The MorningDonald Trump is telling the country what he intends to do if he returns to the White House. It’s worth listening, David Leonhardt writes.8 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/podcasts/the-daily/the-blurry-line-between-rap-star-and-crime-boss.html
Title: Listen to the full episode

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/world/africa/nigeria-strike-civilians.html
Title: Nigeria’s President Calls for Inquiry After Military Strike Kills at Least 85 CiviliansMany of the victims were women and children gathered for a religious celebration. President Bola Ahmed Tinubu described the attack as a “bombing mishap.”3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/world/europe/boris-johnson-uk-covid-inquiry.html
Title: Did Boris Johnson Take Covid Seriously Enough?That is among the questions that Britain’s former prime minister is likely to face when he testifies on Wednesday before an official inquiry into the pandemic.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/us/math-scores-pandemic-pisa.html
Title: Math Scores Dropped Globally, but the U.S. Still Trails Other CountriesIn an exam for 15-year-olds, only a handful of places, including Singapore, Japan and Australia, kept math performance high through the pandemic.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/us/aging-undocumented-farmworkers.html
Title: Adam Perez for The New York Times‘I Feel Like Stopping, but How Can I?’Immigrants who worked decades on U.S. farms are reaching retirement age in a country that offers them neither Medicare nor Social Security.8 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/business/bitcoin-price-etf.html
Title: Bitcoin Soars on Hopes of Investment Fund Approval2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/business/dealbook/supreme-court-income-tax-code.html
Title: Arguments to Begin in Supreme Court Case That Could Rewrite U.S. Tax Code8 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/world/asia/rohingya-refugees-boat-thailand-indonesia.html
Title: U.N. Says Hundreds of Refugees Are Adrift in Andaman Sea3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/world/europe/olive-oil-fraud-italy-spain.html
Title: 68,000 Gallons of ‘Unfit’ Olive Oil Seized by Italy and Spain3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/us/diplomat-cuba-foreign-agent-rocha.html
Title: Retired U.S. Diplomat Accused of Working as a Secret Agent for Cuba7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/us/tyler-goodson-dead-s-town-podcast.html
Title: Tyler Goodson of ‘S-Town’ Podcast Is Shot Dead in Police Standoff2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/01/travel/hot-air-balloon-festivals-chase-crew.html
Title: Andrew Jogi for The New York TimesWhere Hundreds of Hot Air Balloons Fill the SkyMillions of visitors flock to about 200 balloon festivals across the U.S. each year. But some travelers want to do more than just watch.8 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/theater/alicia-keys-musical-hells-kitchen-broadway.html
Title: Alicia Keys’s ‘Hell’s Kitchen’ to Open on Broadway This SpringThe musical will transfer to the Shubert Theater in March.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/04/theater/walk-on-through-review-gavin-creel.html
Title: Theater ReviewDispatches From a Museum NoviceA new musical about visiting a museum sticks too close to the surface.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/05/arts/television/late-night-george-santos.html
Title: Late Night Jokes About George SantosCharlamagne Tha God said the lawmaker shouldn’t have been expelled.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/02/arts/television/christina-hendricks-buccaneers.html
Title: What Beauty Means to Christina HendricksThe actress’s new series “The Buccaneers” suits her vintage proclivities.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/connections-companion
Title: Connections CompanionIn case you need some puzzle help.<img src="https://static01.nyt.com/images/2023/10/19/crosswords/19connections-column-133/19connections-column-133-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person giving a figure a thumbs up." class="css-122y91a"/>

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/cookie-policy#how-do-i-manage-trackers
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/international/
Title: International

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription?campaignId=37WXW
Title: Subscriptions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1701789169667&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F77.232.142.73.sslip.io%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1701789169667&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F77.232.142.73.sslip.io%2F&c9=

Request Chain 135

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F

Request Chain 179

https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

Request Chain 189

https://nytimes-d.openx.net/w/1.0/pd HTTP 302
https://nytimes-d.openx.net/w/1.0/pd?cc=1

Request Chain 190

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=4bf46c6b-d4b0-426a-b027-3dbe721f856b&dongle=0cfd&gdpr=0&gdpr_consent=

197 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
77.232.142.73.sslip.io/ 1 MB
254 KB 701ms
250ms Document
text/html 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

4d06930b4d241cd67ed6a876b4882fba116942de3f5895dbee2507f229b00f98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 25
cache-control: s-maxage=30,no-cache
content-encoding: gzip
content-length: 257894
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 15:12:49 GMT
last-modified: Tue, 05 Dec 2023 15:12:19 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
server: nginx/1.24.0
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 663e79179b5c48b69c80d44c7210af27
x-cache: HIT, HIT
x-cache-hits: 7, 1
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Tue, 05 Dec 2023 15:12:19 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: homepage
x-origin-time: 2023-12-05 15:12:34 UTC
x-pagetype: vi-homepage
x-served-by: cache-lga13621-LGA, cache-bma1660-BMA
x-timer: S1701789168.672371,VS0,VE3
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 100ms
32ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:13 GMT
date: Tue, 05 Dec 2023 15:12:47 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1840668
x-guploader-uploadid: ADPycduGY6M3wNYHV6UpueyfnsXJLOxiOAQwp3106DL_EFazhtPLZl2SiGLw-MEdlW4L8uCNG3OcGvr0KYfUUjnOG146xEM6rVi6
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-mia-kmia1760077-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1701789168.886223,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 427

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
77.232.142.73.sslip.io/vi-assets/static-assets/ 6 KB
3 KB 668ms
667ms Stylesheet
text/css 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 4663368
x-guploader-uploadid: ADPycdtT8A2My1eFabvPJ8UDG2trazMx3Gqmq7hl5MbURlZIm5NpdW8br7KUc_TtEaNvJy4XIP0Bs4KxljBsMEVZYidAGuu1bdFb
x-goog-stored-content-encoding: identity
x-origin-time: 2022-10-12 15:49:58 UTC
x-served-by: cache-bma1636-BMA
x-timer: S1701789168.923491,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1664582227629512
content-type: text/css; charset=utf-8
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2410
expires: Thu, 12 Oct 2023 15:49:58 GMT
date: Tue, 05 Dec 2023 15:12:49 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Wed, 12 Oct 2022 15:40:50 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
50 KB 169ms
55ms Script
application/javascript 13.32.195.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.195.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-195-219.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:07 GMT
content-encoding: gzip
via: 1.1 f63a9bb4aae02f02eec90d4f5c360d60.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C1
age: 42
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: sHnkOBPtw1ydb4P7FSKOAC1-AnkIoQXIA8YuDeq99FVBUaVyer1eHg==

GET
H2 200 adslot-c02e009c82341062ec30.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 22 KB
9 KB 346ms
346ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/adslot-c02e009c82341062ec30.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

559bdd296b5fed626f9dc30c00e521cd4615ad6ecd4fee7c44aeefc811f26cfa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 70281
x-guploader-uploadid: ABPtcPrWMpzmcAkWhDbhrjQnZN6497I6_DB-sF2I9Nfm1f0X_58baU5yYdUUcT3F69iD_hKP5PA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-04 19:41:26 UTC
x-served-by: cache-bma1647-BMA
x-timer: S1701789168.242351,VS0,VE1
etag: "078400628199a3340ce1953af112096e"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701718880108418
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-c02e009c82341062ec30.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 735
expires: Tue, 03 Dec 2024 19:41:26 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7940
last-modified: Mon, 04 Dec 2023 19:41:20 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=BSGVAA==, md5=B4QAYoGZozQM4ZU68RIJbg==
x-gdpr: 1
x-goog-stored-content-length: 22998
accept-ranges: bytes

GET
H2 200 icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 986 B
2 KB 304ms
304ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3738206
x-guploader-uploadid: ABPtcPqY9r621euK4vyyHKFwFlCw5wc31Zn7R7PqgwyEPp_yKwGTQURAbNHFqR2JF3Pi5pLD4f5Xjz2cY05-vNhpdkYDBtHuo0oj
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 08:49:22 UTC
x-served-by: cache-bma1625-BMA
x-timer: S1701789168.305030,VS0,VE1
etag: "bfcd0980517659122c43c38b3e4e9a02"
vary: Fastly-SSL
x-goog-generation: 1697824576840319
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9801
expires: Tue, 22 Oct 2024 08:49:22 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 986
last-modified: Fri, 20 Oct 2023 17:56:16 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=chcsKA==, md5=v80JgFF2WRIsQ8OLPk6aAg==
x-gdpr: 1
x-goog-stored-content-length: 986
accept-ranges: bytes

GET
H2 200 icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 696 B
2 KB 302ms
301ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4831474
x-guploader-uploadid: ADPycdtc8J7PWPw2bQDnK1xH06aVyK6cfq9RkY6N68tvIDxadCLn8SjyOoCQGfE3ynIiCZukukF6m8eLzC4-e9Ts14zGFw2epXqB
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 17:08:14 UTC
x-served-by: cache-bma1625-BMA
x-timer: S1701789168.300380,VS0,VE1
etag: "2437584c92e9c7204837b9eb1745bc86"
vary: Fastly-SSL
x-goog-generation: 1696945092375919
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9755
expires: Wed, 09 Oct 2024 17:08:14 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 696
last-modified: Tue, 10 Oct 2023 13:38:12 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=hF6+VA==, md5=JDdYTJLpxyBIN7nrF0W8hg==
x-gdpr: 1
x-goog-stored-content-length: 696
accept-ranges: bytes

GET
H2 200 the-daily-album-art-square320-v5.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/ 4 KB
4 KB 63ms
27ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-square320-v5.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 22 Sep 2023 10:43:28 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 549249
x-guploader-uploadid: ADPycdssSnViHSr4ZBjEhtgMu6dFrgAc8-C2R354cKLgM3ULZNHJ3dE1u3AQxepiy4nleaP1CujcJ_pxzDTw95LfoqfEH5G1LSKs
x-cache: HIT, HIT
fastly-io-info: ifsz=15986 idim=320x320 ifmt=jpeg ofsz=3614 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3614
x-served-by: cache-iad-kcgs7200066-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.533761,VS0,VE0
etag: "HnnVz93O4bK0D9Smvlwnf0lv96YmNmLNlX7IWtdXh7Q"
vary: Accept
x-goog-generation: 1688068264438165
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=JiXB7Q==, md5=PfDXw6toN2ZQvpOKxIlHug==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 15986
x-amz-checksum-crc32c: JiXB7Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 197, 172

GET
H2 200 the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/ 5 KB
6 KB 64ms
30ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 07:17:37 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 535039
x-guploader-uploadid: ADPycdtHTcE6oJpJUyUJnS6FTqtIPAzmrvyHf2ozzBd7EyI2NabnUMlD_D4MBVpxerg89VPOoGGvALuUGSQuPelDzTjXtQ
x-cache: HIT, HIT
fastly-io-info: ifsz=13823 idim=150x150 ifmt=jpeg ofsz=5314 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5314
x-served-by: cache-iad-kiad7000132-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.534254,VS0,VE0
etag: "hoyyH5q1+NTFT41vUc5DQY1n5mPXI75JtPWFn4Jaf4Q"
vary: Accept
x-goog-generation: 1688683994203172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13823
x-amz-checksum-crc32c: 10HhSg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41, 172

GET
H2 200 icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 676 B
2 KB 243ms
228ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4254736
x-guploader-uploadid: ADPycds5u4BSUy9Ab4WKSfA2zBm_SuY3nG20nDbhllUQ4jRci-0vDfx6mpRUcEVWOaYNDL0XRgkEKBSf3ycjVIHBFjC9aZrFsH7d
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-17 09:20:32 UTC
x-served-by: cache-bma1650-BMA
x-timer: S1701789169.641137,VS0,VE1
etag: "07aebeb8fa8f52b4cc27a52f35fbb07e"
vary: Fastly-SSL
x-goog-generation: 1697228498316990
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5205
expires: Wed, 16 Oct 2024 09:20:32 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 676
last-modified: Fri, 13 Oct 2023 20:21:38 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=VLRZ1Q==, md5=B66+uPqPUrTMJ6UvNfuwfg==
x-gdpr: 1
x-goog-stored-content-length: 676
accept-ranges: bytes

GET
H2 200 icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 1 KB
3 KB 239ms
224ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4608604
x-guploader-uploadid: ADPycdvEqxCU13mbserBgRODwxzFJnt6RKgup9ILxpLfV7VRCbwWe0N-0coCqUK6sUrvFk0JYVHBTB5r43DapndTibmifbI401Hf
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-13 07:02:45 UTC
x-served-by: cache-bma1673-BMA
x-timer: S1701789169.640586,VS0,VE1
etag: "c00e7e36e294d9f8e173eb4405f1af3a"
vary: Fastly-SSL
x-goog-generation: 1697138730274704
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9215
expires: Sat, 12 Oct 2024 07:02:45 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1336
last-modified: Thu, 12 Oct 2023 19:25:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=5qx58A==, md5=wA5+NuKU2fjhc+tEBfGvOg==
x-gdpr: 1
x-goog-stored-content-length: 1336
accept-ranges: bytes

GET
H2 200 icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 862 B
2 KB 234ms
219ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4254737
x-guploader-uploadid: ABPtcPpkHN4_idUl24LvPP_TRHj8qxEIs9Nn83aZpBsCyEQ1lJCeb30kNXb2bwvtxrV5sYR0d87BdlZSFgntJ-7mgvufiNnWpHVG
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-17 09:20:32 UTC
x-served-by: cache-bma1675-BMA
x-timer: S1701789169.640456,VS0,VE1
etag: "ac88f362d87d31af374e54b4f1bdc6e3"
vary: Fastly-SSL
x-goog-generation: 1697228498252591
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7443
expires: Wed, 16 Oct 2024 09:20:32 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 862
last-modified: Fri, 13 Oct 2023 20:21:38 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=4mYSIg==, md5=rIjzYth9Ma83TlS08b3G4w==
x-gdpr: 1
x-goog-stored-content-length: 862
accept-ranges: bytes

GET
H2 200 icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 860 B
2 KB 240ms
226ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4657336
x-guploader-uploadid: ADPycdsFVu_OeHgNY7mMwxR_PKo8-MScVnKQB7V4VdoOjtWgi_-WwplUIZPl0xvxuYnsODPNw8brGlxsT-QlCrpSJiwXimJQ5chQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-12 17:30:32 UTC
x-served-by: cache-bma1676-BMA
x-timer: S1701789169.640024,VS0,VE1
etag: "98ffc313a69bea78c5a4ffb0cd8bf09e"
vary: Fastly-SSL
x-goog-generation: 1697123475128893
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1321
expires: Fri, 11 Oct 2024 17:30:32 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 860
last-modified: Thu, 12 Oct 2023 15:11:15 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=IvjhWA==, md5=mP/DE6ab6njFpP+wzYvwng==
x-gdpr: 1
x-goog-stored-content-length: 860
accept-ranges: bytes

GET
H2 200 icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 652 B
2 KB 259ms
244ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3965633
x-guploader-uploadid: ADPycdtf8mFbT7_fuO-3ElaqEOsP0kezXCQ9q6rKCGQenHcReN6_7qCEYLfAjYVi5tNwLqXJxxO1FI_wcfeJuWb906XPhbkKyM6_
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-20 17:38:54 UTC
x-served-by: cache-bma1650-BMA
x-timer: S1701789169.665392,VS0,VE1
etag: "98014cde1d5d5ee7342a2bef5387c8a8"
vary: Fastly-SSL
x-goog-generation: 1697816586433196
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5200
expires: Sat, 19 Oct 2024 17:38:54 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 652
last-modified: Fri, 20 Oct 2023 15:43:06 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=/vnRlQ==, md5=mAFM3h1dXuc0KivvU4fIqA==
x-gdpr: 1
x-goog-stored-content-length: 652
accept-ranges: bytes

GET
H2 200 hard-fork-album-art-square320-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/ 116 KB
116 KB 45ms
29ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-square320-v2.png?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5ed9e9f81abee651d7645c6ae932a099ff7595eb893df2bd66306c818adf5a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 05:34:06 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300714
age: 539331
x-guploader-uploadid: ADPycdulbB1uSrQH1DH1e9iQT9pQg6UhvS1tcY0TPdJHo3hOTQS1o5jGCYT_JzoZfYiGCucP3DPcnlW046xT17NR6eRQ0g
x-cache: HIT, HIT
fastly-io-info: ifsz=171964 idim=320x320 ifmt=png ofsz=118748 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 118748
x-served-by: cache-iad-kjyo7100038-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.534241,VS0,VE0
etag: "MIre+hRw2cMgJa2uP+CeD5Zo0tG02ZYiidiRIV/6TxQ"
vary: Accept
x-goog-generation: 1666018564084320
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=rwW/FQ==, md5=QcPAglE24zD6+D1DXSLedQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 171964
x-amz-checksum-crc32c: rwW/FQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 47, 173

GET
H2 200 icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 788 B
2 KB 235ms
222ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4254736
x-guploader-uploadid: ADPycdsKJzF3MK0WCCMGWl28lYGxUyI5y4qX6NwHk3voewF8HdXz1enArk7mUHqILbqWJmKZSmz7Kw879MfvhNqdlsIs8JTsSbS1
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-17 09:20:32 UTC
x-served-by: cache-bma1664-BMA
x-timer: S1701789169.641243,VS0,VE1
etag: "0167446aebebfe34aa60d544d95c5818"
vary: Fastly-SSL
x-goog-generation: 1697228498344143
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1588
expires: Wed, 16 Oct 2024 09:20:32 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 788
last-modified: Fri, 13 Oct 2023 20:21:38 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=z6+8Rg==, md5=AWdEauvr/jSqYNVE2VxYGA==
x-gdpr: 1
x-goog-stored-content-length: 788
accept-ranges: bytes

GET
H2 200 icon-watching-0fa860946d704b26aae6f0a562f26011.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 534 B
2 KB 245ms
232ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4094202
x-guploader-uploadid: ADPycdu99exmX6b2KpSjfBRPYHY46_Q_z1HDDntQfdrNYT3v7ANtYqJkWO8c1FFiS2RsmMxBVleP1ZnuufhETfPoK3fIUOv_F8lJ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-19 05:56:06 UTC
x-served-by: cache-bma1642-BMA
x-timer: S1701789169.640433,VS0,VE1
etag: "9237616fe80765aedc1571c6438498bc"
vary: Fastly-SSL
x-goog-generation: 1697564864273918
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5099
expires: Fri, 18 Oct 2024 05:56:06 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 534
last-modified: Tue, 17 Oct 2023 17:47:44 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=UOL/EA==, md5=kjdhb+gHZa7cFXHGQ4SYvA==
x-gdpr: 1
x-goog-stored-content-length: 534
accept-ranges: bytes

GET
H2 200 book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/ 3 KB
3 KB 72ms
57ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 29 Sep 2023 21:16:14 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 5241
x-guploader-uploadid: ADPycdvdOQm1ToirjyzLJ1brM3z2uWJQ2dL_GC6gJZW3BNzfPKodxcoM0X0i6yKOul2ZmjTZhEXJOjz2i7DcclbBSGa3MA
x-cache: HIT, HIT
fastly-io-info: ifsz=10250 idim=150x150 ifmt=jpeg ofsz=2772 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2772
x-served-by: cache-iad-kjyo7100097-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.534230,VS0,VE0
etag: "f6YZ2ZJovRqmFs0MIuaEVzpH2+CtkFFBiLmf31seml4"
vary: Accept
x-goog-generation: 1662891747534151
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10250
x-amz-checksum-crc32c: EsOybg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 97, 80

GET
H2 200 music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/ 4 KB
4 KB 45ms
30ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 16:00:57 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300701
age: 95170
x-guploader-uploadid: ADPycdt8GLzOK2GA-IX_ZuZPrjYsWk_7iJzaF1bRZysGkxzR67iJrwH3T01KlbrUrDKZ87h5mxJ_z1U3NdBU81wR4hJ1lQ
x-cache: HIT, HIT
fastly-io-info: ifsz=24419 idim=150x150 ifmt=jpeg ofsz=3828 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3828
x-served-by: cache-iad-kiad7000117-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.534241,VS0,VE0
etag: "qr3LW0rNOUvnYKyDbm09gWnw94oFzi+G4wvyjqveNos"
vary: Accept
x-goog-generation: 1538741982829422
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 24419
x-amz-checksum-crc32c: VUkWbw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 70, 197

