nytimes-com.diced.sh Open in urlscan Pro
2606:4700:3037::6815:5e5a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nytimes-com.diced.sh/
Submission: On August 10 via api (August 10th 2023, 9:08:58 am UTC) from US — Scanned from US

Summary HTTP 154 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 36 IPs in 1 countries across 27 domains to perform 154 HTTP transactions. The main IP is 2606:4700:3037::6815:5e5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nytimes-com.diced.sh.
TLS certificate: Issued by E1 on August 9th 2023. Valid for: 3 months.

This is the only time nytimes-com.diced.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3037::6815:5e5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	2600:9000:24f... 2600:9000:24f1:fc00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
9	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
2	2600:9000:251... 2600:9000:2511:ca00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.138.107.138 108.138.107.138	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
1	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2602:803:c002... 2602:803:c002:200::62	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.1.30.248 52.1.30.248	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
10	18.164.98.157 18.164.98.157	16509 (AMAZON-02) (AMAZON-02)
2	13.35.93.113 13.35.93.113	16509 (AMAZON-02) (AMAZON-02)
2 4	108.139.47.92 108.139.47.92	16509 (AMAZON-02) (AMAZON-02)
2 3	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4	173.223.56.26 173.223.56.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	54.174.91.172 54.174.91.172	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:ae80:145... 2606:ae80:1451:18::1720	25751 (VALUECLICK) (VALUECLICK)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4842	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
9	3.227.173.138 3.227.173.138	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2010	15169 (GOOGLE) (GOOGLE)
1	20.40.202.2 20.40.202.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
154	36

11 2606:4700:3037::6815:5e5a (United States)

ASN13335 (CLOUDFLARENET, US)

nytimes-com.diced.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vp.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f1:fc00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2511:ca00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:807::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.184 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.30.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-30-248.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.93.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-113.jfk50.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.139.47.92 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-92.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.139.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.223.56.26 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-26.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.91.172 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-91-172.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:18::1720 (United States) 1 redirects

ASN25751 (VALUECLICK, US)

medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (Staten Island, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:821::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4842 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.227.173.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-173-138.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2010 (Stony Point, United States)

ASN15169 (GOOGLE, US)

nyt-dti-prd-staticjs.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9796 static01.nyt.com — Cisco Umbrella Rank: 7580 vp.nyt.com — Cisco Umbrella Rank: 14091 a1.nyt.com — Cisco Umbrella Rank: 9599	3 MB
18	nytimes.com static01.nytimes.com — Cisco Umbrella Rank: 10839 a.et.nytimes.com — Cisco Umbrella Rank: 7503 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7680 Failed als-svc.nytimes.com Failed www.nytimes.com — Cisco Umbrella Rank: 4106 dd.nytimes.com — Cisco Umbrella Rank: 10968 purr.nytimes.com Failed a.nytimes.com Failed meter-svc.nytimes.com Failed	227 KB
15	googlesyndication.com a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151 pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	539 KB
13	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 441	68 KB
11	diced.sh nytimes-com.diced.sh	807 KB
9	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 9113	2 KB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 10210	170 KB
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 8013 iteratehq.com — Cisco Umbrella Rank: 7003	32 KB
5	media.net prebid.media.net — Cisco Umbrella Rank: 1373 cs.media.net — Cisco Umbrella Rank: 1558 contextual.media.net — Cisco Umbrella Rank: 649	3 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 572	4 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 155	1 KB
4	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 640 eb2.3lift.com — Cisco Umbrella Rank: 406	2 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 nyt-dti-prd-staticjs.storage.googleapis.com — Cisco Umbrella Rank: 25772	6 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3441 collector.brandmetrics.com — Cisco Umbrella Rank: 3883	22 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 354	2 KB
3	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 833 nytimes-d.openx.net — Cisco Umbrella Rank: 16347	768 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1570 mab.chartbeat.com — Cisco Umbrella Rank: 2508	34 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 116 www.google.com — Cisco Umbrella Rank: 3	2 KB
2	dotomi.com 1 redirects medianet-match.dotomi.com — Cisco Umbrella Rank: 12624	504 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 977	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 363	966 B
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1898	77 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	176 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	57 KB
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 608	530 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 221	583 B
154	27

	Domain	Requested by
17	static01.nyt.com	nytimes-com.diced.sh
11	nytimes-com.diced.sh	nytimes-com.diced.sh rumcdn.geoedge.be
10	aax.amazon-adsystem.com	c.amazon-adsystem.com
10	g1.nyt.com	nytimes-com.diced.sh g1.nyt.com
9	pnytimes.chartbeat.net	nytimes-com.diced.sh
9	a.et.nytimes.com	nytimes-com.diced.sh
7	tpc.googlesyndication.com	a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com rumcdn.geoedge.be
6	securepubads.g.doubleclick.net	nytimes-com.diced.sh rumcdn.geoedge.be securepubads.g.doubleclick.net a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com www.googletagservices.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	fastlane.rubiconproject.com	www.nytimes.com
4	iteratehq.com	platform.iteratehq.com
4	sb.scorecardresearch.com	2 redirects nytimes-com.diced.sh
4	samizdat-graphql.nytimes.com	nytimes-com.diced.sh
3	fonts.gstatic.com	fonts.googleapis.com
3	a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	eb2.3lift.com	2 redirects nytimes-com.diced.sh
3	c.amazon-adsystem.com	nytimes-com.diced.sh c.amazon-adsystem.com
2	platform.iteratehq.com	nytimes-com.diced.sh platform.iteratehq.com
2	fonts.googleapis.com	client a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	nytimes-com.diced.sh www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	nytimes-d.openx.net	1 redirects nytimes-com.diced.sh
2	medianet-match.dotomi.com	1 redirects nytimes-com.diced.sh
2	pm.w55c.net	2 redirects
2	contextual.media.net	nytimes-com.diced.sh
2	cs.media.net	nytimes-com.diced.sh
2	match.adsrvr.org	2 redirects
2	dd.nytimes.com	nytimes-com.diced.sh dd.nytimes.com
2	rumcdn.geoedge.be	nytimes-com.diced.sh rumcdn.geoedge.be
2	www.googletagmanager.com	nytimes-com.diced.sh www.googletagmanager.com
2	static01.nytimes.com	nytimes-com.diced.sh a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
2	static.chartbeat.com	nytimes-com.diced.sh
1	www.google.com	rumcdn.geoedge.be
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	nyt-dti-prd-staticjs.storage.googleapis.com	static01.nytimes.com
1	www.googletagservices.com	a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	vp.nyt.com	nytimes-com.diced.sh
1	cm.g.doubleclick.net	1 redirects
1	dis.criteo.com	1 redirects
1	mab.chartbeat.com	static.chartbeat.com
1	prebid.media.net	www.nytimes.com
1	rtb.openx.net	www.nytimes.com
1	tlx.3lift.com	www.nytimes.com
1	ib.adnxs.com	www.nytimes.com
1	www.nytimes.com	nytimes-com.diced.sh
0	meter-svc.nytimes.com Failed	nytimes-com.diced.sh
0	a.nytimes.com Failed	nytimes-com.diced.sh
0	purr.nytimes.com Failed	nytimes-com.diced.sh
0	als-svc.nytimes.com Failed	nytimes-com.diced.sh
154	52