GET
H2 200 icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 1 KB
3 KB 245ms
233ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3066250
x-guploader-uploadid: ABPtcPpPjpt-tIAIjgfF9Se7LtFKcgldXhRj23PsO9j30QBYZE2wSzWWvw9lKVrtSxQj2O7V8VFPLFsFJA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-31 03:28:38 UTC
x-served-by: cache-bma1675-BMA
x-timer: S1701789169.648041,VS0,VE1
etag: "425dea063366376915979217fff73e16"
vary: Fastly-SSL
x-goog-generation: 1698713838100408
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7440
expires: Wed, 30 Oct 2024 03:28:37 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1286
last-modified: Tue, 31 Oct 2023 00:57:18 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=kvn+Sw==, md5=Ql3qBjNmN2kVl5IX//c+Fg==
x-gdpr: 1
x-goog-stored-content-length: 1286
accept-ranges: bytes

GET
H2 200 icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 1 KB
2 KB 286ms
274ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 5112887
x-guploader-uploadid: ADPycduH-uas3GYCrV6soWrapPUSYSUWIopqGDo16PcwTzbLJt35gDMLeoXf6LJZODL9nPlBC9ZiIXUfIGhZXdd73PN7hJsCYmRJ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-07 10:58:02 UTC
x-served-by: cache-bma1622-BMA
x-timer: S1701789169.691464,VS0,VE1
etag: "681a68b635f1dde16fd3ded972ee2c5e"
vary: Fastly-SSL
x-goog-generation: 1696611983253374
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5220
expires: Sun, 06 Oct 2024 10:58:02 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1160
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=Ay99EQ==, md5=aBpotjXx3eFv097Zcu4sXg==
x-gdpr: 1
x-goog-stored-content-length: 1160
accept-ranges: bytes

GET
H2 200 modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/ 4 KB
5 KB 44ms
30ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 13 Sep 2023 08:39:00 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 15239
x-guploader-uploadid: ADPycdt0XxgLthW-lZusqwlATkcSRIv3_Foir_nooE-41Aj9CfXpw6sooNFUEKbC1E3nqdM3EF1EfkJPaAHLz0c5XCtAEBsey_xl
x-cache: HIT, HIT
fastly-io-info: ifsz=11068 idim=150x150 ifmt=jpeg ofsz=4084 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4084
x-served-by: cache-iad-kcgs7200165-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.534202,VS0,VE0
etag: "m/kFRv2O1tFCo0C85yLpe5fDFs//5pFoSBOWMgnJf9E"
vary: Accept
x-goog-generation: 1665608966820623
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11068
x-amz-checksum-crc32c: BQuLtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15517, 133

GET
H2 200 matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/ 4 KB
5 KB 57ms
56ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 15:32:50 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300710
age: 82386
x-guploader-uploadid: ADPycdt0TrNqndBEgkmC118TvA85g415qMWEAee92mC0Bcva_u9DBgWVzdZgq8SIX8GJuvMvlfmIJIZaC4IYtgW7H_q0ZA
x-cache: HIT, HIT
fastly-io-info: ifsz=12674 idim=150x150 ifmt=jpeg ofsz=4132 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4132
x-served-by: cache-iad-kiad7000079-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.565406,VS0,VE0
etag: "yoekWzapvzDgK5g1tJpvXR4Q3abo6OZMw027E8Ag3Fo"
vary: Accept
x-goog-generation: 1685027532007855
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 12674
x-amz-checksum-crc32c: cBstdQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 74, 208

GET
H2 200 ezra-klein-album-art-square320-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ 9 KB
9 KB 57ms
57ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-square320-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 25 Sep 2023 16:12:19 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 531673
x-guploader-uploadid: ADPycdtXVDTP8QzGERPZi4CW1c_L9U1YZn0yIJJIey62gH3MRboydnhdyrf0uT-gfnZcxRQKATzHyiFEH0n014jmxHC0bQ
x-cache: HIT, HIT
fastly-io-info: ifsz=26546 idim=320x320 ifmt=jpeg ofsz=9114 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 9114
x-served-by: cache-iad-kiad7000062-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.565556,VS0,VE0
etag: "I8CFstK+e/z6clnl3bXOFjL81AzI4rEnG10lPXiE8TY"
vary: Accept
x-goog-generation: 1635784873905458
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=bgL3XA==, md5=gRKhpC1X4GNr6vjxBbhc7g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26546
x-amz-checksum-crc32c: bgL3XA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 247, 171

GET
H2 200 headlines-albumartwork-audioapp-2-thumbLarge.png
static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/ 13 KB
13 KB 60ms
59ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/headlines-albumartwork-audioapp-2-thumbLarge.png?quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 14:00:23 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 349943
x-guploader-uploadid: ADPycdvcZw_RvVMFlkZc-xVGK9Qm1jixjRMOF1OZQTuJz-ns8UHD7U3fmD1ap8dkm3WKHbSW9KRYqouno2vTFey4_12ZycrQY02c
x-cache: HIT, HIT
fastly-io-info: ifsz=20844 idim=150x150 ifmt=png ofsz=12952 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12952
x-served-by: cache-iad-kcgs7200036-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.573191,VS0,VE0
etag: "LbFwq71cDcti1tLA50q2p9CsL0R7Xg7ULZY6QK7bdcY"
vary: Accept
x-goog-generation: 1680812038156789
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5MfQCw==, md5=qqLRi3ewu5a5crO4pskKzg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 20844
x-amz-checksum-crc32c: 5MfQCw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28, 174

GET
H2 200 icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 KB
3 KB 241ms
230ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3463573
x-guploader-uploadid: ABPtcPrP4elybNeSvGnQN1ObIvFJ5c1i0CGUeioS78e2orNVtPepZbFzJ66y1_qciz5P2W7FbV8HrwGHSH8_7OTkK82Uo0doEGkF
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-26 13:06:35 UTC
x-served-by: cache-bma1660-BMA
x-timer: S1701789169.640965,VS0,VE1
etag: "28bc2710ecd2b1d5d9556b8ae390a943"
vary: Fastly-SSL
x-goog-generation: 1698324737243390
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1613
expires: Fri, 25 Oct 2024 13:06:35 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1954
last-modified: Thu, 26 Oct 2023 12:52:17 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=XaQJPw==, md5=KLwnEOzSsdXZVWuK45CpQw==
x-gdpr: 1
x-goog-stored-content-length: 1954
accept-ranges: bytes

GET
H2 200 icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 448 B
2 KB 434ms
423ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3711168
x-guploader-uploadid: ABPtcPrMvEGmJykEhOjSGcq-PoF6KnJNJVVB8-KzydJ1Nt8JRV7fvarNRmwui83m2X9s0miaQj7XgI0JhXpcLFr1uDWlNJsa37RR
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:20:00 UTC
x-served-by: cache-bma1630-BMA
x-timer: S1701789169.823793,VS0,VE1
etag: "519c1a44c1767defa217a278d164b36c"
vary: Fastly-SSL
x-goog-generation: 1698077567247330
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5514
expires: Tue, 22 Oct 2024 16:20:00 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 448
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=CbwOcA==, md5=UZwaRMF2fe+iF6J40WSzbA==
x-gdpr: 1
x-goog-stored-content-length: 448
accept-ranges: bytes

GET
H2 200 icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 424 B
2 KB 449ms
438ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3711168
x-guploader-uploadid: ABPtcPodcYzzkAuH8wCeBhG-iVefNhrBJ82jIanJ-qSdT9GZpM1wNzXmUv1dOQTJvev7M5b4Dud6oMAhURj_ICbxfPUwVuiDFJ_d
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:20:00 UTC
x-served-by: cache-bma1661-BMA
x-timer: S1701789169.831019,VS0,VE1
etag: "ca44229b7404d9077baf5bd2f0fcebb0"
vary: Fastly-SSL
x-goog-generation: 1698077567160430
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9826
expires: Tue, 22 Oct 2024 16:20:00 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 424
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=m+UYtg==, md5=ykQim3QE2Qd7r1vS8PzrsA==
x-gdpr: 1
x-goog-stored-content-length: 424
accept-ranges: bytes

GET
H2 200 icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 516 B
2 KB 447ms
437ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4795794
x-guploader-uploadid: ADPycduULI6MfSOaVjoDY98B8GX2Jc2X4G00hRc9uYQ9nZ57CQsg_VxqaUuFynGI-8QpCZjYsTnCVp_NnS1HMLYyDTqs
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 03:02:53 UTC
x-served-by: cache-bma1631-BMA
x-timer: S1701789169.830278,VS0,VE1
etag: "8fb0705de15ee3fb853d82b64fc3fbfa"
vary: Fastly-SSL
x-goog-generation: 1696973945025390
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7179
expires: Thu, 10 Oct 2024 03:02:53 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 516
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=6krs5Q==, md5=j7BwXeFe4/uFPYK2T8P7+g==
x-gdpr: 1
x-goog-stored-content-length: 516
accept-ranges: bytes

GET
H2 200 icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 748 B
2 KB 443ms
433ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4254736
x-guploader-uploadid: ABPtcPqlyMrO9cYziRR3ATWvYquU17Lh5FDwATRx_LLtUCIPvz1aUb-IqnfGLic-g4_fCf27btuAowMe1Gsy6JX9aQF3pDIGzkwl
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-17 09:20:32 UTC
x-served-by: cache-bma1665-BMA
x-timer: S1701789169.831038,VS0,VE1
etag: "9894fb012dcd739cdcecf1bc31d507a4"
vary: Fastly-SSL
x-goog-generation: 1697228498300856
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9330
expires: Wed, 16 Oct 2024 09:20:32 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 748
last-modified: Fri, 13 Oct 2023 20:21:38 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=PJBKmg==, md5=mJT7AS3Nc5zc7PG8MdUHpA==
x-gdpr: 1
x-goog-stored-content-length: 748
accept-ranges: bytes

GET
H2 200 icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 KB
3 KB 410ms
400ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3738205
x-guploader-uploadid: ABPtcPoCPthAW7_dUue1js47Qi2XVCkjV_lMwLM0oKpeW885Z61ChMfJAZS45ZtWWxN_POqmVTTNFsiyr5SHBlilRO90QRuX-Jj4
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 08:49:23 UTC
x-served-by: cache-bma1675-BMA
x-timer: S1701789169.821757,VS0,VE1
etag: "75dce34b2cab91f7347cbe697eaec668"
vary: Fastly-SSL
x-goog-generation: 1697824576837157
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7468
expires: Tue, 22 Oct 2024 08:49:22 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 2122
last-modified: Fri, 20 Oct 2023 17:56:16 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=ORbazQ==, md5=ddzjSyyrkfc0fL5pfq7GaA==
x-gdpr: 1
x-goog-stored-content-length: 2122
accept-ranges: bytes

GET
H2 200 icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 1 KB
3 KB 417ms
408ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3732636
x-guploader-uploadid: ABPtcPquifqGAzpWak2Vi-Djwb-GY9TmbLNIANH7bLa-tLrbv166dhJ9Sg0un58cBd5CB1Lb22trir7oggYFMmfyUazT9avkK91W
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 10:22:13 UTC
x-served-by: cache-bma1679-BMA
x-timer: S1701789169.821058,VS0,VE1
etag: "2b654162f60dd23c00417299cce80666"
vary: Fastly-SSL
x-goog-generation: 1697824576766841
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7193
expires: Tue, 22 Oct 2024 10:22:13 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1486
last-modified: Fri, 20 Oct 2023 17:56:16 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=125xEQ==, md5=K2VBYvYN0jwAQXKZzOgGZg==
x-gdpr: 1
x-goog-stored-content-length: 1486
accept-ranges: bytes

GET
H2 200 icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 480 B
2 KB 413ms
404ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4254736
x-guploader-uploadid: ABPtcPrsplSezLxec8VF2jvhNZZWaRjUMgVrWbQcCREUkrsRf9zST_pWmXryr1AiE_oxfOvjF4IcBxhzl_nS-J38CaLTiugpfQz1
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-17 09:20:32 UTC
x-served-by: cache-bma1632-BMA
x-timer: S1701789169.821511,VS0,VE1
etag: "31e3b5a35faa43e94c8692daca44339a"
vary: Fastly-SSL
x-goog-generation: 1697228498364920
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1564
expires: Wed, 16 Oct 2024 09:20:32 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 480
last-modified: Fri, 13 Oct 2023 20:21:38 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=qzwDhg==, md5=MeO1o1+qQ+lMhpLaykQzmg==
x-gdpr: 1
x-goog-stored-content-length: 480
accept-ranges: bytes

GET
H2 200 icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 1 KB
3 KB 427ms
418ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3799575
x-guploader-uploadid: ABPtcPqvBW4LwtDnSQC_dINhYRD5qiqc_sUanH2UU0WCFMan8yFiMctR_5M56b-x9xn6r64NJbh_Q5AYZ_6mY1ZNVGuhQWMhI4qw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-22 15:46:34 UTC
x-served-by: cache-bma1642-BMA
x-timer: S1701789169.822479,VS0,VE1
etag: "1d11a29b40906c218d08fd261c621573"
vary: Fastly-SSL
x-goog-generation: 1697824576764946
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5194
expires: Mon, 21 Oct 2024 15:46:34 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1314
last-modified: Fri, 20 Oct 2023 17:56:16 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=dd5g7A==, md5=HRGim0CQbCGNCP0mHGIVcw==
x-gdpr: 1
x-goog-stored-content-length: 1314
accept-ranges: bytes

GET
H2 200 icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 KB
3 KB 445ms
436ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4188328
x-guploader-uploadid: ADPycds9G99B-P0d-UqWfBeCEwjIo5J704MApH2lWLN-abAajAdB2Sj5wB6lT4YGL_KgPxV_Ug6Zvmqnscgx46qIllntHeinJslZ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-18 03:47:20 UTC
x-served-by: cache-bma1635-BMA
x-timer: S1701789169.830823,VS0,VE1
etag: "8b7a3436254e062758ee1da7e31172ca"
vary: Fastly-SSL
x-goog-generation: 1697564864088422
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7354
expires: Thu, 17 Oct 2024 03:47:19 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1686
last-modified: Tue, 17 Oct 2023 17:47:44 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=IKGGXA==, md5=i3o0NiVOBidY7h2n4xFyyg==
x-gdpr: 1
x-goog-stored-content-length: 1686
accept-ranges: bytes

GET
H2 200 icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 KB
3 KB 433ms
424ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4795795
x-guploader-uploadid: ADPycdtZO5aTPTR4QgakilCGgIuvRqAz6abPn9JnxM3fzit8yIDj-qWYJjSxzuqBjXKxYga_1mNJhMPJjWnb2--5sbH6cIxoybIX
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 03:02:53 UTC
x-served-by: cache-bma1633-BMA
x-timer: S1701789169.826657,VS0,VE1
etag: "cbf08c4ea3747245058f541d8fd30518"
vary: Fastly-SSL
x-goog-generation: 1696973944946222
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9672
expires: Thu, 10 Oct 2024 03:02:53 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1810
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=DU5MYg==, md5=y/CMTqN0ckUFj1Qdj9MFGA==
x-gdpr: 1
x-goog-stored-content-length: 1810
accept-ranges: bytes

GET
H2 200 icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 KB
3 KB 410ms
402ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 4785573
x-guploader-uploadid: ADPycdsFOb6WYC6drIDgRMNXt5ISy8KwUzfYVGJiwbTYifS4IN1tywBkFgpeGQ683cl6lAqptNfYCSilhFbFEPlyo0CEikfdvlcz
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 05:53:16 UTC
x-served-by: cache-bma1674-BMA
x-timer: S1701789169.821948,VS0,VE1
etag: "6da573b90ea5519ac60ae64a15664824"
vary: Fastly-SSL
x-goog-generation: 1696973944936478
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5511
expires: Thu, 10 Oct 2024 05:53:16 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 2074
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=JIYI5Q==, md5=baVzuQ6lUZrGCuZKFWZIJA==
x-gdpr: 1
x-goog-stored-content-length: 2074
accept-ranges: bytes

GET
H2 200 icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 KB
3 KB 417ms
409ms Image
image/webp 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3732635
x-guploader-uploadid: ABPtcPpTiWqlIkzJRe4BcES4JqfYfobdRK9z8anP8ySVNSmq8pO92HEIAVOWX7Ufg6NBTsLS-7Ea6kiSYDi2-P-nZmFcRuRzhUvn
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 10:22:13 UTC
x-served-by: cache-bma1678-BMA
x-timer: S1701789169.822475,VS0,VE1
etag: "b7137a8997feaa89747ffa6457a58125"
vary: Fastly-SSL
x-goog-generation: 1697824576640953
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5241
expires: Tue, 22 Oct 2024 10:22:13 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1800
last-modified: Fri, 20 Oct 2023 17:56:16 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=iEBX8g==, md5=txN6iZf+qol0f/pkV6WBJQ==
x-gdpr: 1
x-goog-stored-content-length: 1800
accept-ranges: bytes

GET
H2 200 author-Santul-Nerkar-thumbStandard.png
static01.nyt.com/images/2023/06/14/reader-center/author-Santul-Nerkar/ 4 KB
5 KB 59ms
59ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/06/14/reader-center/author-Santul-Nerkar/author-Santul-Nerkar-thumbStandard.png?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bd71ef9bedc8ad126f7ed97ace050e90cf77d155be8c01e5f0b4f2c918fd6c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 23:39:55 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300712
age: 486898
x-guploader-uploadid: ABPtcPq1awioTtqxTbyV2GswVL9UX3-zcPh1dAQMyDmnkzKggaowDTGnt0G877JWYB-GuD0w8zk
x-cache: HIT, HIT
fastly-io-info: ifsz=8310 idim=75x75 ifmt=png ofsz=4206 odim=75x75 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4206
x-served-by: cache-iad-kcgs7200167-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.573515,VS0,VE0
etag: "Th05D++FQarzE0v0j0UhARKbAx4lpDyLbzR/BuIQWDA"
vary: Accept
x-goog-generation: 1686795219379800
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VGiZPQ==, md5=IhFYdRwps7M6/PhC4ycnhg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 8310
x-amz-checksum-crc32c: VGiZPQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 842

GET
H2 200 00tech-AI-mediumSquare149.jpg
static01.nyt.com/images/2023/11/21/business/00tech-AI/ 3 KB
4 KB 37ms
37ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/21/business/00tech-AI/00tech-AI-mediumSquare149.jpg?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3c3c13194c6c71c88caa744e75cb7b41614b36b1faf204205f32509b989be0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 01:28:24 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300713
age: 49463
x-guploader-uploadid: ABPtcPpygiTk6SorUMMpm-zXEtczukvh5TTeZ3Ycgg3DLyYj8BrQKuJSI-dmfhktZgTwMb4UyOY
x-cache: HIT, HIT
fastly-io-info: ifsz=11099 idim=149x149 ifmt=jpeg ofsz=3434 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3434
x-served-by: cache-iad-kiad7000177-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.614752,VS0,VE0
etag: "Ui15tZKDw+TiBZDywSHMia5RnxhtwKzDgE3xYdrzP14"
vary: Accept
x-goog-generation: 1701597620378292
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=tKOctQ==, md5=5t3hmOrW1FS66NtPzBP9Ow==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11099
x-amz-checksum-crc32c: tKOctQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 798

GET
H2 200 00tech-ai-03-mediumSquare149.jpg
static01.nyt.com/images/2023/11/21/business/00tech-ai-03/ 5 KB
5 KB 33ms
33ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/21/business/00tech-ai-03/00tech-ai-03-mediumSquare149.jpg?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5527b3bfb6a0984124744e53c76fb535d08dcfc5456c5ca6a3e3200e2cac5934