This site contains links to these domains. Also see Links.

Domain
cn.nytimes.com
cooking.nytimes.com
theathletic.com
nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
diced.sh E1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
a.et.nytimes.com R3	`2023-07-15` - `2023-10-13`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
brandmetrics.com GTS CA 1P5	`2023-07-08` - `2023-10-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
iteratehq.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://nytimes-com.diced.sh/
Frame ID: F4436D45C757152B8EFE7FE23E376249
Requests: 125 HTTP requests in this frame

Frame: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B954C23126530503D70F7F0B06AE55EE
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F
Frame ID: 2D4DD28F2307920D77F1DF81EF0782AD
Requests: 1 HTTP requests in this frame

Frame: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 36E5A4D63D392BBA958C3B7991ADAF31
Requests: 18 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F
Frame ID: 452FC7771BC22170AD8AB2138D0B932C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FC8EBB151605A9DADFB125B601BE3B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C123E253908442B9A7C248563EF80FC2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

154
Requests

90 %
HTTPS

45 %
IPv6

27
Domains

52
Subdomains

36
IPs

1
Countries

5705 kB
Transfer

10186 kB
Size

34
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.nytimes.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://theathletic.com/
Title: The Athletic

Search URL Search Domain Scan URL

URL: https://theathletic.com/4747975/2023/08/09/jalen-hurts-special-cheesesteak-eagles/
Title: How Jalen Hurts Boosted a Black-Owned Family RestaurantThe Eagles quarterback revealed his favorite cheesesteak, and it changed the lives of twin sisters in Philadelphia.

Search URL Search Domain Scan URL

URL: https://theathletic.com/4760154/2023/08/09/uswnt-world-cup-criticism/
Title: The Flood of Vitriol at the U.S. Team Has Little to Do With the World CupSome politicians and commentators have been waiting to see the women’s team stumble for their own gain, our columnist writes.

Search URL Search Domain Scan URL

URL: https://theathletic.com/4756815/2023/08/09/mlb-errors-scorers-hits/
Title: A Rise in Batting Average and a Fall in Errors Have M.L.B. Players SuspiciousHits are up and errors are down. Some within baseball believe it’s more than a coincidence.

Search URL Search Domain Scan URL

URL: https://theathletic.com/4762864/2023/08/09/northwestern-football-culture-hazing-scandal
Title: Northwestern Athletic Director Calls Out Football Team’s ‘Tone-Deaf’ Shirts

Search URL Search Domain Scan URL

URL: https://theathletic.com/4763100/2023/08/09/pga-tour-pif-jay-monahan/
Title: The Pressure Is on for the Architect of the PGA-LIV Golf Gamble

Search URL Search Domain Scan URL

URL: https://theathletic.com/4760246/2023/08/09/kevin-brown-mlb-broadcasters-defend/
Title: The Orioles Crossed a Line. Now M.L.B. Broadcasters Are Speaking Out.

Search URL Search Domain Scan URL

URL: http://nytimes.com/games/connections
Title: Connections | BetaGroup words that share a common thread.<img src="https://static01.nyt.com/images/2023/06/05/crosswords/alpha-connections-icon-beta/alpha-connections-icon-beta-square320.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="" class="css-122y91a"/>

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1691658505447&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fnytimes-com.diced.sh%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1691658505447&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fnytimes-com.diced.sh%2F&c9=

Request Chain 79

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=7f8fdcaa-0a68-4677-bb14-1cbad87b2d29&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 81

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=467b96d2-815d-48aa-85b5-b42611a71627

Request Chain 82

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=syQWRXhc1Qu1EF5

Request Chain 83

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=13bb82a25aa1485&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID

Request Chain 84

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=b40e7567-51a7-4e03-a69a-3ad0132075bb&google_hm=YjQwZTc1NjctNTFhNy00ZTAzLWE2OWEtM2FkMDEzMjA3NWJi HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECjFwDMILSPjcrhrTHbMjSY&google_cver=1&ssp=medianet&bsw_param=b40e7567-51a7-4e03-a69a-3ad0132075bb HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b40e7567-51a7-4e03-a69a-3ad0132075bb&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 85

https://nytimes-d.openx.net/w/1.0/pd HTTP 302
https://nytimes-d.openx.net/w/1.0/pd?cc=1

Request Chain 98

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F

Request Chain 131

https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

154 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nytimes-com.diced.sh/ 639 KB
112 KB 163ms
78ms Document
text/html 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3915c893cde8b16f9c34dd23dfe04bc285f168d871c83537ac927cf57057ffa7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 33
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=30,no-cache
cf-cache-status: DYNAMIC
cf-ray: 7f47180e39ef2be3-ORD
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 10 Aug 2023 09:08:23 GMT
last-modified: Thu, 10 Aug 2023 09:07:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcGd%2Fo97whbDxnA0o9SKp78WBCI9TvkA6wK2JyV%2FLngjVjMULh28kfCL2K%2B6XuYIZcq7n9tlngoOaK8gRvDAbwbgNL80Kx79Ei3LVm6C%2BWoKUd5nudlTQMGOXPTrcCInGS%2BqT8pf9Za7OVE%2FY4kNWGhJJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 282530bc199f4139b07539f4e59cd307
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr: 0
x-nyt-app-webview: 0
x-nyt-data-last-modified: Thu, 10 Aug 2023 09:07:50 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: homepage
x-origin-time: 2023-08-10 09:08:05 UTC
x-pagetype: vi-homepage
x-served-by: cache-lga21978-LGA, cache-chi-klot8100041-CHI
x-timer: S1691658503.437750,VS0,VE2
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 265ms
27ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 06 Jun 2024 05:40:27 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 5542076
x-guploader-uploadid: ADPycdvmtbhr_m4hMo8Se8h19LezVAWW91xQ_d6I3QnRw7-VsbsaEwRsZvLr9VuIXzZy-z4pCkpYe4_udZr63l0Bx0a2SQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-chi-kigq8000139-CHI
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1691658504.720232,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13119

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
nytimes-com.diced.sh/vi-assets/static-assets/ 6 KB
3 KB 68ms
67ms Stylesheet
text/css 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdttKpmDCFDeIvonM2-bwjFHmQQPREs8YH5nRR3C4dLrTasDaeqQxYIaUtn__QWvzvqBaQo59L4m8wsUaBQhzSeAfw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-10-12 15:49:58 UTC
x-served-by: cache-chi-klot8100089-CHI
x-timer: S1691658504.520825,VS0,VE0
etag: W/"e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
content-type: text/css; charset=utf-8
x-frame-options: DENY
x-goog-generation: 1665589250507895
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Thu, 12 Oct 2023 15:49:58 GMT
x-cache-hits: 2705
date: Thu, 10 Aug 2023 09:08:23 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Oct 2022 15:40:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx9h03cMwovKmY%2BAas76FAfQcr21ngA%2FV73YOZtkSYKhYqRG%2FREKB3ZI9pALcKqZZc9BXqFb38fwIWs%2Fh5yaWA5S80v2vSiH5eqRzrGrlEp1OhgrY8%2F%2F6hJCkXlRtu2f3P5sSyuUjjsgQMxb1ufVtwsE2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 0
x-goog-stored-content-length: 5656
cf-ray: 7f47180eca2c2be3-ORD

GET
H2 200 adslot-52d04608495376108b01.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 23 KB
9 KB 72ms
71ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/adslot-52d04608495376108b01.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

018499b49769bd666b31c40fceb9068b5560cd2792d80f2fbc494a506d06d77b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdvPeayhQnQrX-TQDamuwoCXumyFBV88s9ZofpMUj4OlcBd28LzNXvPj2Ldjfj1vJyzDA7CKJENDvAExsLx8IRLug2x0FB2n
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-08 19:55:01 UTC
x-served-by: cache-chi-klot8100070-CHI
x-timer: S1691658504.745514,VS0,VE0
etag: W/"edd8525beebcd603d6711684d52bc134"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-52d04608495376108b01.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691524069714557
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Wed, 07 Aug 2024 19:55:01 GMT
x-cache-hits: 5130
date: Thu, 10 Aug 2023 09:08:23 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 19:47:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRk5AhwqHvT0osd3a2d03MCyL3T0t9QjSm9l7P5Vm812qE2y%2FCXzeY2UyUoe4xxjAlQGINm1YIkSp91xQOYFRc8A3D8bkj%2BogUhUhdAISt1GaZIZzE%2BPPWorP1wHNIlGked91Rv71d79p2AvzpvFEdlEMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=/0+3DA==, md5=7dhSW+681gPWcRaE1SvBNA==
x-gdpr: 0
x-goog-stored-content-length: 23058
cf-ray: 7f4718102ac92be3-ORD

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 195ms
59ms Script
application/x-javascript 2600:9000:24f1:fc00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 08:55:10 GMT
content-encoding: gzip
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:37:14 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 793
etag: W/"649b80ba-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9j4dkRe3fYz7PucEOhiTncQZOY0H_I0_lEGQBuaJxa8UW7b_lmNRpA==
expires: Thu, 10 Aug 2023 10:55:10 GMT

GET
H2 200 replace-urls.js Show response
nytimes-com.diced.sh/js/ 784 B
726 B 40ms
39ms Script
text/plain 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nytimes-com.diced.sh/js/replace-urls.js
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f7458cac10590b71a4d9c563ddd5f529b956241a320a07b941603ec4b87490

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mj1QPaFWxzbSupIDaqNyI7NH4mJTir2D%2Fi%2BauXMtaM4WQEHISDgtpAXkk89ZW9WpHde383gK8VP7B1SbLb8hBe5ZyEIbMCoyjTP%2Flkm4WWdr6r%2BmEa8RENIJxcDA%2F4hUr5jDSRcAgpFZ7VYu6Kt9Wp4TVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 7f47180f2a532be3-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 styln-carousel-deck.js Show response
static01.nytimes.com/newsgraphics/a5e8b9ab15d6eb1b40cd92817101324478690f96/static/js/ 183 KB
64 KB 100ms
65ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/newsgraphics/a5e8b9ab15d6eb1b40cd92817101324478690f96/static/js/styln-carousel-deck.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4d843110ca146ae5673b36cd7a1f840d850aeeeb3e3f472eb7f164ce8f5e7415

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 10 Aug 2023 07:24:49 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1
x-guploader-uploadid: ADPycds5sKXxMDdfkJ8IOvkCN8mYlX4tU8E8gJEDXp2pYMkMVX8WbDOOB8_sQsLKdvCkMqIUqg3wFZV9wKQ3dAuxVt1a4TUrW25W
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 65173
x-served-by: cache-iad-kiad7000084-IAD, cache-chi-kigq8000139-CHI
last-modified: Thu, 10 Aug 2023 07:20:49 GMT
server: UploadServer
x-timer: S1691658504.832433,VS0,VE2
etag: "efbd65905b0320deb25c095e947f7fa4"
vary: Accept-Encoding, Origin
x-goog-generation: 1691652049703381
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=1Ci08w==, md5=771lkFsDIN6yXAlelH9/pA==
cache-control: max-age=5
x-goog-stored-content-length: 65173
x-amz-checksum-crc32c: 1Ci08w==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 122324, 1