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 12:55:26 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 8243
x-guploader-uploadid: ABPtcPrJTntEgkurTj6h9HTBHjoSewdFx-pd62I8KEGiGETKwGIW3rb_P4L9BYOma3wV2ZxjabM
x-cache: HIT, HIT
fastly-io-info: ifsz=13258 idim=149x149 ifmt=jpeg ofsz=4628 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4628
x-served-by: cache-iad-kjyo7100149-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789169.619935,VS0,VE0
etag: "RTukDTcZWua9G6PWUTiP9E4/ARPpVkFh12EQD4D8X/g"
vary: Accept
x-goog-generation: 1701763232319845
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=MwlNnA==, md5=v+Ew5i+DEv7Olx91tH76Vw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13258
x-amz-checksum-crc32c: MwlNnA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 708

GET
H2 200 burst-04e9cfe1c9788a52e0f1.js Show response
static01.nytimes.com/storylines/pilot/ 553 KB
167 KB 91ms
58ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/storylines/pilot/burst-04e9cfe1c9788a52e0f1.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

acfb49b19dcaf7ffbb9aa42fec4b76f7533a12418bd8e10e568d815dfd74a7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 11 Sep 2024 09:22:50 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2420276
x-guploader-uploadid: ADPycdvix5qqlQ9QKWkYie8edLsANiaraBLEU24ShMIdrikRiVM6PNg53nn48b45TyX-ykqlbqPlxMgO1hJytsDCLrUS
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 170754
x-served-by: cache-iad-kjyo7100095-IAD, cache-mia-kmia1760077-MIA
last-modified: Wed, 26 Apr 2023 14:48:15 GMT
server: UploadServer
x-timer: S1701789169.558417,VS0,VE0
etag: "1f05cc6300f2690ce803b455b9122d4c"
vary: Accept-Encoding
x-goog-generation: 1682520495447829
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=u8mCqQ==, md5=HwXMYwDyaQzoA7RVuRItTA==
cache-control: public,max-age=31536000
x-goog-stored-content-length: 566098
x-amz-checksum-crc32c: u8mCqQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 649406, 2

GET
H2 200 vendor-7799bfe3d9a78d57c093.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 173 KB
51 KB 439ms
433ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 665878
x-guploader-uploadid: ABPtcPrUSZLfbILjgf78DEPz_4rGildxcZXx_g9zxudnf6y2MAcdfHnmcUgtROUQ0_ptu9R5zHs
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-27 22:14:50 UTC
x-served-by: cache-bma1622-BMA
x-timer: S1701789169.831023,VS0,VE1
etag: "b5e3f2c1b76554752bb8d61689b81dc5"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701122630852416
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5346
expires: Tue, 26 Nov 2024 22:14:50 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 50434
last-modified: Mon, 27 Nov 2023 22:03:51 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=DUs3dw==, md5=tePywbdlVHUruNYWibgdxQ==
x-gdpr: 1
x-goog-stored-content-length: 176881
accept-ranges: bytes

GET
H2 200 home-3641da494d097757dd53.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 966 KB
244 KB 430ms
424ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/home-3641da494d097757dd53.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

2d3087eafbd759252555a1aadbdbec114635b61ea11b97359be3e0e3b1ee768c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 70271
x-guploader-uploadid: ABPtcPpnXhN85DeKufHukmRvbIRAS9sSgToVL5ifWI9M-rGPo-h3luSWxJWZnLHLbPtmBM0Aj1M
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-04 19:41:38 UTC
x-served-by: cache-bma1632-BMA
x-timer: S1701789169.822622,VS0,VE2
etag: "f0fa5dae6e1c65b47e46998a3e9b947e"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701718880473522
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-3641da494d097757dd53.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Tue, 03 Dec 2024 19:41:37 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 247633
last-modified: Mon, 04 Dec 2023 19:41:20 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=5MRvVw==, md5=8Ppdrm4cZbR+RpmKPpuUfg==
x-gdpr: 1
x-goog-stored-content-length: 988969
accept-ranges: bytes

GET
H2 200 desktopLogoNav-f89c11c6efe359037f8b.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 1 KB
2 KB 417ms
411ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/desktopLogoNav-f89c11c6efe359037f8b.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

d485156a3cfc8b82bb11d53cd7c7d670ff0287a88aba078e89548944128acb64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1727658
x-guploader-uploadid: ABPtcPobbV3W5O0VOAmAPORpZX_-QTzkFXH9wW68lxXgnH2MpR_RlRk731m5yxqPXps9xy1WM7dQC5I7zg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-15 15:18:30 UTC
x-served-by: cache-bma1631-BMA
x-timer: S1701789169.821398,VS0,VE1
etag: "49b87398bd6ab843ba0ce3c6fb3e11ae"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1698762252142497
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/desktopLogoNav-f89c11c6efe359037f8b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1666
expires: Thu, 14 Nov 2024 15:18:30 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 840
last-modified: Tue, 31 Oct 2023 14:24:12 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=vaD6bg==, md5=SbhzmL1quEO6DOPG+z4Rrg==
x-gdpr: 1
x-goog-stored-content-length: 1488
accept-ranges: bytes

GET
H2 200 nestedNav-e7f81f2fef7a8e746c89.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 103 KB
15 KB 409ms
404ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/nestedNav-e7f81f2fef7a8e746c89.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

33041509879c4e1f1d76b794bb49776f5e145528ee2e8bf4c862b3965a407cbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 70269
x-guploader-uploadid: ABPtcPpvTlgAUCAvOIoFREoT6DpjB0f07JsweaIoMSkUh1pC1_151eLX1cT4aPhmGINjjp_z3p8
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-04 19:41:39 UTC
x-served-by: cache-bma1668-BMA
x-timer: S1701789169.821942,VS0,VE1
etag: "b37b9087840719a01eac2defc4b0cc8b"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701718881744086
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nestedNav-e7f81f2fef7a8e746c89.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 401
expires: Tue, 03 Dec 2024 19:41:39 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13453
last-modified: Mon, 04 Dec 2023 19:41:21 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=nNkFEw==, md5=s3uQh4QHGaAerC3vxLDMiw==
x-gdpr: 1
x-goog-stored-content-length: 105648
accept-ranges: bytes

GET
H2 200 main-5bad2df7824d8ab68c7b.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 2 MB
507 KB 428ms
423ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/main-5bad2df7824d8ab68c7b.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

953192b9e145dcbca57f6ca6b4fcb6d09ddef65bfe957b4859d7ac4946381e42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 70283
x-guploader-uploadid: ABPtcPqcERjsoKMK8W0Pfl_OCMl7B8JySHD6tg6y081OKnwF84lb84J_QudLjlQJRAPzC-0iEW0
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-04 19:41:26 UTC
x-served-by: cache-bma1682-BMA
x-timer: S1701789169.822187,VS0,VE2
etag: "407bfded1413abec72ea831173567b82"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701718881772795
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-5bad2df7824d8ab68c7b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Tue, 03 Dec 2024 19:41:26 GMT
date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 517516
last-modified: Mon, 04 Dec 2023 19:41:21 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=/CaLlQ==, md5=QHv97RQTq+xy6oMRc1Z7gg==
x-gdpr: 1
x-goog-stored-content-length: 1832057
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 446 KB
121 KB 197ms
68ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16f777d742c10555e5be93a81704dab0c0f1335e0644acf7284ad63353736e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123839
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 152ms
72ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://77.232.142.73.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Tue, 05 Dec 2023 15:12:48 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: NY
x-samizdat-query-exe-id: 9d9b7dc0872af8d2
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760070-MIA
x-timer: S1701789169.587931,VS0,VE44

POST
H2 200 track
a.et.nytimes.com/ 0
0 228ms
78ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 15 KB
6 KB 197ms
57ms Script
application/javascript 2600:9000:2009:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:09:41 GMT
x-amz-version-id: 97N1XuC065XmB4DEf6HyYikKPu2vnzE3
content-encoding: br
last-modified: Sat, 30 Sep 2023 14:56:12 GMT
server: AmazonS3
via: 1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
etag: W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 188
x-amz-cf-id: vQB-6qH22XbBm0o5MiZauRSvCmhq3Iob_mNJ32hKuJl6ro19P7OQpw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 198ms
59ms Script
application/javascript 18.160.53.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.53.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-53-102.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:32:22 GMT
content-encoding: gzip
via: 1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 1c270697a065feaf9aaa711be1cb8b0c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD55-P2
age: 2427
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 485t4t119uRxgRsOohUoD9Kim_syFIc6KXDciEiGLKaGcE56abkD3w==

GET
H2 200 prebid8.1.0.js Show response
www.nytimes.com/ads/ 302 KB
97 KB 43ms
28ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.1.0.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 537823
x-guploader-uploadid: ADPycdtbDDNbklkybrAJBmhEgxn64js4gqMNIE0erR2ALsE33K1xuJTtflg-wcj4MDU0uGTmpRI54yN1HiBqQ_22jfJjvxVHzPxO
x-goog-stored-content-encoding: identity
x-origin-time: 2023-07-07 16:38:50 UTC
x-served-by: cache-mia-kmia1760077-MIA
x-timer: S1701789169.662740,VS0,VE1
etag: "69d0b1569bbd0b87116d60db3a12cd34"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1687806692468937
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-route: ads-static-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1477
expires: Fri, 07 Jul 2023 16:38:50 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 97611
last-modified: Mon, 26 Jun 2023 19:11:32 GMT
server: UploadServer
x-goog-hash: crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr: 0
x-goog-stored-content-length: 308841
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 206ms
85ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/vi-assets/static-assets/adslot-c02e009c82341062ec30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fe6938f44d003522e4c6eff862812374d77917e2d0b62e1c34d734144522e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29912
x-xss-protection: 0
server: cafe
etag: 613 / 19696 / m202311290101 / config-hash: 17949421528483783907
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:12:48 GMT

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
21 KB 83ms
28ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:14 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 4179117
x-guploader-uploadid: ADPycdvQ2tsmGwZia24nvWakIeZnee2wv1rzUt2BXERCh59TPYCEAO8j_YhUC7Tm9O6g4YhfpMMJc6RN-GAWsVjQQ9iUrw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.607563,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776265363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 42039

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 89ms
34ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:14 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2956924
x-guploader-uploadid: ADPycdu6oPoB1lrm4nrC4uTUUYNY-TofJyZlB9vtnbOiIBPE-fi_s2qGLKfRMBlk6qzPidfKWIlELGLSh8aAJjFiZPkf-A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.607767,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 42690

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 87ms
32ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 08:24:02 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2873439
x-guploader-uploadid: ADPycdva8AHR4BTfjQqdqbkHDdRGYIW8JutzIwxFNawN5LAKJSrECXu6os5oVpCFjekkXIWfgvW677baXump3BlQLLKe
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.607781,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
x-goog-generation: 1673991776325560
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24184
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 199

GET
H2 200 cheltenham-normal-700.woff
g1.nyt.com/fonts/family/cheltenham/ 36 KB
37 KB 120ms
65ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 08:54:36 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 448916
x-guploader-uploadid: ADPycdunTMVi16zsVA5g3dD27nSUgGJ_2nS-IGTwqRS6NAQm-n3g1TVgFOvau-SvAl9XbUFqtfWRz9ckENbYId_fZltBGQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37340
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1701789169.608131,VS0,VE0
etag: "738608727fc7c5797889e17788508b26"
x-goog-generation: 1673991775275250
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Zk8RaA==, md5=c4YIcn/HxXl4ieF3iFCLJg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 37340
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 240

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 115ms
60ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:14 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3643349
x-guploader-uploadid: ADPycdsRwda_EOB5LpJhdwDZj2vpvKyH11TDWKhKDAem_9p0RfOsFUxnQkm3TV4Hwsv6-apktrq3fDaEj6u5WFfP3HOeppLc9Dco
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.608114,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 40804

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 120ms
66ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:16 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3572126
x-guploader-uploadid: ADPycdvhYDoz4CAgqaPW7V_EFM1kOolEePcwJ1MZR-PtG7CvKOZ32JG2ChchRGkWmBq0U2uiZF-WL627Pe8oBB8DrluK59v92au9
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.608133,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776257702
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 34294

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba57e9fe37374aae1060174b2a0150a2fca11878eef5c4f3e1d964ec10b345c9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 62ms
59ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

640a9138e66deb5b745997e8dbe0be6e4c32d82da5710f9cea8afb0bee2f3bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 28 Aug 2024 06:12:30 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 531565
x-guploader-uploadid: ADPycdub6POGF5SG8XBhowhvNuKg_G7Jck60Kezu2NVEsEa9gbbijPzyCmm-QQqtrHghDuEybLlo17iV-tl8wYESpm70qg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27032
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.636391,VS0,VE0
etag: "ab057a3b069a4ecbde7c3ea74411284e"
x-goog-generation: 1673991776263300
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Rh/wYQ==, md5=qwV6OwaaTsvefD6nRBEoTg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27032
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 230

GET
H2 200 franklin-normal-400.woff
g1.nyt.com/fonts/family/franklin/ 35 KB
36 KB 62ms
59ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-400.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a742a2af7c3bd1cab7c1cd0bddb1026dba2abb8c0b80f14c881a034854db962b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 08 Aug 2024 07:58:37 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 22393
x-guploader-uploadid: ADPycdteUSW9N3sRD7ZaX1_vGDcKA0WD9keLAV93a0FkTap06UzDdEyQeDCvOj4F1D8DoAVZGLHHC1donm7W8KNFR4sw8xP_LUN2
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35764
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1701789169.636510,VS0,VE0
etag: "a4bfea3a5c7e7e577c2bcdcd61321eaa"
x-goog-generation: 1650460180560561
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=STMqMg==, md5=pL/qOlx+fld8K83NYTIeqg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 35764
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 291

GET
H2 200 imperial-normal-400.woff
g1.nyt.com/fonts/family/imperial/ 33 KB
34 KB 63ms
60ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ded6ccf52893dda8d7ff261b54805bf7a6d9a225d44ceca138c4295c57d742d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 22 Aug 2024 08:06:30 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1843190
x-guploader-uploadid: ADPycdvwrgTtQdiWA_zJ7qjHxLzJIrq3ychUF6sksSHFf2jbVi50FitgwWzb4lZVLZO73K6cEGRQ4XcPLc12WO-HfdQKLiFTvd0M
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 33744
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.637103,VS0,VE0
etag: "910963d6a159124b2f1ba07ad3f87e00"
x-goog-generation: 1673991776747903
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ieCt7A==, md5=kQlj1qFZEksvG6B60/h+AA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 33744
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 249

GET
H2 200 cheltenham-normal-500.woff
g1.nyt.com/fonts/family/cheltenham/ 37 KB
37 KB 62ms
60ms Font
font/woff 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fa04f6869d6de022e015687d0c73411c6268505d456239aea7552e8300fb1aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 19 Sep 2024 09:22:07 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1848601
x-guploader-uploadid: ADPycdvcs3Ky7ixrEd3ECLhQIPnzEla-8DuK39vo_5JCUNkSIQyW9Uxc3sakd92HU1lRd0vdy1j5QcFZMPpl4EZZBIaqDPZ-ZehZ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 37596
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1701789169.637086,VS0,VE0
etag: "229eebd8069abe2c2253b203c9179e25"
x-goog-generation: 1605542919525865
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=jQDWWw==, md5=Ip7r2AaaviwiU7IDyReeJQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 37596
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 285

GET
H2 200 imperial-normal-700.woff
g1.nyt.com/fonts/family/imperial/ 32 KB
33 KB 61ms
59ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a79b0d41335a1e325af898d3d59f0a69cc6e2098b8aa73ed1b185865c8c31914

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 16 Oct 2024 11:30:22 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1753517
x-guploader-uploadid: ABPtcPpXkrRWkatXWw8db5mYHCeH-Hg4PPPJjaCA65Mf8jLBZEP6SJAJPKsdDw7cGL1OrEkEghXAvyHEfOwRDcLpsoBCWjvoJxFj
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 32652
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.637073,VS0,VE0
etag: "53b85cb8b3e80c7a993ba8021fe74a51"
x-goog-generation: 1673991776807707
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=IVcNLg==, md5=U7hcuLPoDHqZO6gCH+dKUQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 32652
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 260

GET
H2 200 franklin-normal-300.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 62ms
61ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.woff

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

985aac7d49c194276a9409a009e38ec2c82f3f607c26b9358b23d48ed004c284

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 17 Jul 2024 09:44:03 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 466102
x-guploader-uploadid: ADPycdtCx5zJDnR2wYZLsFwWmbWmygF4GoWWqeyAkvr1x0-wxLU_hWZGNijd5UplndWVRrHOfc9XpC2cIR_HPQvUBMFXbIrMklQY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26864
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1701789169.637054,VS0,VE0
etag: "fe2bd94ddc6ab147c15e7a4f748b4a9e"
x-goog-generation: 1673991776219559
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=0YQkag==, md5=/ivZTdxqsUfBXnpPdItKng==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26864
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 247

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 33ms
28ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:47:22 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2952140
x-guploader-uploadid: ADPycdv8Ik7vrwmNdrfGdni3kuP3esm32D1DaJUv25B1nNrhXW_Ftx0T_Te11gGs6sAjJvMjvx2HBxVSXvR-iZa3jOuPKw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1701789169.764550,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991775015704
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23608

GET
DATA 200
OK truncated
/ 130 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b84ebfbd15694400df12827c578baf3e0d64b86b13222a7d27a536e236dcb6c

Request headers

Referer
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 waveform.gif
static01.nyt.com/newsgraphics/homepage-clip-player/ 21 KB
22 KB 30ms
29ms Image
image/gif 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/newsgraphics/homepage-clip-player/waveform.gif

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6cc0178b8ca392cc49340d87e0b2b5f24cba5c6d801e2b4946c44fe8d23b50cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 15:11:43 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2
x-guploader-uploadid: ABPtcPr4qj_8XRkWqRjrYPZ9q1a5jBceNDn1MDJGg17V7-dHLaw6j9MOGT257WNxIeQ1aRYPXCcgo-o7hg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 21418
x-served-by: cache-iad-kiad7000057-IAD, cache-mia-kmia1760077-MIA
x-amz-meta-checksum
last-modified: Tue, 19 Sep 2023 19:42:36 GMT
server: UploadServer
x-timer: S1701789169.909233,VS0,VE1
vary: Origin, Accept-Encoding
x-goog-generation: 1695152556844019
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=2Mc1sA==, md5=7UKwT2965Pp7u9wW773INg==
cache-control: max-age=5, stale-if-error=86400, stale-while-revalidate=5, public
x-goog-stored-content-length: 17329
x-amz-checksum-crc32c: 2Mc1sA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1861, 1

GET
H2 200 karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
g1.nyt.com/fonts/family/karnak/ 23 KB
23 KB 35ms
34ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/karnak/karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 12 Sep 2024 05:38:19 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2280536
x-guploader-uploadid: ADPycdu1kOzCyMGTF8GGlw7yD_5jrYhreg02len-GgCK2dyByd4YxDkXNtMFBOijsy4-Fiybwb4w8Yhy_zfFphK1JAaNOg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23400
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:57 GMT
server: UploadServer
x-timer: S1701789169.914183,VS0,VE0
etag: "4a0c7e79ac2f009f12f9106482c961c4"
x-goog-generation: 1673991777120718
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=a9fAaA==, md5=Sgx+eawvAJ8S+RBkgslhxA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23400
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7052

GET
H2 200 cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 36ms
35ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 19 Sep 2024 06:06:50 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1751296
x-guploader-uploadid: ADPycdvjnwFyC6eFnuYkkFRW2_rpd7GuACwTEOioJersnwSLwJo_yZ4wCC6UtvarizDgS7m0jOQPItKuq7cE9p4_C6hzXNnuG_YO
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24028
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1701789169.914310,VS0,VE0
etag: "cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation: 1673991775386814
x-goog-hash: crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24028
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 106