GET
H3 200 vendor-d1063a88f4d449280a18.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 184 KB
55 KB 124ms
120ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/vendor-d1063a88f4d449280a18.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36efdf9e878bd0d16e932f3729dc82234b422027e54f96322b09af5edc84314a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdvN4uj1iLxg1FPLP2yc44h1LTQyiXOzivKtBIoEWEjobUnrbnU3bUFtSNta0WpnsBZIbo91CRTCUZnI4iJET1pWXA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-09 16:23:40 UTC
x-served-by: cache-chi-klot8100049-CHI
x-timer: S1691658504.863637,VS0,VE0
etag: W/"a5b395f2ccdd1befd4d32d38466d96fc"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-d1063a88f4d449280a18.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691597863689546
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Thu, 08 Aug 2024 16:23:40 GMT
x-cache-hits: 2538
date: Thu, 10 Aug 2023 09:08:23 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 16:17:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hWCkxiYLfl3ycTTRpzvGby9cUY9Sp6fVLWJ1s4XLbfjzx%2B2YN0BUYAfp9FrUyd3X0Xqd0%2BPXo5qAXGcAZ5zMTIEMJ5GoeQNcnQ0nwnR370a3qVSL3Dw4EDbqOuq9Fr2U1nB2yYRzYFm3QfqURfj5NDX2w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=YEFGgg==, md5=pbOV8szdG+/U0y04Rm2W/A==
x-gdpr: 0
x-goog-stored-content-length: 188121
cf-ray: 7f471810ccd02f2c-ORD

GET
H3 200 home-631926abe8b1650323f2.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 698 KB
167 KB 96ms
92ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/home-631926abe8b1650323f2.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dddc61874dbbea9dd3e87805e1d705e536d8a53f771e909a607d8f60b94a27d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdt2gACLmxRRqWVscv3WgQ9pjQjXwX72oIDqv1NXCPlFM-0E0ZsOZIl1KEEr_vW8y0E-_QAOOEkGu5tuSM6TSyTS1MaWnKlr
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-09 19:24:33 UTC
x-served-by: cache-chi-klot8100084-CHI
x-timer: S1691658504.859744,VS0,VE0
etag: W/"07c18023476b889b8d8ca5e94772f08c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-631926abe8b1650323f2.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691608807906733
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Thu, 08 Aug 2024 19:24:33 GMT
x-cache-hits: 2
date: Thu, 10 Aug 2023 09:08:23 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 19:20:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMZP65HbcEDvE7aPDPVD4ydjvEShKN9WkswGsnL4uGU%2BLMC%2FPJtNV7lF%2FJ6jV2QFymhRII8AcpIKOKtAL5e9Wmku7jKsPYg%2BSIDxi4Uja6iXWX7yqwRGe6%2F0SuTRUTjjUXTMcMGRW3sO1Yskpk7bykIsEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=lAuVww==, md5=B8GAI0driJuNjKXpR3LwjA==
x-gdpr: 0
x-goog-stored-content-length: 714988
cf-ray: 7f471810ccd22f2c-ORD

GET
H3 200 main-7f158ec33b74083974d2.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 1 MB
425 KB 243ms
239ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/main-7f158ec33b74083974d2.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c588f9f129618081a1e4cea8d6c24e13dce8b312586d3fa63f024ae4ac0833

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycduQ6ZsyMHkP34OA43-CsWQOSPn0kustA7VLs_5qiuTz8FiyaDH10fJOTcWx1tfn21mR-jbA7qtZoJb8VPuVmWgjEQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-09 19:44:30 UTC
x-served-by: cache-chi-klot8100156-CHI
x-timer: S1691658504.873252,VS0,VE0
etag: W/"e45f554e6877b3bd0bae534f7a60176d"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-7f158ec33b74083974d2.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691609740933898
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Thu, 08 Aug 2024 19:44:30 GMT
x-cache-hits: 15
date: Thu, 10 Aug 2023 09:08:23 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 19:35:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8QFhspXh%2B5g%2BaxMwTOFCR7TDGnCEROlN60AJmJGckb3BUtmACp2JQ5LqIjv4KqH5dyVyuznbPrw77AlT6cYJije2C5HwH%2FZuqzBIxWvAKoPSGN4Dy13nv5LyKhGDS5Mg8Q0ka%2Fd5DGzGueivS9qS9cwxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=32XSzg==, md5=5F9VTmh3s70LrlNPemAXbQ==
x-gdpr: 0
x-goog-stored-content-length: 1503528
cf-ray: 7f471810ccd32f2c-ORD

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 431 KB
118 KB 178ms
75ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce2a8999c8b7158ef1cebf003a62fed43ca4b587d78aafd40f76aed089955c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120297
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 221ms
73ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 147ms
68ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://nytimes-com.diced.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-encoding: gzip
content-length: 20
date: Thu, 10 Aug 2023 09:08:23 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: CO
x-samizdat-query-exe-id: ac7366b1ad9dde5c
x-samizdat-query-field-errors: 0
x-served-by: cache-chi-klot8100050-CHI
x-timer: S1691658504.858560,VS0,VE39

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 14 KB
6 KB 240ms
49ms Script
application/javascript 2600:9000:2511:ca00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ca00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 649c937aa09a423947b473150880a77ca3c75e58c547e11d425325110e3f9420