GET
H2 200 cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
23 KB 41ms
40ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 22 Aug 2024 08:30:28 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1743717
x-guploader-uploadid: ADPycdsyshPkeRmOGh_NS9yQLHXNgFsfYarqxQyLS-0WCbAfQ2Nbkr24KsoKaoetRraDfY14MbdX6s89AJNPiPlOD2RPIEEXkUfz
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23704
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1701789169.915514,VS0,VE0
etag: "1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation: 1673991775396405
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23704
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9887

GET
H2 200 cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/ 28 KB
29 KB 41ms
40ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 12 Sep 2024 06:18:25 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2362000
x-guploader-uploadid: ADPycdtoCio9JMn3hDbytfVU5zpWgyM7ettw_xzX2NdPQO3lppWa8yoGXTIuncvlQeGG01jX50cgpkwIbZevNBdybQ1Elw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28868
x-served-by: cache-mia-kmia1760090-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1701789169.915638,VS0,VE0
etag: "7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation: 1673991775506403
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 153

GET
H2 206 20231205-TD-MASTER-MIX-AM-HP-clip--1-.mp3
static.nytimes.com/podcasts/2023/12/05/admin/05daily-young-thug-clip/ 622 KB
0 63ms
32ms Media
audio/mpeg 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.nytimes.com/podcasts/2023/12/05/admin/05daily-young-thug-clip/20231205-TD-MASTER-MIX-AM-HP-clip--1-.mp3

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 05 Dec 2023 11:36:28 GMT
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 12980
x-guploader-uploadid: ABPtcPqq-7dCGWyZZ3YPM_lyZZEeAiIjgWun7ZtHT1PrQVvu7_nQmf7kli9A3bN6ABSjRzvZeZA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 0-637183/637184
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Content-Length: 637184
x-served-by: cache-iad-kiad7000086-IAD, cache-mia-kmia1760077-MIA
last-modified: Tue, 05 Dec 2023 11:18:03 GMT
server: UploadServer
x-timer: S1701789169.988544,VS0,VE1
etag: "775805ab37880e4641ab382ec9317bd7"
x-goog-generation: 1701775083576060
content-type: audio/mpeg
access-control-allow-origin: *
x-goog-hash: crc32c=5QMTVw==, md5=d1gFqzeIDkZBqzguyTF71w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 637184
x-amz-checksum-crc32c: 5QMTVw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 226 KB
75 KB 63ms
63ms Script
text/javascript 2600:9000:2009:e600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:e600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bf8173ae3d6d3ea2f80e93888d6488c84ce54917798d9a95ad371911e16a35b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:09:41 GMT
x-amz-version-id: NNbun6TS4hAlmIoM1vhzR1lroyU.ClTy
content-encoding: br
last-modified: Tue, 05 Dec 2023 14:41:20 GMT
server: AmazonS3
via: 1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
etag: W/"232d5aec90d59d5858de3ceb0b24239b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 188
x-amz-cf-id: eUKfLowjzq6-CFQGsf-X5yX5B876RonuYh9bAZ57wYWV0Gz2ABpaLA==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 432 B
779 B 1042ms
63ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2F77.232.142.73.sslip.io%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=77.232.142.73.sslip.io&tg_i.page=https%3A%2F%2F77.232.142.73.sslip.io%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=dfp-ad-top&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=2d0441016d5409&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.447189013621788
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b171654ee41b8575b204a041fb00714c2e1ed6f1963f6fd68b4ff22f5f20d9ef

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 432
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 434 B
783 B 1041ms
62ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2F77.232.142.73.sslip.io%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=77.232.142.73.sslip.io&tg_i.page=https%3A%2F%2F77.232.142.73.sslip.io%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=3771ad3850ec0c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4212256748092469
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8c694c3ebb00c51516524d727fe3b1794a8b4092acd285afd8d3dee3fab12654

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 434
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 434 B
781 B 2040ms
1061ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2F77.232.142.73.sslip.io%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=77.232.142.73.sslip.io&tg_i.page=https%3A%2F%2F77.232.142.73.sslip.io%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=4b179c22c4ea41&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.316262636961389
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ca96a443712a84bf109b0eefb06e3ed37a7ceae5f062f4c30a3cde8ee34cb5d5

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:51 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 434
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 434 B
962 B 1039ms
61ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2F77.232.142.73.sslip.io%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=77.232.142.73.sslip.io&tg_i.page=https%3A%2F%2F77.232.142.73.sslip.io%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=51c3055b4a64e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7070266678279762
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4c9d57a85152f46024d071b0d1b211f8a77b974a8d24eff62aa4416f61fed675

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 434
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 438 B
807 B 2037ms
1060ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2F77.232.142.73.sslip.io%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=77.232.142.73.sslip.io&tg_i.page=https%3A%2F%2F77.232.142.73.sslip.io%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=68d80b04192e2f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.91251087820825
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f2585ac403e198f0e12b5379d589acb6b937e3ac6be613bf0cf2cd9d09e44b76

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:51 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 438
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 579 B
850 B 206ms
66ms XHR
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ee4a6b47771c4d833c797625d6bc37c87d83eb4a5fb6d6ea6b6313b0597c59e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:49 GMT
content-encoding: gzip
an-x-request-uuid: 360c9e29-e419-46c2-832a-97026c0e7f6e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
827 B 167ms
55ms XHR
application/json 3.85.72.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.1.0&referrer=https%3A%2F%2F77.232.142.73.sslip.io%2F&tmax=10000

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.72.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-72-59.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:49 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status: 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
345 B 145ms
67ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 6c4292170e3a6414649ff3e4e98c782ebb8427a8d23d4e317279e0aeb4406423

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 15:12:49 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://77.232.142.73.sslip.io
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 334 B
742 B 182ms
112ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 0c5e21942319101bf1d72c86fb459b35d01ff2a1bb738b69c4b18f1142ae7047

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:12:49 GMT

GET
H2 200 3030 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
781 B 968ms
58ms Script
application/javascript 18.160.10.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3030
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-20.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 45f2478634f0a55c545adcee6508cbfb0f270c805f0adba7002359640629bcaa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:49:33 GMT
via: 1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P3
age: 1397
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: YMxQEdCUMZV-Uw5LJRAl1hiRZ4Y5PLqK5T4LXO-s4JbDuj5z5fbq1w==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 54ms
54ms XHR
text/plain 18.160.53.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2F77.232.142.73.sslip.io
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.53.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-53-102.iad55.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:48 GMT
via: 1.1 1c270697a065feaf9aaa711be1cb8b0c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: iRMCIO-jLdIUO3WPkcgTU8N9kvgM0JD73PFf0xHueE0Gd4Yd6Pv1_A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
509 B 964ms
65ms XHR
text/javascript 18.165.97.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2F77.232.142.73.sslip.io%2F&pid=vu0OYI7IBSSQt&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.97.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-97-179.iad55.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-amz-rid: JBBMN3K19R0WWX2XT2DD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://77.232.142.73.sslip.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 7M4_v02xQbqp1aPtRYtfQYWVkPVQr8dXAZfDqMr_4zoIws8bqdlTFA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 175ms
76ms XHR
application/javascript 18.160.53.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.53.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-53-102.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: VJ2KQxK4prAGKCE12ejmlVaPl9vZNZxF59wwSa4S10g0dDfxFQ13zg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 432 KB
135 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70455
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138184
x-xss-protection: 0
server: cafe
etag: 495798054771589180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Dec 2024 19:38:34 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
605 B 187ms
74ms XHR
application/json 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=77.232.142.73.sslip.io

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cfd9b2c3186ce746948caec4d2f0becde518e6684d210d23eb449004ffc261b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Tue, 05 Dec 2023 15:12:49 GMT

POST
H2 200 / Show response
sentry.io/api/1486907/envelope/ 2 B
324 B 823ms
66ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1486907/envelope/?sentry_key=7e7af50d16da41fea6264c00f270dbdc&sentry_version=7

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-74ec4aa0b386b7ed501e.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 47 KB
11 KB 215ms
213ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-74ec4aa0b386b7ed501e.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

5fe30b386a7b85303cb8594ccc6800c2f39c3c259b740c4cf293d574692d5d96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 424093
x-guploader-uploadid: ABPtcPoGOBlJ_YAW0Rpz-PnZTeKJoRhillQfHStWxcXf0wDfcHTbvX722pbCYFRNEpaKUimklhU
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-30 17:24:36 UTC
x-served-by: cache-bma1654-BMA
x-timer: S1701789170.718728,VS0,VE1
etag: "218cea4a58c1227b419565f0ac94ad24"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701364642551983
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-74ec4aa0b386b7ed501e.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3461
expires: Fri, 29 Nov 2024 17:24:36 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 9709
last-modified: Thu, 30 Nov 2023 17:17:22 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=v+4ntw==, md5=IYzqSljBIntBlWXwrJStJA==
x-gdpr: 1
x-goog-stored-content-length: 48339
accept-ranges: bytes

GET
H2 200 vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~16fc2915-b5fb63b7557620588d95.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 216 KB
58 KB 212ms
211ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~16fc2915-b5fb63b7557620588d95.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

9b1a5a94782d648867891bf6c4fc2fd590fde78b585eb1640c07dc5934ff6e4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 424792
x-guploader-uploadid: ABPtcPpiF5GMiU3KdUYo9ogGF1mdGifvBB0AyZzTlRNfJQumnhbtjzkRsO_0jd3mHMooxldfuUw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-30 17:12:57 UTC
x-served-by: cache-bma1637-BMA
x-timer: S1701789170.715747,VS0,VE1
etag: "eac36a426218ffa99dca9b60e575b58f"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701364318188909
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~16fc2915-b5fb63b7557620588d95.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3273
expires: Fri, 29 Nov 2024 17:12:57 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 58114
last-modified: Thu, 30 Nov 2023 17:11:58 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=9Fsk5w==, md5=6sNqQmIY/6mdyptg5XW1jw==
x-gdpr: 1
x-goog-stored-content-length: 220922
accept-ranges: bytes

GET
H2 200 vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-7ab4095da4375db079a1.js Show response
77.232.142.73.sslip.io/vi-assets/static-assets/ 46 KB
15 KB 220ms
219ms Script
application/javascript 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-7ab4095da4375db079a1.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

a9f21c60be8fb551480e9bc275e0e5707af6c5dcbba52a93faee9edc7df0c7c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 418609
x-guploader-uploadid: ABPtcPpuB9BIfGAGpKfQ8ZYOCZIJ-TsFNJ9pZj4CHixawBhr2ilQMTbMYK4dM1Yu0x0r0t-BT-k
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-30 18:56:00 UTC
x-served-by: cache-bma1663-BMA
x-timer: S1701789170.724210,VS0,VE1
etag: "95afe28c61870e0a49ff8fd07e8b5e26"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701370371592098
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-7ab4095da4375db079a1.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1866
expires: Fri, 29 Nov 2024 18:56:00 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14302
last-modified: Thu, 30 Nov 2023 18:52:51 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=vCAl9g==, md5=la/ijGGHDgpJ/4/QfoteJg==
x-gdpr: 1
x-goog-stored-content-length: 46681
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
62 KB 66ms
65ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d8e58df62968c240644607b1a995822a29a8b075e73dfd7d86ae32b7bf77f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 63323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:12:49 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 147 KB
27 KB 370ms
65ms Script
text/javascript 18.67.65.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-113.iad89.r.cloudfront.net

Software

Apache /

Resource Hash

c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 2ca1a2664d288773b443dc5e52a8b5b8.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 14:56:51 GMT
x-amz-cf-pop: IAD89-P1
age: 959
x-cache: Hit from cloudfront
content-length: 27331
last-modified: Wed, 29 Nov 2023 13:37:06 GMT
server: Apache
etag: "24cd6-60b4aa18fa3ca-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: Ei4jaesBCRyqssyGR3iTZHT5yfdMlraeh40F8VzYtomBotKubocpKw==
expires: Tue, 05 Dec 2023 15:56:51 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1701789169667&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1701789169667&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2...

0
226 B

49ms
49ms

Image
text/plain

18.154.227.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1701789169667&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F77.232.142.73.sslip.io%2F&c9=
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Server: 18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-100.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: y7lBU_kDIPVmKYSO8ayiOxqglfbGSCWGdLqI5Y07gDZGdMn5khJq9Q==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 05 Dec 2023 15:12:50 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005403&ns__t=1701789169667&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F77.232.142.73.sslip.io%2F&c9=
content-length: 0
x-amz-cf-id: oqxO-TntsE8pZq54RKfTNIlPiMRx_3Hgd3Z__iZiNSJAWjgtZCgg9w==

GET
H2 200 AI-TIMELINE-BURST-MCCARTHY-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/04/business/AI-TIMELINE-BURST-MCCARTHY/ 32 KB
33 KB 27ms
27ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/04/business/AI-TIMELINE-BURST-MCCARTHY/AI-TIMELINE-BURST-MCCARTHY-threeByTwoSmallAt2X.jpg?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a0365dfca833ce1c9f906aaf36389e310bef344be65e46adf2fe5afca7063116

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 08:01:15 GMT
date: Tue, 05 Dec 2023 15:12:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 25895
x-guploader-uploadid: ABPtcPoq3_nRY7-USrNitPaBEFnpAjAHgpm_nbDgMdRDoXpcrz0twChSgwEq5tr8RfPWQCd4gK8
x-cache: HIT, HIT
fastly-io-info: ifsz=57913 idim=600x400 ifmt=jpeg ofsz=33138 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 33138
x-served-by: cache-iad-kiad7000047-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789170.742753,VS0,VE0
etag: "8njzzxVczx+njGRlj2WFQCsanO7fA1vKSSi+OwM50Ho"
vary: Accept
x-goog-generation: 1701730498447665
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=vQWdcg==, md5=SG3KBZ0+iEMKinwemhZjRA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 57913
x-amz-checksum-crc32c: vQWdcg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11, 175

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 341ms
341ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1657620171669154&correlator=194475723180092&eid=31077978%2C31079525%2C31068825&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701789169768&lmt=1701789139&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F77.232.142.73.sslip.io%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=427312208.1701789170&ga_sid=1701789170&ga_hid=1891136753&ga_fc=false&dlt=1701789167776&idt=1955&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26request_time%3D1978&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_203505051248%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D1%26page_view_id%3DdVyjP73O8PYPY5oHZBU6ihnh%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=2496155832&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f66b8f5b06c02a6d9aee173c75069f4a6e5ac77a8b7837fc435bbde9c8d1474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
google-lineitem-id: 6396452845
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138450009651
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://77.232.142.73.sslip.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 962D 6 KB
3 KB 207ms
63ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77.232.142.73.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:12:50 GMT
expires: Wed, 04 Dec 2024 15:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AI-TIMELINE-SAMALTMAN-czvb-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/04/multimedia/AI-TIMELINE-SAMALTMAN-czvb/ 7 KB
8 KB 28ms
28ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/04/multimedia/AI-TIMELINE-SAMALTMAN-czvb/AI-TIMELINE-SAMALTMAN-czvb-threeByTwoSmallAt2X.jpg?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

79529a2945de9cc11ff34ae0c0bc488a9b2a15b7aaf5f5cce0f882a780b55261

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 08:01:21 GMT
date: Tue, 05 Dec 2023 15:12:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300716
age: 25889
x-guploader-uploadid: ABPtcPrPv6GDo_qH42AwTBboyJOZYayd6quozhOBeZtE-HypAKDE0r_SkDtGZOYMZDoIwRdJ1QI
x-cache: HIT, HIT
fastly-io-info: ifsz=26084 idim=600x400 ifmt=jpeg ofsz=7638 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 7638
x-served-by: cache-iad-kjyo7100126-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789170.804237,VS0,VE0
etag: "3UPyi59dWTm8qu0QUK7pAOszoxl4dU+P1SfHYQzdn48"
vary: Accept
x-goog-generation: 1701729917780819
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=exAofw==, md5=0k6d2XAAqgHHE2l3sMoFgw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26084
x-amz-checksum-crc32c: exAofw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13, 280

POST
H2 200 track
a.et.nytimes.com/ 0
0 74ms
74ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 76ms
76ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://77.232.142.73.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Tue, 05 Dec 2023 15:12:50 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 22
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: NY
x-samizdat-query-exe-id: 997393ba0abd0ec1
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760070-MIA
x-timer: S1701789170.466729,VS0,VE49

GET
H2 200 market Show response
77.232.142.73.sslip.io/api/ 522 B
1 KB 217ms
217ms Fetch
application/json 77.232.142.73
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://77.232.142.73.sslip.io/api/market

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.232.142.73 Stockholm, Sweden, ASN210644 (AEZA-AS, GB),

Reverse DNS

sore-pump1.aeza.network

Software

nginx/1.24.0 /

Resource Hash

9b0aae6af0529251d6db6968292907b278cf618cc3b224fda95d8d5f34bfb24a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-api-version: F-F-X
age: 4
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
content-length: 255
x-origin-time: 2023-12-05 15:12:49 UTC
x-served-by: cache-lga21927-LGA, cache-bma1628-BMA
server: nginx/1.24.0
x-timer: S1701789171.565214,VS0,VE3
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/json; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
cache-control: s-maxage=60,(null)
x-nyt-route: market
x-nyt-app-webview: 0
x-gdpr: 1
x-nyt-edge-cache: HIT-HIT
accept-ranges: bytes
x-cache-hits: 66, 1

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
508 B 58ms
58ms XHR
text/javascript 18.165.97.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2F77.232.142.73.sslip.io%2F&pid=vu0OYI7IBSSQt&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.97.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-97-179.iad55.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-amz-rid: EH1B9HEXP6EHN7442Q2Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://77.232.142.73.sslip.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: xytFkOePzKa9u_kDXfepEzm1HH-1xgIvrRBiGOFKBV6rCdaqG8F89Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
508 B 65ms
65ms XHR
text/javascript 18.165.97.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2F77.232.142.73.sslip.io%2F&pid=vu0OYI7IBSSQt&cb=2&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.97.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-97-179.iad55.r.cloudfront.net

Software

Server /

Resource Hash

f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-amz-rid: J6E5VT9C16A0BR3QQPCH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://77.232.142.73.sslip.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: DSpbGmObrDaIJtWb0cFP7LpLvKoefhGxKi8UF8ZVZkdetyLzbqlHHA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
508 B 71ms
70ms XHR
text/javascript 18.165.97.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2F77.232.142.73.sslip.io%2F&pid=vu0OYI7IBSSQt&cb=3&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.97.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-97-179.iad55.r.cloudfront.net

Software

Server /

Resource Hash

e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-amz-rid: 2YZKQXW18SY9DRHVZVAS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://77.232.142.73.sslip.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: Ce4jZVmIte4Bc9cajrek-Cd1f49hwP_oAivx4y_x_NYWvURKyv5GnQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
508 B 63ms
62ms XHR
text/javascript 18.165.97.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2F77.232.142.73.sslip.io%2F&pid=vu0OYI7IBSSQt&cb=4&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-bottom_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.97.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-97-179.iad55.r.cloudfront.net

Software

Server /

Resource Hash

13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f1dd5bd4f4b31b158b9e826b6e013cda.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-amz-rid: 45PECTJC13CMVVDTHNR4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://77.232.142.73.sslip.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: OOevS1odgsPx4YEvQYs8Surk7ewEhO4uDtVo9VB_Q3NGocqzeAvV6w==

GET purr-cache
purr.nytimes.com/v1/ 0
0

GET data-layer
a.nytimes.com/svc/nyt/ 0
0

GET
H2 200 05headlines-audio-gwqm-square320.jpg
static01.nyt.com/images/2023/12/05/multimedia/05headlines-audio-gwqm/ 25 KB
25 KB 34ms
27ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/multimedia/05headlines-audio-gwqm/05headlines-audio-gwqm-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb4f042c1b57998f8486cbf7250c81dff766af52512d694c0d696113163a843a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 11:09:58 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300705
age: 14573
x-guploader-uploadid: ABPtcPoa0Bq7jqc_NVoJn6qK7QHORQCc8BZN1mnKNcaxU7lzLJX6wiWSUnDFjwDLvJd4S8fat9s
x-cache: HIT, HIT
fastly-io-info: ifsz=44638 idim=320x320 ifmt=jpeg ofsz=25482 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 25482
x-served-by: cache-iad-kiad7000051-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.352919,VS0,VE0
etag: "giNqF36MyRCg0L2j0F+vu5MGPyjns5PMq08duu0EYYk"
vary: Accept
x-goog-generation: 1701774091195607
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=V3dCCQ==, md5=AQr5QLYY4Ir8oaBn1hlN5w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 44638
x-amz-checksum-crc32c: V3dCCQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 61, 131

GET
H2 200 00tech-ai-03-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/21/business/00tech-ai-03/ 22 KB
23 KB 42ms
36ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/21/business/00tech-ai-03/00tech-ai-03-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a35fe7d6b08af18c58edcc3cbdca8814433b03be5d32ed033d3ecdae80944bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 08:03:38 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: img01-us-east4
age: 25753
x-guploader-uploadid: ABPtcPqvFRvct7IzDoWv_q1IRKByFm6yHlPDKEO4hvEECBKBw2igE0mpOj-jWyTaKLXigpYM1Es
x-cache: HIT, HIT
fastly-io-info: ifsz=68160 idim=600x400 ifmt=jpeg ofsz=22958 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 22958
x-served-by: cache-iad-kjyo7100069-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.353880,VS0,VE0
etag: "USNClh3tNuN/k7m9eN807teX7ONKcE2pYb+UqBzhsnA"
vary: Accept
x-goog-generation: 1701763232327083
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=nb2oDA==, md5=WvlumYCgoFA1CsyCTmHmrQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 68160
x-amz-checksum-crc32c: nb2oDA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 123

GET
H2 200 00china-evergrande-01-jpwl-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/30/multimedia/00china-evergrande-01-jpwl/ 51 KB
51 KB 37ms
32ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/30/multimedia/00china-evergrande-01-jpwl/00china-evergrande-01-jpwl-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ada2183539d0cba0a3b1d16e47381c87756783632fe41cbab60553be3189e595

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 05:01:01 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300711
age: 36710
x-guploader-uploadid: ABPtcPokYPVh4_zhQmWd-644tru4O9qyeR9UQSvLTHaR96F7rWBFJca25BH7YRqLl7lBPlOtOlsPQCZrbg
x-cache: HIT, HIT
fastly-io-info: ifsz=98999 idim=600x400 ifmt=jpeg ofsz=52014 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 52014
x-served-by: cache-iad-kjyo7100065-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.353426,VS0,VE0
etag: "MgTwzKlkHm2wXwhyEMQ2D5yxbF7H67gTkzQ1p7OY1Ww"
vary: Accept
x-goog-generation: 1701752412979846
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=iKT+GQ==, md5=0gWu8dnW3oLtE+JGAW+C2Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 98999
x-amz-checksum-crc32c: iKT+GQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 98

GET
H2 200 10BEST-COMEDY-02-vbmk-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/10/multimedia/10BEST-COMEDY-02-vbmk/ 7 KB
7 KB 34ms
29ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/10/multimedia/10BEST-COMEDY-02-vbmk/10BEST-COMEDY-02-vbmk-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

067dd55db0d6962a9cacf4458f263cb3d3b60ecd1ddbee3ee61b76f6d334a43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 10:08:01 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 18291
x-guploader-uploadid: ABPtcPoncjDYjt4TMCU5Qxn1GbPpP-c3HHX2CpN9NC-qWGY7aG58ejvAsef2pU8HBnWpTl2Wj_Y
x-cache: HIT, HIT
fastly-io-info: ifsz=25035 idim=600x400 ifmt=jpeg ofsz=6834 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 6834
x-served-by: cache-iad-kiad7000087-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.353411,VS0,VE0
etag: "McM+LWvZbSJBDBJl0w/G1LJKKWbXWMLMRsae8pLqMZE"
vary: Accept
x-goog-generation: 1701770492626548
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=d7qd4g==, md5=evy8tzStKX3bYnHfM+PU2Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 25035
x-amz-checksum-crc32c: d7qd4g==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 68

GET
H2 200 05ny-richmovers--02-mhvz-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/05/multimedia/05ny-richmovers--02-mhvz/ 35 KB
35 KB 35ms
31ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/multimedia/05ny-richmovers--02-mhvz/05ny-richmovers--02-mhvz-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9c001ca5085ba2522e49502c2caba5a75540eeee58e58a88ab1841e462b20440

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 12:41:04 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300703
age: 9107
x-guploader-uploadid: ABPtcPriEAxQN5R3y6ngMU6pJEV1t-swmWBvBz9M8EQS9JlTdKgaeYIxRFq8QS_pjb9ysojyX1A
x-cache: HIT, HIT
fastly-io-info: ifsz=77289 idim=600x400 ifmt=jpeg ofsz=35404 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 35404
x-served-by: cache-iad-kjyo7100080-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.353397,VS0,VE0
etag: "y7M6FrfgmMKa+t9/XtYXr5+j2MkOZBXH6Iao0O35WSs"
vary: Accept
x-goog-generation: 1701763240039034
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=l5rkNw==, md5=m7Mp9ymOojqd7Z0IbrkV6w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 77289
x-amz-checksum-crc32c: l5rkNw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 46

GET
H2 200 05putin-visits-vmkq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/05/multimedia/05putin-visits-vmkq/ 13 KB
13 KB 35ms
32ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/multimedia/05putin-visits-vmkq/05putin-visits-vmkq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

433645c2edbaae87bfa0a5edfd80e072239ba3c45912335eeec9395fa26a085d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 11:30:33 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300703
age: 13337
x-guploader-uploadid: ABPtcPpoEFa9RQofriVfBUNpAfPOSxWzOoED_qOQJ_7fkrfF6ks5IN-VwVg9vaoh5PYEPmRTZRsoryHPrw
x-cache: HIT, HIT
fastly-io-info: ifsz=45205 idim=600x400 ifmt=jpeg ofsz=12978 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12978
x-served-by: cache-iad-kcgs7200104-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.353398,VS0,VE0
etag: "TDBnK2VhENSbKD1RffIphnLK1oa07WxZWcJktImZvCA"
vary: Accept
x-goog-generation: 1701774539916400
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=L+sYEw==, md5=0dXikqHiJKj+TQXC/keCZg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 45205
x-amz-checksum-crc32c: L+sYEw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 8

GET
H2 200 05cli-cop28fossilfuels-02-bmgh-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/05/multimedia/05cli-cop28fossilfuels-02-bmgh/ 74 KB
75 KB 49ms
44ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/multimedia/05cli-cop28fossilfuels-02-bmgh/05cli-cop28fossilfuels-02-bmgh-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8da6af9b0e159c31ba6f147d1860eb909dbe66e6c5aa6e166a27a599c9c84473

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 15:04:43 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300703
age: 487
x-guploader-uploadid: ABPtcPou5jV_sHhrnOeJdUfa8tw18PYp6-1z9BD8SLei1pxcHYnKpNmvJMjypgSWOBeD5iJRn3b_IclUTA
x-cache: HIT, HIT
fastly-io-info: ifsz=129747 idim=600x400 ifmt=jpeg ofsz=75800 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 75800
x-served-by: cache-iad-kjyo7100051-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.390128,VS0,VE1
etag: "jKdsJ+RybBzqM4jOIfy6+FIhkE5b4SxubaCORxDT4IE"
vary: Accept
x-goog-generation: 1701788443302280
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ply/Uw==, md5=DdGMcUxOGomAxk7cTms6gg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 129747
x-amz-checksum-crc32c: ply/Uw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26, 1

GET
H2 200 04pol-christie-topart-wltq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/04/multimedia/04pol-christie-topart-wltq/ 19 KB
19 KB 44ms
44ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/04/multimedia/04pol-christie-topart-wltq/04pol-christie-topart-wltq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

49ccefb9503154dbd0865413a69cc48e01f4fce91e7d752c767f1fdf4fef2df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 21:33:29 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300713
age: 63562
x-guploader-uploadid: ABPtcPq35R7q3lBIQDS4ZXRqvqmK9n9X0468TMEADb10IO63gYFmxt4y5tm0ATBaOvR_P0POfIc
x-cache: HIT, HIT
fastly-io-info: ifsz=50120 idim=600x400 ifmt=jpeg ofsz=19192 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19192
x-served-by: cache-iad-kjyo7100159-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.391007,VS0,VE0
etag: "mDQ2dBvF+Vp8FsT5MR5cadlzC9hHoNHQo9UL00Bu/5s"
vary: Accept
x-goog-generation: 1701725576581633
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=6vyCUA==, md5=lPaB0t9Y0wS9oW+2SjZ6+A==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 50120
x-amz-checksum-crc32c: 6vyCUA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 81

GET
H2 200 michelle-goldberg-thumbLarge-v2.png
static01.nyt.com/images/2018/04/02/opinion/michelle-goldberg/ 18 KB
19 KB 47ms
43ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/04/02/opinion/michelle-goldberg/michelle-goldberg-thumbLarge-v2.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7abe7bfc0d767c223684661979c9b41a4e4ba77813efa43270529f99e4ebe20d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 24 Oct 2023 20:11:53 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 391657
x-guploader-uploadid: ABPtcPqRtf50so_970HLG-wIpFsjJBeaRMqVSOA6OAlq37-wiWJfm1TXx9oaALbn83hQG3MwCQec9e7zZXcY3Fp73gorZCxssOem
x-cache: HIT, HIT
fastly-io-info: ifsz=30912 idim=150x150 ifmt=png ofsz=18798 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18798
x-served-by: cache-iad-kjyo7100179-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.389934,VS0,VE0
etag: "hL4Cr4Eqf+1ZA4N+C4bRKKtWKSRNixBbQpuOuIRQJqI"
vary: Accept
x-goog-generation: 1698178313235933
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=pBb7Sw==, md5=7TUnc1P8WGIG9H4vt6LmOA==
cache-control: public, max-age=604800, stale-if-error=86400, stale-while-revalidate=30
x-goog-stored-content-length: 30912
x-amz-checksum-crc32c: pBb7Sw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37, 223

GET
H2 200 katherine-miller-thumbLarge.png
static01.nyt.com/images/2022/09/09/opinion/katherine-miller/ 22 KB
23 KB 47ms
43ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/09/opinion/katherine-miller/katherine-miller-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

61e00af43f2239484c6f03cbc6ab7a28eff6fc57d70a545ded6df1fcc0376e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 07:14:19 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 515560
x-guploader-uploadid: ADPycdvSIZjYghv3OzdzUtOcfh6zJZnA3mq1NIrdJh0optaYT8GfENaQ2QUl_tb5RTIBpY4gxOh7fund3-nh8aacQAmJAQ
x-cache: HIT, HIT
fastly-io-info: ifsz=37714 idim=150x150 ifmt=png ofsz=22846 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 22846
x-served-by: cache-iad-kcgs7200131-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.391055,VS0,VE0
etag: "AZYJy1l1wlLJ8aWCyPekjeoKjkI/suH6wSJrSbzfKiY"
vary: Accept
x-goog-generation: 1662751951105128
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=0Mg1ZA==, md5=PVp42/GFybA7e6Vw4a2PZg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 37714
x-amz-checksum-crc32c: 0Mg1ZA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 51, 341

GET
H2 200 05eks-baconi-square320-v2.jpg
static01.nyt.com/images/2023/12/05/podcasts/05eks-baconi/ 14 KB
15 KB 47ms
46ms Image
image/jpeg 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/podcasts/05eks-baconi/05eks-baconi-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a1368e29fcceec498d895340ebe63679293284987d1e2be337b836cd17456e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 11:11:20 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 14491
x-guploader-uploadid: ABPtcPr8B_PTjobILzQdz2a2I_MKpqYkVnqIVAYnXQ65ZIqpfangzOdKYmdZRC_ohiQmbJkBnLE
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 14810
x-served-by: cache-iad-kcgs7200091-IAD, cache-mia-kmia1760077-MIA
last-modified: Tue, 05 Dec 2023 11:11:15 GMT
server: UploadServer
x-timer: S1701789171.391391,VS0,VE0
etag: "57913b62ccb70b1873d4c2bc4a737685"
vary: Accept
x-goog-generation: 1701774675670574
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=qHqOzQ==, md5=V5E7Ysy3Cxhz1MK8SnN2hQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 14810
x-amz-checksum-crc32c: qHqOzQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 125

GET
H2 200 05hockenos-square320-v3.jpg
static01.nyt.com/images/2023/12/05/opinion/05hockenos/ 26 KB
27 KB 47ms
46ms Image
image/jpeg 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/opinion/05hockenos/05hockenos-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

edc4076faabf44d3124191d9f65902675cbd8b63b3bf997995a9fb7b483ee208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 12:27:10 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9941
x-guploader-uploadid: ABPtcPoooHD8T7cNTbZySJULY-1Hq0bqM_1A6xPA7M1yMj15NwXmlj6XgF9hkKwuV52Z1qTytJ0aBVX2UQ
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 26975
x-served-by: cache-iad-kjyo7100134-IAD, cache-mia-kmia1760077-MIA
last-modified: Tue, 05 Dec 2023 12:27:05 GMT
server: UploadServer
x-timer: S1701789171.391406,VS0,VE0
etag: "2b632474d7ba9391d5a3e29a89547679"
vary: Accept
x-goog-generation: 1701779225587725
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=rc2rsg==, md5=K2MkdNe6k5HVo+KaiVR2eQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26975
x-amz-checksum-crc32c: rc2rsg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 119

GET
H2 200 the-morning-icon-square320.png
static01.nyt.com/images/2022/03/15/multimedia/the-morning-icon/ 18 KB
19 KB 28ms
25ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/03/15/multimedia/the-morning-icon/the-morning-icon-square320.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8071309f9ce3b8f01a3e0770d688dd5d207eb803f975779044a33d3089e3674b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 28 Sep 2023 20:47:48 GMT
date: Tue, 05 Dec 2023 15:12:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 187782
x-guploader-uploadid: ADPycdsSTjBPxMmLBWJlwiPOmEIYhpgCljHQzfW0MBX18aE4yA1TGBMzhO-3tFxpjO1EVigAPmDREHrOSUUGppVrTVfQtg
x-cache: HIT, HIT
fastly-io-info: ifsz=28435 idim=320x320 ifmt=png ofsz=18856 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18856
x-served-by: cache-iad-kiad7000149-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789171.435928,VS0,VE0
etag: "9yuxgAHFFbuT7zGlL5DdWu35apHPlGFBc3o9/piaslE"
vary: Accept
x-goog-generation: 1686578251641168
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ySN2bw==, md5=zI0rsfov1F0wMhGvqBk3Qg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 28435
x-amz-checksum-crc32c: ySN2bw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3474, 152

GET
H2 200 container.html Show response
f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB4C 6 KB
3 KB 55ms
54ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77.232.142.73.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:12:50 GMT
expires: Wed, 04 Dec 2024 15:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 76ms
76ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://77.232.142.73.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Tue, 05 Dec 2023 15:12:51 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: NY
x-samizdat-query-exe-id: a6f9bbe90753694f
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760070-MIA
x-timer: S1701789172.601957,VS0,VE48

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

POST
H2 200 track
a.et.nytimes.com/ 0
0 75ms
73ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB4C 24 KB
7 KB 167ms
55ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
URL: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 Dec 2024 17:08:33 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame CB4C 5 KB
3 KB 284ms
62ms Script
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079706286&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuO25_YFSQ6CXczYP5Gfhr4up05izBV5CR9iDcm_IQGDsWPitKEZ70HeA0uth5va4adGfvHGjD9H5u9AiDSEaNtFwuc20xsvI-BPXBlbtWRxCG5y-Tqhay1YMjdMSKoduHYX-R3GZZBXOFf_9A6M7X0nkRERFFGhU_Z8YgSxpYNg4XXUdYRQRPEaPR5B_yGfHCIgOk9lLeRLlzVmZ0uWIeNoVbjc3Ov81aK7JgbNMaynbPqAeB8zlSlT4wfHtgwZGo6dRPCyF9orSyBTbNjYoJG1ONFzO8mqkbhA5X4aT778n-1BBfyEMv5mEO05WkpoYc9W85UxTqkJD3d5SEVmrcU7NBoa82jYSzQKYNYYlxn2w&sai=AMfl-YQNEthLSll7a9WvtjS_KeOV_WMONvyV8-LQpeaAaJGyZGupzDy_nZjPX7JqwhwZZLjDyL_qrQF6aEoH454zn6jBbwCKjH2YX2LfaPKFVb9l-KXefX7TkLGeSDxCZln385FGCWsV6RXGlJCtZzyDn1I8_h9lWqt3IPISeIY&sig=Cg0ArKJSzBrm_qLjohvCEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=$$&ord=354767825&ifrm=-1&z=0
Requested by: Host: f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
URL: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7bdd0466cd3076b12e5fd0acff9f41813dcf842fbde133378e1a423a06c76ba4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:51 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 2250
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB4C 202 KB
64 KB 178ms
66ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
URL: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:12:51 GMT

OPTIONS
H2 405 meter.js
meter-svc.nytimes.com/ Frame 0
0 206ms
73ms Preflight 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2F77.232.142.73.sslip.io%2F&referer=https%3A%2F%2F77.232.142.73.sslip.io%2F&pageviewID=dVyjP73O8PYPY5oHZBU6ihnh&MessageSelectionAPI=real

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-42-214.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-nyt-internal-meter-override
Access-Control-Request-Method: GET
Origin: https://77.232.142.73.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-length: 0
date: Tue, 05 Dec 2023 15:12:52 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
x-envoy-upstream-service-time: 20

GET meter.js
meter-svc.nytimes.com/ 0
0

GET
H2

200

activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0... Show response
5290727.fls.doubleclick.net/ Frame FAD0
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3b...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142....