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:03:58 GMT
x-amz-version-id: 5DjwpxikKDadOTJ.cO_vO33xzwcEA_.C
content-encoding: br
last-modified: Sun, 06 Aug 2023 15:32:29 GMT
server: AmazonS3
via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"85b44254afeb4daabf9f185a1f8d8590"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 266
x-amz-cf-id: wMsqCOjNTqUE-rzPNS6lUZsFJWhIx83dZxqcoRtiB6f1R7ww_p9jeA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 250ms
60ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 08:57:29 GMT
content-encoding: gzip
via: 1.1 c35f767218cbd1125d801b52fa785c8c.cloudfront.net (CloudFront), 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 19:49:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 656
x-amz-server-side-encryption: AES256
etag: W/"93708b50a97059783aafdf3c6548167d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: GIntUMWu-WYmAEXH2xPVHjgJqXsufM40_jlPn-MDqpXX293OIa9nXw==

GET
H2 200 prebid8.1.0.js Show response
www.nytimes.com/ads/ 302 KB
96 KB 57ms
31ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.1.0.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 491372
x-guploader-uploadid: ADPycdvZ-I1PBOY_Qxe9MtvS0n49j0jYyv7jevbJ4o2p9PaaP7CYsF5u5kq7v1luluy9UwXC7A-_4Wcy9r67eeJdjVjYxg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-07-07 16:38:51 UTC
x-served-by: cache-chi-kigq8000139-CHI
x-timer: S1691658504.826114,VS0,VE1
etag: "69d0b1569bbd0b87116d60db3a12cd34"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1687806692468937
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-route: ads-static-assets
x-nyt-edge-cache: HIT
x-cache-hits: 32411
expires: Fri, 07 Jul 2023 16:38:51 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 97611
last-modified: Mon, 26 Jun 2023 19:11:32 GMT
server: UploadServer
x-goog-hash: crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr: 0
x-goog-stored-content-length: 308841
accept-ranges: bytes

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 85ms
27ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 17:48:30 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9645593
x-guploader-uploadid: ADPycdsN2a2IR3kePsUEuW0ojZsCEv1h3TfcfcwKjb7UQZ8zQLbESeIt9ov5xEo2nKhtXC3UT_7dPQVigZkjGehBQ7d5pPIjyyrV
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1691658504.892162,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1650460180610251
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23269

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 87ms
30ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 14 Jul 2024 04:32:16 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2262967
x-guploader-uploadid: ADPycdvtLMs61y3PJ8w1SdsuZDi-NTKgRVadZWbvZ4JZDvficjopE2Y_BmsPLpRHr5yw4C9BOOaEsE3TW8kVKUvDZBDIQTx8y3gQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1691658504.892325,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23507

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 88ms
31ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 03 Jul 2024 05:07:58 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3211225
x-guploader-uploadid: ADPycdvYUI8-cVT7jya5xJk_SQD7EjqfSmiLLgMhfgoa1k_AewLeEj3c1X70ow0sHe8d2EcuTS3mgoEpZ-if3pn2FoEbDw_vQr1V
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1691658504.892241,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
x-goog-generation: 1673991776325560
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24184
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 117ms
61ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 08:58:21 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 18317402
x-guploader-uploadid: ADPycduRR3HrnKUKrtiX4HULbUqSrP3_EapZkgsMS3FHZnP-VvhAFNQcKZ_wE8BLeFSBc4K0_Iy2zktWa7cLuT-rztl9
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1691658504.892630,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
x-goog-generation: 1651598149856995
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14208

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
27 KB 141ms
85ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 25 Apr 2024 07:48:03 GMT
date: Thu, 10 Aug 2023 09:08:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9163221
x-guploader-uploadid: ADPycdsFj4pjm5LddMYlCDUoGdQbJz_KkkBo2mlN7toL8DFn9w6maGJBRUIU8bAUnP9RzG2EXJUQHmDMqX8HnlrhmgLBpA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1691658504.892711,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 22917

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 262ms
83ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/vi-assets/static-assets/adslot-52d04608495376108b01.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d4613c825d7b4ec064eb3cd9edb1fef1855749c85d94a38da4b2765b2d4980e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28011
x-xss-protection: 0
server: cafe
etag: 429 / 19579 / m202308030102 / config-hash: 8408795725436953969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 09:08:24 GMT

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecd9333f4d54db1d20cf6b74adcb1080bb2b03224f8a5f90eec3000d907b6e99

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e

Request headers

Referer
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 114ms
2ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 15 Jul 2024 15:48:05 GMT
date: Thu, 10 Aug 2023 09:08:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2136019
x-guploader-uploadid: ADPycdsatbvvqzw6sEY0ogLDLRZwdX5MubB-j0wW_Sx0DerSEX2LFc6LqoUELYCCnWMrJGooaWlJmXNkfrrHGskfOpi95A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24028
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1691658504.310768,VS0,VE0
etag: "cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation: 1673991775386814
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24028
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 116ms
4ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 24 Apr 2024 07:51:21 GMT
date: Thu, 10 Aug 2023 09:08:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9249423
x-guploader-uploadid: ADPycdsDDyXiLbB4UYjA1av3OG8XGNb4c2apUJxdNODA-dJ5OnQZC9LYAhq9Hzoouar9T04WkuqLmys94sJSoD45qN6DS-pFWOzB
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1691658504.310919,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation: 1673991775015704
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13341

GET
H2 200 cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
23 KB 117ms
5ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 22 May 2024 09:48:01 GMT
date: Thu, 10 Aug 2023 09:08:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6823223
x-guploader-uploadid: ADPycdv222smi96RGh3FLA-4_G3_L23vxa-xXRziKH-acHAtiWCpJ7koeKqgNm0ymwREpAnpSwxjtQV9bl87NTQRdT0ivw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23704
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1691658504.310919,VS0,VE0
etag: "1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation: 1673991775396405
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23704
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/ 28 KB
29 KB 117ms
5ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 01 Aug 2024 07:12:54 GMT
date: Thu, 10 Aug 2023 09:08:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 698130
x-guploader-uploadid: ADPycdsfuhj1AIhjgR3Q3hwa60gNZuNDIW4AlZLDZqeDantb8yTyNSpsIWfou5uNRGhpTzSam6A3pp1HySI0ivWiw-QvrhMB2aLq
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28868
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1691658504.311061,VS0,VE0
etag: "7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation: 1673991775506403
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
583 B 229ms
75ms XHR
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
an-x-request-uuid: 5c958aac-cad1-4bb7-b03c-4376491ea24d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 167.88.7.163; 167.88.7.163; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 428 B
955 B 225ms
44ms XHR
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fnytimes-com.diced.sh%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes-com.diced.sh&tg_i.page=https%3A%2F%2Fnytimes-com.diced.sh%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=dfp-ad-top&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=8961f52aedb7db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15475331313041307
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0df4e29d229e31b62022463a0c7b701156b2606fb7359997f775b93bdf871a2c