543 B
645 B

168ms
167ms

Document
text/html

142.251.167.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f148.1e100.net

Software

cafe /

Resource Hash

312d06b02ee73b0b9beff34fb8daf1d474d0bb108c7e666618e6409d189e86b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77.232.142.73.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:12:52 GMT
expires: Tue, 05 Dec 2023 15:12:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:12:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 207ms
66ms Script
application/x-javascript 2600:9000:24f3:1200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f3:1200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:20 GMT
content-encoding: gzip
via: 1.1 9ac471895811a7ff78c729bcc099e068.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 02:00:16 GMT
server: nginx
x-amz-cf-pop: IAD55-P2
age: 61952
etag: W/"655577b0-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: WYSYVwnLOLsdcwiuisK_BCx-71irg4IU6w0YhkbEmSwwB04PpFlSZw==
expires: Tue, 05 Dec 2023 22:00:20 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
418 B 32ms
28ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 03 Feb 2023 05:46:10 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 32064
x-guploader-uploadid: ADPycdtjsmE2ICVIHSb7QJIooj9C3ooKmyI_oHmScreRwweaj0y_HtjPAb6r4E4go2UTjIfkbtHxq5hJwFFKyHtcAl78KE6PGa1F
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-mia-kmia1760077-MIA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1701789172.003475,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1640215841852360
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 3118

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 32ms
28ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Thu, 30 Mar 2023 05:47:04 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 31455
x-guploader-uploadid: ADPycdu5aboERq8SBOffIq0Rm5gnlya54qEahmMwUJKY8zxEX-PusSwrkXsuhsRS3dYBg8jXzMx0ivKjxF60DPN0tvhLHA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-mia-kmia1760077-MIA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1701789172.003486,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2948

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 108ms
38ms Script
text/javascript 2606:4700:20::ac43:4842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:52 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 05 Dec 2023 14:16:33 GMT
server: cloudflare
age: 3379
cf-polished: origSize=4821
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9fT0AWOQshf6onvMfr1SZrz4Whz9Mg1zTTQE5NTJvZrcw4yKWFZMjw6vTp63q37cgHBSGlGHJvBp3nsd7Hmfz4paMcGFywH252Fg5Ao9WiM4MnPtXY2Rhb4uhCe94i9Kly0ZfD6juHcpPG%2FYdEFdfwJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 830d3ad56b564c0d-MIA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 Khan-Younis-Hospital-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2023/12/05/world/middleeast/Khan-Younis-Hospital/ 43 KB
44 KB 28ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/world/middleeast/Khan-Younis-Hospital/Khan-Younis-Hospital-threeByTwoMediumAt2X.jpg?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

527f34e008b04f5bbaa36980e2c8cc137fb438ea04776b6b122989ae7c343e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Origin: https://77.232.142.73.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 11:53:04 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300712
age: 11988
x-guploader-uploadid: ABPtcPqVxyx0a_3CjcVhiiTADHYK3EQfNRL1s4RIZAjgzKwgEXlQfkfi6xJL_2DcDxvv9KDG7wQ
x-cache: HIT, HIT
fastly-io-info: ifsz=77521 idim=1500x1000 ifmt=jpeg ofsz=44110 odim=1500x1000 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 44110
x-served-by: cache-iad-kjyo7100062-IAD, cache-mia-kmia1760070-MIA
server: UploadServer
x-timer: S1701789172.019361,VS0,VE0
etag: "2xWOTC3/yBd2A601/JHGwoRs6SLvGsv1tU+Ih4dIDGc"
vary: Accept
x-goog-generation: 1701775702951762
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=WbsE+Q==, md5=pSnXLgoxfW3jiMg1PC+VSw==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 77521
x-amz-checksum-crc32c: WbsE+Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 269

GET
H2 200 05isrel-gaza-01-carousel-kcjw-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2023/12/05/multimedia/05isrel-gaza-01-carousel-kcjw/ 96 KB
97 KB 28ms
27ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/05/multimedia/05isrel-gaza-01-carousel-kcjw/05isrel-gaza-01-carousel-kcjw-threeByTwoMediumAt2X.jpg?quality=75&auto=webp

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

12759d4e12d5eaf09a8179847ba96ad0cfdf501436a4b02e1be5673e0f70e3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 13:34:38 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300716
age: 5894
x-guploader-uploadid: ABPtcPqhC66AEkEQ-UbUONY2RVy-7ixZWuJ3vfTEqmSd0vRZUmTcijbSvNr13EtMpq99QkDhr_Q
x-cache: HIT, HIT
fastly-io-info: ifsz=133683 idim=1500x1001 ifmt=jpeg ofsz=98694 odim=1500x1001 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 98694
x-served-by: cache-iad-kcgs7200162-IAD, cache-mia-kmia1760077-MIA
server: UploadServer
x-timer: S1701789172.033276,VS0,VE0
etag: "LBzRI3yJlwgHUa66E3Eq9+aCHaMwCDG8b/VGKTHFseE"
vary: Accept
x-goog-generation: 1701782438327297
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=/84gMw==, md5=8EkqHkigQlDgdCcN3kHB7g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 133683
x-amz-checksum-crc32c: /84gMw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22, 128

GET
H2 200 opdoc-taiwan-alt-videoSixteenByNine1050.jpg
static01.nyt.com/images/2023/11/26/opinion/opdoc-taiwan-alt/ 120 KB
120 KB 27ms
27ms Image
image/jpeg 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/26/opinion/opdoc-taiwan-alt/opdoc-taiwan-alt-videoSixteenByNine1050.jpg

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1d5f9181445c7bb4eaec5050d684a4fd60322a2d3525a5efa7d6758d72cb058a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 10:47:18 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 15934
x-guploader-uploadid: ABPtcPpUYitWdIIt70lEAVTXvE3kOaAK4IpQMYjEfOaANLmsxoxi5YplrPFwo8J6VKFYUdws1iY
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 122547
x-served-by: cache-iad-kjyo7100135-IAD, cache-mia-kmia1760077-MIA
last-modified: Sun, 26 Nov 2023 21:50:53 GMT
server: UploadServer
x-timer: S1701789172.110564,VS0,VE0
etag: "393cb482aef4aa3d3aa04c0e473ef3e4"
x-goog-generation: 1701035453076219
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=R0bLOw==, md5=OTy0gq70qj06oEwORz7z5A==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 122547
x-amz-checksum-crc32c: R0bLOw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40, 430

GET
H2 206 113940_1_05vid-khan-younis-hospital_wg_480p.mp4
vp.nyt.com/video/2023/12/05/ 3 MB
3 MB 30ms
27ms Media
video/mp4 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vp.nyt.com/video/2023/12/05/113940_1_05vid-khan-younis-hospital_wg_480p.mp4

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ed992e009a3dfebd419613b6fba43b2beb656306b2ea7c90c0882f7ff9ffbbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 05 Dec 2023 11:53:04 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 11987
x-guploader-uploadid: ABPtcPrPCAgvrBqZIaf0LEHiCv72UQPSulV3L_JdRxgDAbj9KsoyhvPI8dCatTVP4oCha9D9_MCq0A_T4w
x-cache: MISS, HIT
x-goog-storage-class: REGIONAL
Content-Range: bytes 0-3005350/3005351
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 3005351
x-served-by: cache-chi-klot8100072-CHI, cache-mia-kmia1760070-MIA
last-modified: Tue, 05 Dec 2023 11:32:46 GMT
server: UploadServer
x-timer: S1701789172.198201,VS0,VE1
etag: "d86614b442ea0e7d0cd1597ee59e3902"
x-goog-generation: 1701775966773912
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=Sin5oQ==, md5=2GYUtELqDn0M0Vl+5Z45Ag==
cache-control: max-age=60, s-maxage=86400, stale-if-error=86400
access-control-allow-methods: GET, HEAD, OPTIONS
x-goog-stored-content-length: 3005351
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 206 113679_1_05Opdoc_wg_720p.mp4
vp.nyt.com/video/2023/11/26/ 5 MB
5 MB 31ms
30ms Media
video/mp4 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vp.nyt.com/video/2023/11/26/113679_1_05Opdoc_wg_720p.mp4

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b990cbb90704e8574e370c19f20548f394a0d10cac4092cc80bbf26dfe5902eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 05 Dec 2023 10:47:30 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 15922
x-guploader-uploadid: ABPtcPr1gxdZdtdcqysskgWXCLH4qm0rIxdaWI8ODetGQSgtuyn0D5WhzGE4i09wJ5daUvOLJVtbWvWVEA
x-cache: MISS, HIT
x-goog-storage-class: REGIONAL
Content-Range: bytes 0-5150959/5150960
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 5150960
x-served-by: cache-chi-kigq8000152-CHI, cache-mia-kmia1760077-MIA
last-modified: Sun, 26 Nov 2023 21:32:59 GMT
server: UploadServer
x-timer: S1701789172.413216,VS0,VE1
etag: "33b45312174bbb9552794b860cd134ab"
x-goog-generation: 1701034379027141
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=8M5fag==, md5=M7RTEhdLu5VSeUuGDNE0qw==
cache-control: max-age=60, s-maxage=86400, stale-if-error=86400
access-control-allow-methods: GET, HEAD, OPTIONS
x-goog-stored-content-length: 5150960
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 206 113679_1_05Opdoc_wg_720p.mp4
vp.nyt.com/video/2023/11/26/ 736 KB
0 77ms
77ms Media
video/mp4 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vp.nyt.com/video/2023/11/26/113679_1_05Opdoc_wg_720p.mp4

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://77.232.142.73.sslip.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 05 Dec 2023 10:47:30 GMT
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 15922
x-guploader-uploadid: ABPtcPr1gxdZdtdcqysskgWXCLH4qm0rIxdaWI8ODetGQSgtuyn0D5WhzGE4i09wJ5daUvOLJVtbWvWVEA
x-cache: MISS, HIT
x-goog-storage-class: REGIONAL
Content-Range: bytes 0-5150959/5150960
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 5150960
x-served-by: cache-chi-kigq8000152-CHI, cache-mia-kmia1760077-MIA
last-modified: Sun, 26 Nov 2023 21:32:59 GMT
server: UploadServer
x-timer: S1701789172.428611,VS0,VE1
etag: "33b45312174bbb9552794b860cd134ab"
x-goog-generation: 1701034379027141
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=8M5fag==, md5=M7RTEhdLu5VSeUuGDNE0qw==
cache-control: max-age=60, s-maxage=86400, stale-if-error=86400
access-control-allow-methods: GET, HEAD, OPTIONS
x-goog-stored-content-length: 5150960
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=*;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0...
adservice.google.com/ddm/fls/z/ Frame FAD0 42 B
401 B 228ms
115ms Image
image/gif 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=*;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CO-N2tjK-IIDFYoligMd7VYKag;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5951221311875;auiddc=1355168077.1701789172;u17=https%3A%2F%2F77.232.142.73.sslip.io%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F77.232.142.73.sslip.io%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK eb6df50e-a662-44a0-a4b4-0cfd5a3e2df3
https://77.232.142.73.sslip.io/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://77.232.142.73.sslip.io/eb6df50e-a662-44a0-a4b4-0cfd5a3e2df3
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB4C 0
0 115ms
114ms Fetch
image/gif 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswZl0SCNZXMeqFuuW552nCCySWPA98PlLiYd6DES0U1V9uIcJ8uZGy2x6hf7o_ZkwTWbQWEBd4ulHmowzdzAWSfCHzvaxrlvNjWa6QzSpYk5eCZuSCeoOpSv1mJwZDtPMxl3UUcRuEa1HzglC7vBdx-gnyRfmnTP39bLHappkmHhrwEy4babxyq341lp2SQJjfbt7sV46QZWH0aVYXaUah1Oorlj2wcQZ6TQbrd9X1us7a8kTLAvW_b4zgovbUYVLLlytk4DtAGY3zx3tzLx1U_ZziaR9v_U2eil5LUK4jldAyD1_4u49JE76Knw5Ffw_4oplIY1T12fNgONkuH-SX5mVNl7ONKMWhhpjfNQIaJwKGSQ&sai=AMfl-YTc1KYfAZC5HKBS46Mr7cUUhmF-78wtySdHBjPMojdZRM0CC__wIeCFI2kqrsZJg7LtBcu-C6YoBbjKuf3mMUe0q-pEHm4q23nl-6BN3O9gFJoXVLFaFtOMFKTDATiT02SaNH311kX5OiKkc_jbFSEdAjFJIqZEdg9GwkA&sig=Cg0ArKJSzGF6j1pEhH1oEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
URL: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ebPreServing_ndw.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame CB4C 44 KB
13 KB 230ms
67ms Script
application/javascript 23.213.158.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079706286&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuO25_YFSQ6CXczYP5Gfhr4up05izBV5CR9iDcm_IQGDsWPitKEZ70HeA0uth5va4adGfvHGjD9H5u9AiDSEaNtFwuc20xsvI-BPXBlbtWRxCG5y-Tqhay1YMjdMSKoduHYX-R3GZZBXOFf_9A6M7X0nkRERFFGhU_Z8YgSxpYNg4XXUdYRQRPEaPR5B_yGfHCIgOk9lLeRLlzVmZ0uWIeNoVbjc3Ov81aK7JgbNMaynbPqAeB8zlSlT4wfHtgwZGo6dRPCyF9orSyBTbNjYoJG1ONFzO8mqkbhA5X4aT778n-1BBfyEMv5mEO05WkpoYc9W85UxTqkJD3d5SEVmrcU7NBoa82jYSzQKYNYYlxn2w&sai=AMfl-YQNEthLSll7a9WvtjS_KeOV_WMONvyV8-LQpeaAaJGyZGupzDy_nZjPX7JqwhwZZLjDyL_qrQF6aEoH454zn6jBbwCKjH2YX2LfaPKFVb9l-KXefX7TkLGeSDxCZln385FGCWsV6RXGlJCtZzyDn1I8_h9lWqt3IPISeIY&sig=Cg0ArKJSzBrm_qLjohvCEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=$$&ord=354767825&ifrm=-1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c5151b8cf46d2a6f145bed7ed4f04cc68aebcb3e53fac281810eaa53f89a6873

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:52 GMT
content-encoding: gzip
x-amz-request-id: 5QP1APS8N4X75NQZ
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 12805
x-amz-id-2: uy5m0cQrblHnx7BP2CCBBIvv89bmjAJzs8tLdC+hFgMn4gUQ4ZFQEOVqz1U4F4Jltkyi3Ei8/8Q=
pragma: no-cache
last-modified: Wed, 04 Oct 2023 14:16:50 GMT
server: AmazonS3
etag: "37a6d38869955594a397c114462564b7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: V_dUqX8ceOGYTHDz7s2a30WM-1H_95ORZwNfh3_qQ4Qda_vPlyCJDQ==
expires: Tue, 05 Dec 2023 15:12:52 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 299ms
184ms Image
image/gif 34.201.248.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=BOAG3SBpNSexDp9T5l&d=77.232.142.73.sslip.io&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11437&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2F77.232.142.73.sslip.io%2F&b=5427&t=DtO7muB5YMTABYLeByDGOP_3CQYcn4&V=141&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=600&sn=1&sv=KOT9lC38TvoBVe7KeBOKzW3B9hAn1&sd=1&im=06672fd3&_
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.248.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-248-140.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 05 Dec 2023 15:12:52 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 62 KB
17 KB 243ms
243ms Script
text/javascript 2606:4700:20::ac43:4842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=77.232.142.73.sslip.io
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b042c23be5b5e150218379e578528d0a541c63e10597ce9a42cbbb2a155205c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 15:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38ObmVAE8vGwNsns7KoeyXxmQVSVF9Hig4xju%2FarBKVxwliQ8l30qArV6r6RM17OVlZjEBVGFWG7YKKu0wMELdvnrSYP1sLnviG3KtEZC9DC6nPF62kEIsKmGo53MR8niww8WknA67fmfkjVBTij8RjX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 830d3ad8f8834c0d-MIA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
DATA 200
OK truncated
/ Frame CB4C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87543fa2d9397001d301dd39d680e349821fb8eaf9c95d13cc20c31435c58d3c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
dd.nytimes.com/js/ 242 B
626 B 166ms
57ms XHR
application/json 18.67.65.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.65.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-65-113.iad89.r.cloudfront.net

Software

DataDome /

Resource Hash

5919618016ecbf83fc96625ff3284bf6a25d1b87b6afc69b81408b804c1b21ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:52 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 242
x-amz-cf-id: I6W08gwzbvsZOcAmKwpGBh8AxUR6aggm0lyuNDbQki-spPNrud_F6A==
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 124ms
124ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 103ms
103ms Image
image/gif 34.201.248.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F12%2F05%2F113940_1_05vid-khan-younis-hospital_wg_480p.mp4&i=&g0=Homepage&u=DTwsm1r_rKByel28&t=C1CY80mJmi3CewcANCz0x4BN7Wue&x=0&y=0&V=141&VS=H5&n=1&b=5443&r=&_vd=14880&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=77.232.142.73.sslip.io&_pu=BOAG3SBpNSexDp9T5l&_pt=DtO7muB5YMTABYLeByDGOP_3CQYcn4&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.204&_vpt=0&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F12%2F05%2Fworld%2Fmiddleeast%2FKhan-Younis-Hospital%2FKhan-Younis-Hospital-threeByTwoMediumAt2X.jpg%3Fquality%3D75%26auto%3Dwebp&_vaup=man&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=600&_
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.248.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-248-140.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 05 Dec 2023 15:12:52 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 52ms
51ms Image
image/gif 34.201.248.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F11%2F26%2F113679_1_05Opdoc_wg_720p.mp4&i=&g0=Homepage&u=DTwsm1r_rKByel28&t=DrSvs_DQjXUFDUzT90eWU4iDz-HlB&x=0&y=0&V=141&VS=H5&n=1&b=5449&r=&_vd=16287&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=77.232.142.73.sslip.io&_pu=BOAG3SBpNSexDp9T5l&_pt=DtO7muB5YMTABYLeByDGOP_3CQYcn4&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s2&_vcs=0&_vbr=-1&_vvs=0.303&_vpt=48&_vaup=auto&_vce=0&c=0.01&W=0&R=1&I=0&E=0&j=20&tz=600&_
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.248.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-248-140.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 05 Dec 2023 15:12:52 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1 200
OK c.js Show response
collector.brandmetrics.com/ 0
188 B 260ms
75ms Script
text/javascript 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=77.232.142.73.sslip.io&rnd=3475890
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=77.232.142.73.sslip.io
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date: Tue, 05 Dec 2023 15:12:52 GMT
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame CB4C 0
230 B 309ms
61ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame CB4C 13 KB
6 KB 66ms
66ms Script
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=6752911237632913489&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&c=28&cn=display&pli=1079706286&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuO25_YFSQ6CXczYP5Gfhr4up05izBV5CR9iDcm_IQGDsWPitKEZ70HeA0uth5va4adGfvHGjD9H5u9AiDSEaNtFwuc20xsvI-BPXBlbtWRxCG5y-Tqhay1YMjdMSKoduHYX-R3GZZBXOFf_9A6M7X0nkRERFFGhU_Z8YgSxpYNg4XXUdYRQRPEaPR5B_yGfHCIgOk9lLeRLlzVmZ0uWIeNoVbjc3Ov81aK7JgbNMaynbPqAeB8zlSlT4wfHtgwZGo6dRPCyF9orSyBTbNjYoJG1ONFzO8mqkbhA5X4aT778n-1BBfyEMv5mEO05WkpoYc9W85UxTqkJD3d5SEVmrcU7NBoa82jYSzQKYNYYlxn2w&sai=AMfl-YQNEthLSll7a9WvtjS_KeOV_WMONvyV8-LQpeaAaJGyZGupzDy_nZjPX7JqwhwZZLjDyL_qrQF6aEoH454zn6jBbwCKjH2YX2LfaPKFVb9l-KXefX7TkLGeSDxCZln385FGCWsV6RXGlJCtZzyDn1I8_h9lWqt3IPISeIY&sig=Cg0ArKJSzBrm_qLjohvCEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=$$&ord=354767825&ifrm=-1&z=0&ccpastatus=1&gdprpurposes=847&rand=5147334761115634&vurl=$$https%3A%2F%2F77.232.142.73.sslip.io%2F$$&vurlem=3
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff2a10fd8e7bc72a6fcb57d064242ff8bd3b3c4894abec1fd8ebe9f9c858dfef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:53 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 5482
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 versionsOH.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ Frame CB4C 213 B
512 B 52ms
52ms Script
application/javascript 23.213.158.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsOH.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=6752911237632913489&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&c=28&cn=display&pli=1079706286&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuO25_YFSQ6CXczYP5Gfhr4up05izBV5CR9iDcm_IQGDsWPitKEZ70HeA0uth5va4adGfvHGjD9H5u9AiDSEaNtFwuc20xsvI-BPXBlbtWRxCG5y-Tqhay1YMjdMSKoduHYX-R3GZZBXOFf_9A6M7X0nkRERFFGhU_Z8YgSxpYNg4XXUdYRQRPEaPR5B_yGfHCIgOk9lLeRLlzVmZ0uWIeNoVbjc3Ov81aK7JgbNMaynbPqAeB8zlSlT4wfHtgwZGo6dRPCyF9orSyBTbNjYoJG1ONFzO8mqkbhA5X4aT778n-1BBfyEMv5mEO05WkpoYc9W85UxTqkJD3d5SEVmrcU7NBoa82jYSzQKYNYYlxn2w&sai=AMfl-YQNEthLSll7a9WvtjS_KeOV_WMONvyV8-LQpeaAaJGyZGupzDy_nZjPX7JqwhwZZLjDyL_qrQF6aEoH454zn6jBbwCKjH2YX2LfaPKFVb9l-KXefX7TkLGeSDxCZln385FGCWsV6RXGlJCtZzyDn1I8_h9lWqt3IPISeIY&sig=Cg0ArKJSzBrm_qLjohvCEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=$$&ord=354767825&ifrm=-1&z=0&ccpastatus=1&gdprpurposes=847&rand=5147334761115634&vurl=$$https%3A%2F%2F77.232.142.73.sslip.io%2F$$&vurlem=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
content-encoding: gzip
x-amz-request-id: 40MN5ZKTQ1725BMD
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 126
x-amz-id-2: ljb+KaZnFC7fcZJA8CplkeoEYnRLSigdaYgE3I+kqjJTQeKdnSzVTYdme7kFHVvCAEBtnw38d/I=
last-modified: Thu, 23 Nov 2023 13:38:49 GMT
server: AmazonS3
etag: "e8788c87ad1f5db307887d64bba4d2f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1549560
accept-ranges: bytes
x-amz-cf-id: dcmhFEZI5RdKmXDl_Y8Vu67a4zgKDS6P5o3FYs94qEP7lZDuY3ZdBw==