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 428
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
780 B 226ms
45ms XHR
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fnytimes-com.diced.sh%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes-com.diced.sh&tg_i.page=https%3A%2F%2Fnytimes-com.diced.sh%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=99b49f8580380e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5484956121773974
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1e6afbca37a6a12123503561f68fd64a64aefa854b7b580133d0978d91c9d29b

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
779 B 236ms
56ms XHR
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fnytimes-com.diced.sh%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes-com.diced.sh&tg_i.page=https%3A%2F%2Fnytimes-com.diced.sh%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=108b2fb30cf23ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06611761222777224
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4ab4fdd07d461c1f96aa4e163e6678297e6ba4f7846bfcffc975d3931339f077

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
780 B 233ms
55ms XHR
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fnytimes-com.diced.sh%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes-com.diced.sh&tg_i.page=https%3A%2F%2Fnytimes-com.diced.sh%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=11a3757b6626704&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1494273817073768
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7678de414d1eccc492214c621d05603b246f3337c0f9de1256ad757fda432ab2

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 434 B
784 B 232ms
54ms XHR
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fnytimes-com.diced.sh%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes-com.diced.sh&tg_i.page=https%3A%2F%2Fnytimes-com.diced.sh%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=12ef264f8ef927c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38979248208603634
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 93fd944472228e4d79ca3d277814239234cdfabb52fa30b774a9c0f77ec6c224

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 434
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
605 B 197ms
54ms XHR
application/json 52.1.30.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.1.0&referrer=https%3A%2F%2Fnytimes-com.diced.sh%2F&tmax=10000

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.1.30.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-30-248.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
accept-ch: sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version
x-auction-status: 3, 3, 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
261 B 116ms
48ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 3d1247592f8b1af44da6eebe304c894e20c0a6c552429983a2dd5385fb074adf

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Aug 2023 09:08:24 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://nytimes-com.diced.sh
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
967 B 317ms
250ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9210c4893b69a5fda698845d8349409d6a39518d9dcc4842d0d20bccb43811a0

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 10 Aug 2023 09:08:24 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 224 KB
71 KB 61ms
60ms Script
text/javascript 2600:9000:2511:ca00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ca00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47af2c9b82e093e4c5f82b486159cf7d2ab63f11fc2696b247ce20f85bdfbe16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:03:57 GMT
x-amz-version-id: HFDCckyGypLp_ZJJdm5ExCcEPmiChr9o
content-encoding: br
last-modified: Thu, 10 Aug 2023 08:29:14 GMT
server: AmazonS3
via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"e4a6540ab8ad1ce35026547e98fc57c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 268
x-amz-cf-id: 0Cm32sp3Yg3Yncu7k43pRkDwTm6YpYraqjy255Jjghse4i6_QtT7dQ==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 162 B
490 B 165ms
60ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nytimes.com&domain=nytimes-com.diced.sh&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a210a79953599e4929209c52b610843dcbd0c2c54a0a8805243eef8f8ae4f74b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 10 Aug 2023 09:08:24 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 132
x-served-by: cache-chi-klot8100053-CHI
x-timer: S1691658505.866700,VS0,VE27
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 08 Aug 2023 09:08:24 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 59ms
56ms XHR
text/plain 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fnytimes-com.diced.sh
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:24 GMT
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: L-QCJsvVbCnkITap_INcmrUMyN1hAZUis6cow_9NLw7vrNB0BR3yDQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 228ms
64ms Fetch
image/gif 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnytimes-com.diced.sh%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:24 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 1N5691ZH3XZHT0B545HJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 5Z-aPvOEH4So_jEkI1fPAn7yheYHuB93SAUEeHlPq5uncdK3tYqQYg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
506 B 232ms
83ms XHR
text/javascript 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fnytimes-com.diced.sh%2F&pid=kzHVTqn90CSjC&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:25 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: BNNP48TBDJNK2JQZRVM7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nytimes-com.diced.sh
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 3Fr0szxp1sgq32BbdPnwNxOUcRg3-XjeksaDOAZxo2he2-iZiwlqyA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 218ms
97ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:25 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: kSmfzpnwZ7ll1oHDw60fxsxF3L9T1QH-g3FrODO0CTiQXLqq_0PNFA==

GET
H3 200 vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-2943f031c0e29024e9df.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 46 KB
16 KB 111ms
100ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-2943f031c0e29024e9df.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32b3ca55e0bf592976f0330b2800cdafdf7e803c60f31901c44bfe78578efbd5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdvMAH7CTSB9XHCwM-sLWa57KIN77iNvhJ-qwy97gSl3QCpDnhCquBVODQGnksQRH87n3BRw_A9WpnfOZKQPmGVfOw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-09 16:23:41 UTC
x-served-by: cache-chi-klot8100032-CHI
x-timer: S1691658505.329676,VS0,VE0
etag: W/"84f41e6a5b44463ac03836d8a4dd5d86"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-2943f031c0e29024e9df.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691597863678675
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Thu, 08 Aug 2024 16:23:41 GMT
x-cache-hits: 2587
date: Thu, 10 Aug 2023 09:08:25 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 16:17:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WFPIUpHidAr%2FfCsVapeHlMcMWZBc5IIZgln8WfULHpdOCqBIXmjFev4XjtRfoPO9wcxz30EdVZhsMEp3eVNckKxawYuabDI5wlqCdr2%2FFZsTxrlCg3%2FNs38vQKgGBHOCzHh0x8bZC9AX0KcHp3RgzcyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=v+cinw==, md5=hPQealtERjrAODbYpN1dhg==
x-gdpr: 0
x-goog-stored-content-length: 46948
cf-ray: 7f471819e9a42f2c-ORD

GET
H3 200 vendors~burst~clientSideCapsule~home~paidpost~trending-eb8023b6a3f3e67e97d8.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 21 KB
7 KB 90ms
79ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/vendors~burst~clientSideCapsule~home~paidpost~trending-eb8023b6a3f3e67e97d8.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4625f8db7edef9c6825457e00545e7c9ea7045af88450210db715a2e4a97d366

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdtb5Z_VTtN-dmvGfTZWUlPuDa3O6G2pM3bzyNp5hP8Zv6nt5vc5-exC9KbGZxA0l7qrGDWa7USbYZrLiGoIULTt
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-08 20:09:37 UTC
x-served-by: cache-chi-klot8100036-CHI
x-timer: S1691658505.309702,VS0,VE0
etag: W/"788d71dd8419993a39aed0cc0e2c273e"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~burst~clientSideCapsule~home~paidpost~trending-eb8023b6a3f3e67e97d8.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691525061858403
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Wed, 07 Aug 2024 20:09:37 GMT
x-cache-hits: 2700
date: Thu, 10 Aug 2023 09:08:25 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 20:04:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTMBFDycwuHMPvl%2BX2lKwUEZ86fSnIF6ln3NrHofrcDUwSRT%2F0%2FU1kCrSJXpLzJXAd4Z7bW8bBv%2FXv7VTvSyMJALHU8gN6ovShI6OxycNW%2FELVNifeWGE6lNXnxKu1mPlAAstDu%2Fyb0mhB9QOX81N6gI4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=2gtlyQ==, md5=eI1x3YQZmTo5rtDMDiwnPg==
x-gdpr: 0
x-goog-stored-content-length: 21702
cf-ray: 7f471819e9a52f2c-ORD

GET
H3 200 vendors~carddeck~home-cc153136a9a4995263a6.js Show response
nytimes-com.diced.sh/vi-assets/static-assets/ 32 KB
11 KB 83ms
81ms Script
application/javascript 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/vi-assets/static-assets/vendors~carddeck~home-cc153136a9a4995263a6.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07d563ebfc18fd7233b96d04deb7350d5f962901c451208112790b1d201db53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdt7x3q0xJstN1OS-2RbPuQF2I3i_A-TOkZfhnc7umUQLBjgCe2skhjlt8rrJqwTMt9gSRkagIgjGm7EgvNo02Y20w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-09 16:23:49 UTC
x-served-by: cache-chi-klot8100027-CHI
x-timer: S1691658505.310537,VS0,VE0
etag: W/"7337733a7d05c51b56cef77a5222a4ab"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~carddeck~home-cc153136a9a4995263a6.js
content-type: application/javascript
x-frame-options: DENY
x-goog-generation: 1691597863715231
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
expires: Thu, 08 Aug 2024 16:23:49 GMT
x-cache-hits: 1458
date: Thu, 10 Aug 2023 09:08:25 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 16:17:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6bEbMD33JjyTRscJJzOonn8ob9gxHyl4P8YS3iLsSoer9kz3%2FIOrcatCWpBKvlYWzH2V1fMncFVRTiJv0Vj6CghyIgg3eGzQrzcAjVm0MmjpY0lhjfX6o22FxkUAD9P7%2FeRb0Xo1HzcUpeNTUOhBMOVmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-hash: crc32c=tjZ4iA==, md5=czdzOn0FxRtWzvd6UiKkqw==
x-gdpr: 0
x-goog-stored-content-length: 32376
cf-ray: 7f471819e9a72f2c-ORD

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 400 KB
127 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 07:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7324
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 09 Aug 2024 07:06:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
70 B 151ms
60ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nytimes-com.diced.sh

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1d7f53bc0957b1a0c1a2d09d2f6c157f90704a5f1f960fcfc405b4780ddf745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
expires: Thu, 10 Aug 2023 09:08:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
58 KB 68ms
63ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18e49b5e957c956263b2ec317a73b8ef50cab038cf5acd4b8175445176044e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 59609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 09:08:25 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 276 KB
57 KB 262ms
55ms Script
text/javascript 13.35.93.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-113.jfk50.r.cloudfront.net

Software

Apache /

Resource Hash

978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 e14852d4795a20bca94d54bc63e09250.cloudfront.net (CloudFront)
date: Thu, 10 Aug 2023 09:05:30 GMT
x-amz-cf-pop: JFK50-P8
age: 175
x-cache: Hit from cloudfront
content-length: 57540
last-modified: Mon, 05 Jun 2023 12:59:27 GMT
server: Apache
etag: "44e84-5fd6178ff85b9-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: DgyE0paki_ZRZC0fTJNPFGoUD3B1fLWFvK19V4SauguD7n4mH0VkcQ==
expires: Thu, 10 Aug 2023 10:05:30 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1691658505447&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1691658505447&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2...

0
226 B

60ms
59ms

Image
text/plain

108.139.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1691658505447&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fnytimes-com.diced.sh%2F&c9=
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Server: 108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-92.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: iPKTInmhqWNamGwolkU3A734EMSBfgmR53E7XKGkydj6yCTLLInTOg==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 10 Aug 2023 09:08:25 GMT
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005403&ns__t=1691658505447&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fnytimes-com.diced.sh%2F&c9=
content-length: 0
x-amz-cf-id: 0DlVPrsbqcPl5E2dDOLrWcSmrLFCw94orDegToTXZVzMuQExi5cQoA==

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 74ms
73ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://nytimes-com.diced.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-encoding: gzip
content-length: 20
date: Thu, 10 Aug 2023 09:08:26 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: CO
x-samizdat-query-exe-id: a571401a180e653f
x-samizdat-query-field-errors: 0
x-served-by: cache-chi-klot8100050-CHI
x-timer: S1691658507.826419,VS0,VE37