GET
H2 200 ebStdBannerEx.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ Frame CB4C 287 KB
79 KB 51ms
50ms Script
application/javascript 23.213.158.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8786c098be3119f8fcb55fe7ef6641016f7a44fb4b4540962e4a06ab2d0d1fd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
content-encoding: gzip
x-amz-request-id: JJT81VQF6F48ZE5C
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 80973
x-amz-id-2: yWVvEj8isYl3VL4+j1rF2v7R4oJNCZ6aje4+GG/Rowe2UtXrXJw4XeaC5OXje6RZe8xHh0lRaWM=
last-modified: Thu, 23 Nov 2023 13:31:08 GMT
server: AmazonS3
etag: "64dc88a593087285718d16c889035643"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1549170
accept-ranges: bytes
x-amz-cf-id: PBSN6OeKmj_6pKPsWxwVRLoTG330z6aQYKp-bBTMc-E89Kbje96i_A==

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/ Frame CB4C 7 KB
2 KB 51ms
50ms Script
application/javascript 23.213.158.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
content-encoding: gzip
x-amz-request-id: QCNS82GVYFBGDZAE
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 1951
x-amz-id-2: 37QrxweEtiURZEeRL1gZ+i0pr43vY8XWdsBZ6Tyz/in1bpDe3Qr5rQKo+epAm4n/4SI7P2W4BYc=
last-modified: Thu, 23 Nov 2023 13:31:14 GMT
server: AmazonS3
etag: "3470a076f0022d50a41874998110932e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1549140
accept-ranges: bytes
x-amz-cf-id: 4hMKH9HR7MLsnQL63-FSb3VZ_gjV6QPz30OyXOkPvQuucr2dmhwDFg==

GET
H2 200 SafeFrameVisibilityProvider.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/ Frame CB4C 5 KB
2 KB 51ms
51ms Script
application/javascript 23.213.158.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_117_0_0/SafeFrameVisibilityProvider.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: faa721d01c4b87ec47e7599e746cbd8084a4388759aa382f5ce0c2323d165117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
content-encoding: gzip
x-amz-request-id: DCTV83YT0XZFK100
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-length: 1671
x-amz-id-2: ocq0AvfSKZiFseA7C6QOtfBa7HnWLN04hBnq51/NtptFjSaG/VS4MedYkbYOPU5n+ZLedV+WzB0=
last-modified: Thu, 23 Nov 2023 13:31:14 GMT
server: AmazonS3
etag: "c6497d3cfc8448a3f556f5ffbdd68a09"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1549434
accept-ranges: bytes
x-amz-cf-id: 2Q-Sc-t-bi-c5OtFYQylOjWN_FzyD0XKZRUOHZDJOH8FYgrWHKPrPw==

GET
H2 200 p Show response
sb.scorecardresearch.com/ Frame CB4C 43 B
300 B 51ms
50ms Script
image/gif 18.154.227.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/p?c1=3&c2=6034961&c3=1074650913&c4=1091716420&c5=1079706286&c11=144389&c12=&c16=siz&rn=6664055117069147587&ccr=1&gdpr=${GDPR}&ns__p=6752911237632913489&ns__t=6752911237632913489&ax_pid=&ns_ap_pn=&ns_st_ct=&ns_st_ep=&ns_st_ge=&ns_st_pr=&ns_st_pu=New%2520York%2520Times%2520US&ns_ad_pcd=15&ns_ce_mod=1&ns_ad_event=load&gdpr_consent=${GDPR_CONSENT_77}&ns_ap_device=
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-100.iad55.r.cloudfront.net
Software: /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: vQEXB6E-Qf4A3EpurnQJGKJB86T5hameEpbxlMJnUcHuYNXNeiTLOQ==

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame CB4C 9 KB
4 KB 184ms
54ms Script
application/javascript 2600:1408:c400:29::17da:da4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=10741356&cmp=1074650913&sid=144389&plc=1079706286&num=&adid=&advid=&adsrv=115&btreg=1091716420&btadsrv=serving-sys&crt=1091716420&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_126}&tagtype=&dvtagver=6.1.src
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bf250697617872399097b4e9995257cc5482c87337fc5105a635f09f56ca87ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:12:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Dec 2023 11:45:51 GMT
Server: UploadServer
ETag: "a94d9b3cb0e1c2d6af7cbb267c7aa3c1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Tue, 05 Dec 2023 15:27:53 GMT

GET
H2 200 EN_H2'23_PawstruckRefresh_GCA_LearnMore_970x250_Other_82608975399355485.jpg
secure-ds.serving-sys.com/resources/PROD/asset/1073745987/IMAGE/20231002/ Frame CB4C 67 KB
67 KB 51ms
50ms Image
image/jpeg 23.213.158.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/1073745987/IMAGE/20231002/EN_H2'23_PawstruckRefresh_GCA_LearnMore_970x250_Other_82608975399355485.jpg
Requested by: Host: f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
URL: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.68 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-68.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2989f6d70f65d2d1cac414b00f859355d689ef5fff17949ecd3c7d45cd8623d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Qo4d3cToCBSuXqrzY2rk4KzsUyzgLJcJ
date: Tue, 05 Dec 2023 15:12:53 GMT
last-modified: Mon, 02 Oct 2023 20:00:15 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P1
etag: "3b0adaa3eb3d788e053dc6c2d5a256b9"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 68202
x-amz-cf-id: E5uCK5_bbE-BpYGi3tmb9Fw5fNN4NgUlcJL_m34XisNHRdI-lqvXFA==
expires: Mon, 31 Dec 2035 00:00:00 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame CB4C 0
230 B 73ms
73ms XHR
text/plain 18.189.152.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.152.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-152-57.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame CB4C 24 B
629 B 64ms
64ms XHR
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=6752911237632913489&ai=1091716420&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&oo=0&clsrc=2&clbv=_2_250_3_0&gdprpurposes=847&dg=1078066844&sdg=1079430031&ctick=120&ord=0.2186330721184444
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame CB4C 0
499 B 64ms
63ms Ping
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1091716420~~0~~1078066844~~6752911237632913489^VsR~0~0~01020~122^VsRAg~0~0~01020~122^VsRAd~0~0~01020~122^AdStart~0~0~01020~123&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&rnd=0.5758047345652229&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK dv-measurements5072.js Show response
cdn.doubleverify.com/ Frame 9C1B 431 KB
102 KB 58ms
58ms Script
application/javascript 2600:1408:c400:29::17da:da4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5072.js
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f073f3730259e38ca45ddde045ab2137a227d7b3c0623382be1f8c9cbbc94d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:12:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Dec 2023 10:19:12 GMT
Server: UploadServer
ETag: "faa213dafea845a0d64495105f4c3a5f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103795
Expires: Wed, 04 Dec 2024 15:12:53 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 52ms
52ms Image
image/gif 34.201.248.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=BOAG3SBpNSexDp9T5l&d=77.232.142.73.sslip.io&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=11437&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&PA=https%3A%2F%2F77.232.142.73.sslip.io%2F&b=5427&t=DtO7muB5YMTABYLeByDGOP_3CQYcn4&V=141&tz=600&_vi=&_vp=https://vp.nyt.com/video/2023/11/26/113679_1_05Opdoc_wg_720p.mp4&_vdd=video%40nytimes.com&_vs=s2&_vt=ct&_vap=&_vtn=&_vd=16287&sn=2&sv=KOT9lC38TvoBVe7KeBOKzW3B9hAn1&sd=1&im=06672fd3&_
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.248.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-248-140.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 05 Dec 2023 15:12:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 9C1B 699 B
731 B 139ms
66ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?flvr=0&ttmms=142&ttfrms=23&brid=3&brver=119.0.6045.199&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauff%5Daba%5D%60ca%5Dfb%5DDD%3D%3AA%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauff%5Daba%5D%60ca%5Dfb%5DDD%3D%3AA%5D%3A%40Tar9EEADTbpTauTau7f75e3ghha37_e2%60h2f45hg73_53%60fc7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2050&ddur=184&uid=1701789173771702&jsCallback=dvCallback_1701789173771153&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5072&tgjsver=5072&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Ff7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=4&brh=2&dvp_epl=253&noc=4&nav_pltfrm=Win32&ctx=10741356&cmp=1074650913&sid=144389&plc=1079706286&crt=1091716420&btreg=1091716420&btadsrv=serving-sys&adsrv=115&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_126}&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=5250854723.077171&ee_dp_sukv=5250854723.077171&dvp_tukv=2078696380.106999&ee_dp_tukv=2078696380.106999&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=409053171486&jurtd=4232224129
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5072.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 113f85847f50ac1b7fa013877dc6c3c4c18e4557d4df12aaa0110c8aa1740f43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 15:12:53 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/04/2023 15:12:53

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB4C 0
0 114ms
113ms Fetch
image/gif 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0dyjEzEnSpb8eOydMDtAlOfivBA0-J0qTVLwEPa5ijeq7FqTPZZysGFEyhuAN-9MDNX9AUCFcYS7W9g_cwQtg3oHj9_6Np4nV1RJF2Dpvou7NuwLi0q5KdEmQhcaTfKkPxKm0s0eXGnxkuavK9X-ANicQHEW94FD1BUWzSt5OQy1VpF0NZp7VsVF3elFno_TxK3kRO5bpy9KBd3mYlbxVnLe1aiw-HBBTHTAcVA1or27j6mCaI0pFrLR2gYPR1D94Az0ivRTVo4T6AhacdM31n-9LVQxQpSECo8gWrhuppoG37YyZXaXMFo4yQI4XfExVvygItdwV3bN4LQWVPkPr2Lv4-Y7us6sAboflnfJiw28wV4X-&sai=AMfl-YQ4-qCn-FXfsDIqyOIfcmUqxghjs1YlZqoL3vgRKb3OV4EZahYwSLjVSyzYlMp9n0uuFUfzFr5-utUZvUC4AvqeeKCU6aspaeBHT-uClk_VGn16H8HZTMX2SrH_SE7e2NbrV5xn19wd-7vnQgQ8GYStTZQmcPkpVvZtnvU&sig=Cg0ArKJSzGL6a-_YEhICEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 15:12:53 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame CB4C 0
406 B 64ms
64ms XHR
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1091716420~~0~~1078066844~~6752911237632913489%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~521$$&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&rnd=0.14595962217592384&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame CB4C 0
406 B 64ms
64ms XHR
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1091716420~~0~~1078066844~~6752911237632913489%5EAdParams~ifr%3D2%26loc%3D0x0%26size%3D970x250%26cb%3D0%26env%3D0%26vsbp%3D2%26bi%3D-1%26idx%3D1~0~01020~522$$&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&rnd=0.279325164103968&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 .status Show response
a.et.nytimes.com// 0
0 71ms
71ms Fetch
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept: */*
Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
75ms XHR
application/json 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e067098ff4848cf94ddf1838a24a05a8cd0db2a6dfb5138f195cf7aabfab91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12190
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 105ms
36ms Script
application/javascript 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c31214e8a4c355803486b0181e2d2e47d03d66f584b8de9d3bed3013c5335d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:54 GMT
x-amz-version-id: 5v81KhI_heEWnXK4p13AYwiWrSxlAAXR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: T0Y58QEQQY3WZC78
age: 531
x-amz-server-side-encryption: AES256
x-amz-id-2: ZxQFMHHSh3mmnhDNoEavJkwwdS+n8Kvs0PgYMpqfqUNi43ia9pGYRjnYMZrgDqch7OEapnN5OQ0=
last-modified: Thu, 30 Nov 2023 17:58:27 GMT
server: cloudflare
etag: W/"6fd8c0d9c79a14080171d5ba1ea3e510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE%2FLGCSB6RtaQpqzEcpZSAkTa26aJAJ2gaokASqlW8H1DWgkbT8yEmvGUr9FvyQowwtXTHH9ycL13G24Xx14SmNVar2VJk%2FxQINmFCfwqPLcsiyTtBTDXCh6ZBtMvnw6rJ9DGyNHE2PB4khBA2dlKTSv%2FCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 830d3ae1bd860a2e-MIA

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain

https://sb.scorecardresearch.com/c2/3005403/cs.js
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

0
365 B

49ms
49ms

Script
application/javascript

18.154.227.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol: H2
Server: 18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-100.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:24:45 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:36 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 38890
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 35nKcpoV1iDTgpFxrYNOsGSSKbMm5nXK3mxW5nwsmZfpM83xNPKS8A==

Redirect headers

date: Tue, 05 Dec 2023 15:12:53 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
location: /internal-c2/3005403/cs.js
content-length: 0
x-amz-cf-id: Hro1hRqI1epr1DEaivJNjQRfi0V18rU9A4KfNsL-gvk3tesC_awVfQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 15:12:54 GMT

GET
H2 200 match-prod-eb0e5d28cbc017a01544.js Show response
platform.iteratehq.com/ 87 KB
30 KB 37ms
37ms Script
application/javascript 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-eb0e5d28cbc017a01544.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed96b31d7a723d21390ca811bb1d85a75ccedd5983ab4cd275fbd0f90da6ec32

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:54 GMT
x-amz-version-id: dxRnnmrtj4ab1r.oYsSwYzuwnDwf1bkv
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 3NCCK1ZM1WD2A5MC
age: 371841
x-amz-server-side-encryption: AES256
x-amz-id-2: GVEgKeCu9PFsO6bLKBG8YB7RBa5Gn7SRxTg9fGSpUu+QxbikE2M8xGpEyIGpuGXDUb4INU6cCT0SQ4vmeA1j0A==
last-modified: Thu, 30 Nov 2023 17:58:23 GMT
server: cloudflare
etag: W/"dd5add533a4550d28a0e1917410cf507"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hH1fG4LC17ZUb9TqU%2F20jIIhgOYDOpZv8Jy0i0i8zdLC2J%2F%2BZd9n8OO0JPdE2FXkBxL4ZtgKsZmQWqIiyWMbnBRNzRGOaqcRW0ooiItDUQHlb4aN5aSgWGAwLXQ0bTWwf8uUrfyGUOesDA%2FKsTcNgl8MLAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 830d3ae1fdd40a2e-MIA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D17 13 KB
5 KB 73ms
71ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77.232.142.73.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 14:35:04 GMT
expires: Wed, 04 Dec 2024 14:35:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D31B 829 B
1 KB 203ms
74ms Document
text/html 2607:f8b0:4004:c08::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::69 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c46accc884e998008b1ad0548e906a4a4a5afb6addde97daeeb3565993a412d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mP4BqkXSxAlyYvlHvTXkmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://77.232.142.73.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mP4BqkXSxAlyYvlHvTXkmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:12:54 GMT
expires: Tue, 05 Dec 2023 15:12:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 2 B
296 B 60ms
59ms Fetch
application/json 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:12:54 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPY%2BYvII4l71Gtyn9Lif75DTDpt4GqE%2BN0iWftBkhtK%2F5wROd8uA9P2%2FddN7VgmbKO01YsopuYkUXseiVKm%2FfDm1eqwWzQz6UAkmullbKkavbLEU146OBSUHvyRawPndo4LDiU13n%2F8yC20%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 830d3ae32c9b25be-MIA
content-length: 2

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 134ms
66ms Preflight 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://77.232.142.73.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 830d3ae2bbe025be-MIA
content-length: 0
date: Tue, 05 Dec 2023 15:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfsJpfniMN3BOqZmWVmirM8U0xUqhN8kIaIM5gK0rLJYblUWLFbKFUegt2AI99ACzwYB6xW6XDGmwuTJIG2YieFPU5Yct6RQ97ZOVDw2cq4oZ49O%2F0FdKCmoa6ix3RwnjV2r2cuzQ5lAWm0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D17 39 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 14:03:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D17 0
10 B 54ms
54ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wll2LA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:12:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D31B 0
0 112ms
111ms Image
text/html 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=1657620171669154&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

pd
nytimes-d.openx.net/w/1.0/
Redirect Chain

https://nytimes-d.openx.net/w/1.0/pd
https://nytimes-d.openx.net/w/1.0/pd?cc=1

43 B
202 B

53ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://nytimes-d.openx.net/w/1.0/pd?cc=1
date: Tue, 05 Dec 2023 15:12:54 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=4bf46c6b-d4b0-426a-b027-3dbe721f856b&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

55ms
55ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=4bf46c6b-d4b0-426a-b027-3dbe721f856b&dongle=0cfd&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 05 Dec 2023 15:12:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=4bf46c6b-d4b0-426a-b027-3dbe721f856b&dongle=0cfd&gdpr=0&gdpr_consent=
date: Tue, 05 Dec 2023 15:12:54 GMT
server: Kestrel
content-length: 251

GET
H/1.1 200
OK cksync.php
cs.media.net/ 52 B
640 B 154ms
52ms Image
image/gif 23.47.64.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.64.23 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-64-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 15:12:54 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 52
x-mnet-hl2: E
Expires: Tue, 05 Dec 2023 15:12:54 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame CB4C 0
507 B 63ms
63ms Ping
text/html 18.218.135.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1091716420~~0~~1078066844~~6752911237632913489^VsIAB~0~0~01020~1126&usercookie=u2=353c6f61-e1c7-47a6-ad93-a4602826c12c&rnd=0.12335294358576476&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_250_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.135.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-135-175.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 60ms
60ms Preflight 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://77.232.142.73.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 830d3ae578c625be-MIA
content-length: 0
date: Tue, 05 Dec 2023 15:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6flgRA%2FaiXcw3ndTh5vieQAiYkEwCmfvy3UQPU11mGTwpMaHhxTSztQAIrDwodZapJeeK82Mr0c7xEBqq4%2BCUnTm%2FwFntCqi8J7K61BkTkrM55BxPicjuGZNtMHDtKz09Om9Vfcmfv7cTk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
348 B 62ms
61ms Fetch
application/json 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:12:54 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrxllZC3ntlv32c5E%2FHTla%2BXfNwVYpTBaHsbq3vxx4yv2uVROAcI2z0dbBYRIfP343laJ7D6gJT%2F1F0gxTIm92ziwy%2FAaHMPcEyafMKGiTBea9DApPODXEdHa2HMrw8YeA44rzEdKMDXNs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 830d3ae5d97725be-MIA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 112ms
112ms Image
text/html 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=1657620171669154&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOJ4Hm0ZYbdK3_NL7xe92z5LOiMao2MB1X9WF-MPh1-j6ke_d4baFefPCaBV73zy9AgAAAExSAAAABGgBB5kCxmFZUohQW93jVhK8xeyMJ7RO6AVpgxb2qiJsaG7cxfA78ztdW8w6AQf9pbfh0kmU2av2J4sY4hvY89BiWsvuwT7blngFSajGydyFWv_ISgHTdwzUl-ndlcE2UVoqDbId2jO2mhnmi8K-EQXEero6RX_8BXwn90Ox5tdpXrgzEYCqqxIIhFGwJ0vvfas3H8PVrOZoc3zrHG-uobj2hETXgsIqiOUs6rE7VPNn4FILEOfSVO8r84QVDygIvbEEv3syOE-t8jFC4LYPGLIp4lFfvomvaw5Jii_UPUlR6r4jzsyuxHBefKsJ_Ipv24-177GdV7-EdnuU1cZwdRgm9OwquEeOy5y42om73koo6p1mkDyExxLLHrDah3Iv-pwY1CUjy0VbtBD3k2lRERfMoryOo0RR_JDUmk9zzHgVNaSdzGb88vc7OnYHG0xoJsHHwz2oi3eVMJrBlRK_Bk3mXkUTUs_JcFsF9CnYzuHXucKUlnxb9KeZ2I77pD5rv_KafCSHeOvyYhUlLI6XItV7MUn1ZKWklW4lkRz4eAWa4LgNDSOxfpOXUyNGApXVZPCZfkaL8CcpgfT7DNqc_bTeXZIv7drJcvolI4g28SZyt4VWhl47RDgAnAI8QVT7u6gQySUOtIQn5ltlfLqDiwAaBaF6RlIx7CHknMhlm7CSmI354b2rviugGQ4RIR7pXHvmBz8oTKNeCEbZNEbmSisoFdapo31qO0A4odickvcJ6Nt3DzNX1n6eEFqLalDr7t22_RtABERnyFByzzcSCDtLAIL6n54xZDe4T8s9slkzKOA4UXzBRvgWNW0Dt-P1FJnLQOHq7BPl5SRw6ZjwsjvSelb3lPNH4dYut9eufb8cH589B4v4wLb_s-JklJKQSXMcpT3gvQ76mMXRZF2mDj_-VlzXBT1ZAxgtgdRjE-ThgdCE2bLOdjRqdcgW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://77.232.142.73.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB4C 42 B
64 B 114ms
113ms Fetch
image/gif 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOvzm7rByqMwnE9wROrQxZmmMOKZX9bPQMqG_ABJ0_jWqTOg0Ss-6li9CHdyeKzj-51Tuoaxknqj2kMguBNVvGkgsEjsgaAWbWWsCJFRKBsJnWn7oklur_VW0cgIFGFSbove6VSuSdkw&sai=AMfl-YQDy9e0bPDETWQG-3lIgJ2wsr43rywZnoeCCuOQjN3-sXnegO4&sig=Cg0ArKJSzDL8kPy4cUhoEAE&id=lidar2&mcvt=1000&p=15,315,265,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2496155832&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701789171374&rpt=2549&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 73ms
73ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: 77.232.142.73.sslip.io
URL: https://77.232.142.73.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://77.232.142.73.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 9C1B 0
345 B 112ms
52ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=eae93a30c2ee44dea55e2808de8a62d9&flavor=0&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT_126%7D&ee_dp_cadl=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=140&eoid=17&te_exec=0&msrjs=5072&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=184&tetms=9&msltms=119&vltms=140&sei=290&vetms=5&tuviims=165&tuviems=310&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=262536&msrcannum=3&ee_dp_tmads=2269&ismms=39&isumms=38&nvr=6&isgmmims=39&isgmv4mims=39&elmtp=6&isbxdms=2239&b0=100&b11=2208&adhgt=250&adwdth=970&norwdth=970&norhgt=250&vsos=13&dvp_vsosnmr=16&lftb=2308&sftb=2308&msrdp=0&naral=262272&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1039&isuiabvms=1039&isgmpims=38&isgmv4dpims=1039&ispmxpms=1039&engalms=37&dvp_dpr=1&vstsz=737&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3178
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5072.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 05 Dec 2023 15:12:57 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-04T15:12:57

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: purr.nytimes.com
URL: https://purr.nytimes.com/v1/purr-cache

Domain: a.nytimes.com
URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1701789170541&referrer=&sourceApp=nyt-vi

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: meter-svc.nytimes.com
URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2F77.232.142.73.sslip.io%2F&referer=https%3A%2F%2F77.232.142.73.sslip.io%2F&pageviewID=dVyjP73O8PYPY5oHZBU6ihnh&MessageSelectionAPI=real

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 18:52:45	Name: sync Value: CgkIOhDHlqjUwzE=
.nytimes.com/	1970-01-21 01:28:45	Name: nyt-a Value: 8CKO0osoOTgP9Rio9C9z4INo
.et.nytimes.com/	1970-01-20 16:43:10	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-21 01:28:45	Name: sessionIndex Value: 1\|1701789168682\|8CKO0osoOTgP9Rio9C9z4INo\|1701789168682
.et.nytimes.com/	1970-01-20 16:44:35	Name: et-ppvid Value: https://77.232.142.73.sslip.io/=dVyjP73O8PYPY5oHZBU6ihnh
.openx.net/	1970-01-21 01:28:45	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-20 18:52:45	Name: tluid Value: 3674008652837151363175
.scorecardresearch.com/	1970-01-21 02:19:09	Name: UID Value: 18Bce588db10e8d3e54b4fd1701789170
.rubiconproject.com/	1970-01-21 01:28:45	Name: khaos Value: LPSHC096-25-3SOZ
.rubiconproject.com/	1970-01-21 01:28:45	Name: audit Value: 1\|mFVHqHkj5bHwkY8upV9yYKS5Bv7H1ouoxdnNVF8ci153P6ESP+XTHSIQSgniicklmArA1sytJutE3H3yf5aprja2lsM6kgczzG6FmltYou3fIVdH04xH5r7FQD2yB//h40Qpx8nGAQE=
.sslip.io/	1970-01-21 02:04:45	Name: __gads Value: ID=b278860c3dbbeb6a:T=1701789169:RT=1701789169:S=ALNI_MYTjTEkuKI7MmywHULRQ4RhUNacXg
.sslip.io/	1970-01-21 02:04:45	Name: __gpi Value: UID=00000da63310e854:T=1701789169:RT=1701789169:S=ALNI_MYF2FIumjO6r4VW94NOJxN3QXE1IA
.sslip.io/	1970-01-20 18:52:45	Name: _gcl_au Value: 1.1.1355168077.1701789172
.doubleclick.net/	1970-01-21 02:19:09	Name: IDE Value: AHWqTUl2AGgxTBPILZtCBKV_jhv8ShWm-OVdMwCo1tM2_aWSugGG-mi-QVWOSkf9MaQ
.sslip.io/	1970-01-21 02:11:57	Name: _cb Value: BOAG3SBpNSexDp9T5l
.sslip.io/	1970-01-21 02:11:57	Name: _chartbeat2 Value: .1701789172482.1701789172482.1.KOT9lC38TvoBVe7KeBOKzW3B9hAn1.1
.sslip.io/	1970-01-20 16:43:10	Name: _cb_svref Value: null
.sslip.io/	1970-01-21 02:11:57	Name: _v__chartbeat3 Value: DTwsm1r_rKByel28
.77.232.142.73.sslip.io/	1970-01-21 01:28:45	Name: datadome Value: Jn78hisfZdAlEGRGHCz~fXFzi4gOOkgcsPoaFCa4E16Wgmi_7thAESaLtpWpPqYKoHfhxb5pp1aHMBK6V7pmM9qfaaUfIHDb96xMDxh0TL33nmXl6pp2eYGqe6QCN1w1
.serving-sys.com/	1970-01-20 17:26:21	Name: u2 Value: 353c6f61-e1c7-47a6-ad93-a4602826c12c4PM07g
.serving-sys.com/	1970-01-20 17:26:21	Name: eyeblaster Value: RES=32
.serving-sys.com/	1970-01-20 17:26:21	Name: A6 Value: 114Al4zZVM1007f900001zZVM
.openx.net/	1970-01-21 01:28:45	Name: i Value: f19c663a-db8d-0c90-2afc-b0a557cbd0d3\|1701789174
.media.net/	1970-01-21 01:28:45	Name: visitor-id Value: 3447907741523501000V10
.adsrvr.org/	1970-01-21 01:30:11	Name: TDID Value: 4bf46c6b-d4b0-426a-b027-3dbe721f856b
.adsrvr.org/	1970-01-21 01:30:11	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCPqNyofW67o8EAUYBSABKAIyCwimhIe07Ou6PBAFOAE.
77.232.142.73.sslip.io/	1970-01-20 16:43:10	Name: _dd_s Value: rum=0&expire=1701790068157

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://77.232.142.73.sslip.io/(Line 269) Message: Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://77.232.142.73.sslip.io/(Line 269) Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://77.232.142.73.sslip.io/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://77.232.142.73.sslip.io/ Message: Access to fetch at 'https://purr.nytimes.com/v1/purr-cache' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://purr.nytimes.com/v1/purr-cache Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://77.232.142.73.sslip.io/ Message: Access to fetch at 'https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1701789170541&referrer=&sourceApp=nyt-vi' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1701789170541&referrer=&sourceApp=nyt-vi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://77.232.142.73.sslip.io/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://77.232.142.73.sslip.io/ Message: Access to fetch at 'https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2F77.232.142.73.sslip.io%2F&referer=https%3A%2F%2F77.232.142.73.sslip.io%2F&pageviewID=dVyjP73O8PYPY5oHZBU6ihnh&MessageSelectionAPI=real' from origin 'https://77.232.142.73.sslip.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2F77.232.142.73.sslip.io%2F&referer=https%3A%2F%2F77.232.142.73.sslip.io%2F&pageviewID=dVyjP73O8PYPY5oHZBU6ihnh&MessageSelectionAPI=real Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://sb.scorecardresearch.com/p?c1=3&c2=6034961&c3=1074650913&c4=1091716420&c5=1079706286&c11=144389&c12=&c16=siz&rn=6664055117069147587&ccr=1&gdpr=${GDPR}&ns__p=6752911237632913489&ns__t=6752911237632913489&ax_pid=&ns_ap_pn=&ns_st_ct=&ns_st_ep=&ns_st_ge=&ns_st_pr=&ns_st_pu=New%2520York%2520Times%2520US&ns_ad_pcd=15&ns_ce_mod=1&ns_ad_event=load&gdpr_consent=${GDPR_CONSENT_77}&ns_ap_device=' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
77.232.142.73.sslip.io
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax.amazon-adsystem.com
adservice.google.com
als-svc.nytimes.com
bs.serving-sys.com
c.amazon-adsystem.com
cdn.brandmetrics.com
cdn.doubleverify.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
cs.media.net
dd.nytimes.com
eb2.3lift.com
f7fd6b8992bf06a19a7cd98fb0db174f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
g1.nyt.com
ib.adnxs.com
iteratehq.com
lm.serving-sys.com
match.adsrvr.org
meter-svc.nytimes.com
nytimes-d.openx.net
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
prebid.media.net
purr.nytimes.com
rtb.openx.net
rumcdn.geoedge.be
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
sentry.io
static.chartbeat.com
static.nytimes.com
static01.nyt.com
static01.nytimes.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
vp.nyt.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
a.nytimes.com
als-svc.nytimes.com
meter-svc.nytimes.com
purr.nytimes.com
samizdat-graphql.nytimes.com
13.32.195.219
142.251.167.148
151.101.1.164
151.101.193.164
18.154.227.100
18.160.10.20
18.160.53.102
18.165.97.179
18.189.152.57
18.218.135.175
18.67.65.113
20.40.202.2
23.213.158.68
23.47.64.23
2600:1408:c400:29::17da:da4e
2600:9000:2009:e600:4:b37b:9440:93a1
2600:9000:24f3:1200:18:1fcd:353:c61
2602:803:c002:200::52
2606:4700:20::681a:6e5
2606:4700:20::ac43:479c
2606:4700:20::ac43:4842
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::69
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::84
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::9a
3.85.72.59
34.117.228.201
34.120.63.153
34.201.248.140
35.186.247.156
35.227.252.103
35.244.159.8
35.71.131.137
35.71.139.29
52.3.42.214
68.67.160.75
77.232.142.73
007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
067dd55db0d6962a9cacf4458f263cb3d3b60ecd1ddbee3ee61b76f6d334a43b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0c5e21942319101bf1d72c86fb459b35d01ff2a1bb738b69c4b18f1142ae7047
0e067098ff4848cf94ddf1838a24a05a8cd0db2a6dfb5138f195cf7aabfab91b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
113f85847f50ac1b7fa013877dc6c3c4c18e4557d4df12aaa0110c8aa1740f43
11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7
12759d4e12d5eaf09a8179847ba96ad0cfdf501436a4b02e1be5673e0f70e3c6
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
16f777d742c10555e5be93a81704dab0c0f1335e0644acf7284ad63353736e87
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d
1d5f9181445c7bb4eaec5050d684a4fd60322a2d3525a5efa7d6758d72cb058a
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2989f6d70f65d2d1cac414b00f859355d689ef5fff17949ecd3c7d45cd8623d5
2d3087eafbd759252555a1aadbdbec114635b61ea11b97359be3e0e3b1ee768c
2ded6ccf52893dda8d7ff261b54805bf7a6d9a225d44ceca138c4295c57d742d
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
312d06b02ee73b0b9beff34fb8daf1d474d0bb108c7e666618e6409d189e86b0
33041509879c4e1f1d76b794bb49776f5e145528ee2e8bf4c862b3965a407cbd
3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72
352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d
3c3c13194c6c71c88caa744e75cb7b41614b36b1faf204205f32509b989be0dc
3d8e58df62968c240644607b1a995822a29a8b075e73dfd7d86ae32b7bf77f5f
41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14
433645c2edbaae87bfa0a5edfd80e072239ba3c45912335eeec9395fa26a085d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45f2478634f0a55c545adcee6508cbfb0f270c805f0adba7002359640629bcaa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49ccefb9503154dbd0865413a69cc48e01f4fce91e7d752c767f1fdf4fef2df6
4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a
4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219
4bf8173ae3d6d3ea2f80e93888d6488c84ce54917798d9a95ad371911e16a35b
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4c9d57a85152f46024d071b0d1b211f8a77b974a8d24eff62aa4416f61fed675
4d06930b4d241cd67ed6a876b4882fba116942de3f5895dbee2507f229b00f98
4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
527f34e008b04f5bbaa36980e2c8cc137fb438ea04776b6b122989ae7c343e3f
52c60926de4e2ecac39a3cd11b1808c425a84bd32e5b76aa0551be74a03ffdbe
5527b3bfb6a0984124744e53c76fb535d08dcfc5456c5ca6a3e3200e2cac5934
559bdd296b5fed626f9dc30c00e521cd4615ad6ecd4fee7c44aeefc811f26cfa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5919618016ecbf83fc96625ff3284bf6a25d1b87b6afc69b81408b804c1b21ad
5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292
5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a
5ed9e9f81abee651d7645c6ae932a099ff7595eb893df2bd66306c818adf5a39
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5fe30b386a7b85303cb8594ccc6800c2f39c3c259b740c4cf293d574692d5d96
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e00af43f2239484c6f03cbc6ab7a28eff6fc57d70a545ded6df1fcc0376e07
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3
640a9138e66deb5b745997e8dbe0be6e4c32d82da5710f9cea8afb0bee2f3bbf
644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb
66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec
6c4292170e3a6414649ff3e4e98c782ebb8427a8d23d4e317279e0aeb4406423
6cc0178b8ca392cc49340d87e0b2b5f24cba5c6d801e2b4946c44fe8d23b50cf
71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a
75c31214e8a4c355803486b0181e2d2e47d03d66f584b8de9d3bed3013c5335d
79529a2945de9cc11ff34ae0c0bc488a9b2a15b7aaf5f5cce0f882a780b55261
7abe7bfc0d767c223684661979c9b41a4e4ba77813efa43270529f99e4ebe20d
7bdd0466cd3076b12e5fd0acff9f41813dcf842fbde133378e1a423a06c76ba4
7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1
7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6
7fe6938f44d003522e4c6eff862812374d77917e2d0b62e1c34d734144522e01
8071309f9ce3b8f01a3e0770d688dd5d207eb803f975779044a33d3089e3674b
832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32
87543fa2d9397001d301dd39d680e349821fb8eaf9c95d13cc20c31435c58d3c
8786c098be3119f8fcb55fe7ef6641016f7a44fb4b4540962e4a06ab2d0d1fd8
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b84ebfbd15694400df12827c578baf3e0d64b86b13222a7d27a536e236dcb6c
8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24
8c694c3ebb00c51516524d727fe3b1794a8b4092acd285afd8d3dee3fab12654
8da6af9b0e159c31ba6f147d1860eb909dbe66e6c5aa6e166a27a599c9c84473
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8f66b8f5b06c02a6d9aee173c75069f4a6e5ac77a8b7837fc435bbde9c8d1474
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294
953192b9e145dcbca57f6ca6b4fcb6d09ddef65bfe957b4859d7ac4946381e42
985aac7d49c194276a9409a009e38ec2c82f3f607c26b9358b23d48ed004c284
99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9b0aae6af0529251d6db6968292907b278cf618cc3b224fda95d8d5f34bfb24a
9b1a5a94782d648867891bf6c4fc2fd590fde78b585eb1640c07dc5934ff6e4b
9c001ca5085ba2522e49502c2caba5a75540eeee58e58a88ab1841e462b20440
9cfd9b2c3186ce746948caec4d2f0becde518e6684d210d23eb449004ffc261b
a0365dfca833ce1c9f906aaf36389e310bef344be65e46adf2fe5afca7063116
a1368e29fcceec498d895340ebe63679293284987d1e2be337b836cd17456e90
a35fe7d6b08af18c58edcc3cbdca8814433b03be5d32ed033d3ecdae80944bd2
a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290
a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914
a742a2af7c3bd1cab7c1cd0bddb1026dba2abb8c0b80f14c881a034854db962b
a79b0d41335a1e325af898d3d59f0a69cc6e2098b8aa73ed1b185865c8c31914
a9f21c60be8fb551480e9bc275e0e5707af6c5dcbba52a93faee9edc7df0c7c0
acfb49b19dcaf7ffbb9aa42fec4b76f7533a12418bd8e10e568d815dfd74a7e5
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
ada2183539d0cba0a3b1d16e47381c87756783632fe41cbab60553be3189e595
b042c23be5b5e150218379e578528d0a541c63e10597ce9a42cbbb2a155205c5
b171654ee41b8575b204a041fb00714c2e1ed6f1963f6fd68b4ff22f5f20d9ef
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b990cbb90704e8574e370c19f20548f394a0d10cac4092cc80bbf26dfe5902eb
ba57e9fe37374aae1060174b2a0150a2fca11878eef5c4f3e1d964ec10b345c9
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8
bd71ef9bedc8ad126f7ed97ace050e90cf77d155be8c01e5f0b4f2c918fd6c09
bf250697617872399097b4e9995257cc5482c87337fc5105a635f09f56ca87ca
c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229
c46accc884e998008b1ad0548e906a4a4a5afb6addde97daeeb3565993a412d0
c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f
c5151b8cf46d2a6f145bed7ed4f04cc68aebcb3e53fac281810eaa53f89a6873
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
ca96a443712a84bf109b0eefb06e3ed37a7ceae5f062f4c30a3cde8ee34cb5d5
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d485156a3cfc8b82bb11d53cd7c7d670ff0287a88aba078e89548944128acb64
dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a
de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e
ed96b31d7a723d21390ca811bb1d85a75ccedd5983ab4cd275fbd0f90da6ec32
ed992e009a3dfebd419613b6fba43b2beb656306b2ea7c90c0882f7ff9ffbbc0
edc4076faabf44d3124191d9f65902675cbd8b63b3bf997995a9fb7b483ee208
ee4a6b47771c4d833c797625d6bc37c87d83eb4a5fb6d6ea6b6313b0597c59e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f073f3730259e38ca45ddde045ab2137a227d7b3c0623382be1f8c9cbbc94d2a
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f2585ac403e198f0e12b5379d589acb6b937e3ac6be613bf0cf2cd9d09e44b76
f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c
fa04f6869d6de022e015687d0c73411c6268505d456239aea7552e8300fb1aac
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
faa721d01c4b87ec47e7599e746cbd8084a4388759aa382f5ce0c2323d165117
fb4f042c1b57998f8486cbf7250c81dff766af52512d694c0d696113163a843a
fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54
ff2a10fd8e7bc72a6fcb57d064242ff8bd3b3c4894abec1fd8ebe9f9c858dfef

77.232.142.73.sslip.io Open in urlscan Pro 77.232.142.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

197 Requests

76 %HTTPS

35 %IPv6

25 Domains

52 Subdomains

40 IPs

2 Countries

11891 kBTransfer

19958 kBSize

27 Cookies

298 Outgoing links

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

77.232.142.73.sslip.io Open in urlscan Pro
77.232.142.73 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

76 %
HTTPS

35 %
IPv6

25
Domains

52
Subdomains

40
IPs

2
Countries

11891 kB
Transfer

19958 kB
Size

27
Cookies

197 HTTP transactions
3 data transactions