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 36ms
35ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://nytimes-com.diced.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 2
content-encoding: gzip
content-length: 20
date: Thu, 10 Aug 2023 09:08:28 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: CO
x-samizdat-query-exe-id: bd0d167688dbcd2d
x-samizdat-query-field-errors: 0
x-served-by: cache-chi-klot8100050-CHI
x-timer: S1691658509.608769,VS0,VE0

GET
H3 200 market Show response
nytimes-com.diced.sh/api/ 526 B
1 KB 111ms
110ms Fetch
application/json 2606:4700:3037::6815:5e5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nytimes-com.diced.sh/api/market

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/vi-assets/static-assets/main-7f158ec33b74083974d2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5e5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8bca3d4a0812b99546cabf5810f5bc9948fb1ecae20972d71ac574608ebe4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:26 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 34
x-api-version: F-F-X
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-origin-time: 2023-08-10 09:07:52 UTC
x-served-by: cache-lga21927-LGA, cache-chi-klot8100090-CHI
server: cloudflare
x-timer: S1691658506.366512,VS0,VE2
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wnf%2BNu9QtgPOEiKOo9%2B8zWAtdEM1Mz4Nike7QuYPEWn7Unmw5C%2FbChAeqIQEd1Z9O5vPX0Phiklh4uHMd5PYGA%2BwtTK5B9s2JStMod6uPYRs6Ob4uZ8ESF3Tttl2LAQb%2BTEOLBALWzJYeWJ4pX9wgI6XtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=60,(null)
x-gdpr: 0
x-nyt-app-webview: 0
x-nyt-route: market
x-frame-options: DENY
x-nyt-edge-cache: HIT-HIT
cf-ray: 7f47182078702f2c-ORD
x-cache-hits: 8, 1

GET purr-cache
purr.nytimes.com/v1/ 0
0

GET data-layer
a.nytimes.com/svc/nyt/ 0
0

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET meter.js
meter-svc.nytimes.com/ 0
0

GET
H2 200 00hp-biden-cvqm-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/00hp-biden-cvqm/ 21 KB
22 KB 59ms
41ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/00hp-biden-cvqm/00hp-biden-cvqm-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5736eb81644ef04670dbbf0ee15f8d4736bd8050fd58b1f1e312869a0a855912

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 23:29:52 GMT
date: Thu, 10 Aug 2023 09:08:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 34717
x-guploader-uploadid: ADPycdspjyrtXMoi-d4MdrSAiJhwJhcBxLWzG0q8e-qLPapHu-pwgAH176q0Vs3m7V1KPr3SwtmVsO-sVfDgpDlKinCYmA
x-cache: HIT, HIT
fastly-io-info: ifsz=60149 idim=600x400 ifmt=jpeg ofsz=21882 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 21882
x-served-by: cache-iad-kiad7000030-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.963393,VS0,VE0
etag: "uCR2LAbiNNgaGfrS+SKG5PoPhyoGbJqfiJwYkapcQbk"
vary: Accept
x-goog-generation: 1691622981206869
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Q9/MIA==, md5=pKferoUIUfD25c1qyvD0fw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 60149
x-amz-checksum-crc32c: Q9/MIA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 175

GET
H2 200 09Ecudor-htfl-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/09Ecuador-htfl/ 27 KB
28 KB 56ms
38ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09Ecuador-htfl/09Ecudor-htfl-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e9ceb47ffa14741b104904da8501412ba5d7333b1b642166ed79d1c6a776ceb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 10 Aug 2023 01:00:53 GMT
date: Thu, 10 Aug 2023 09:08:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 29256
x-guploader-uploadid: ADPycdtny4P7bbURu1KXZlMhyVrjQmX6PH-8DTjpu5kiKMkqM7DbXXraY3U_sCzamUdpVBLJmMYw_wDE22qveT5mCAHbfg
x-cache: HIT, HIT
fastly-io-info: ifsz=57147 idim=600x400 ifmt=jpeg ofsz=27964 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 27964
x-served-by: cache-iad-kjyo7100177-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.963210,VS0,VE0
etag: "jgPOjlZPH2W9xZZfdxeyJA1jT0IBzs4OkXzB74wsi6o"
vary: Accept
x-goog-generation: 1691629056573385
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Iqx4NQ==, md5=aL+3gZI72mRpc+VY2JOlhg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 57147
x-amz-checksum-crc32c: Iqx4NQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13, 122

GET
H2 200 09DC-INVESTIGATE-vkpc-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/09DC-INVESTIGATE-vkpc/ 15 KB
15 KB 56ms
39ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09DC-INVESTIGATE-vkpc/09DC-INVESTIGATE-vkpc-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

12073060c4889ce9b40ca956776bb42f3b95cc4df0c0f72b8164ee4e06875f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 17:29:34 GMT
date: Thu, 10 Aug 2023 09:08:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 56335
x-guploader-uploadid: ADPycdtRHu9uZkDprNYHxaFEd8vABd7dUoCGh2fg1gVo-cRGLjm0t1nINDdcgNpqu5YnEopd5fpHj_Iau9FEy_sDL_OJ4Q
x-cache: HIT, HIT
fastly-io-info: ifsz=41062 idim=600x400 ifmt=jpeg ofsz=15196 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 15196
x-served-by: cache-iad-kiad7000117-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.963207,VS0,VE0
etag: "pXK/l0T4Qqj+fyfcqTaSteahLOtK/3mrTZ6G2JR2t/A"
vary: Accept
x-goog-generation: 1691602167648418
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=rnsVtQ==, md5=4CibbjGClHYwxcsWYgSh0A==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 41062
x-amz-checksum-crc32c: rnsVtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 9

GET
H2 200 09NAT-OHIO-VOTERS-01-kmzh-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/09NAT-OHIO-VOTERS-01-kmzh/ 20 KB
20 KB 54ms
37ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09NAT-OHIO-VOTERS-01-kmzh/09NAT-OHIO-VOTERS-01-kmzh-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29f241a5297cde04e6af274d77bde6c3d766da76d7ce3bb43c33ed532b955065

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 15:15:36 GMT
date: Thu, 10 Aug 2023 09:08:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 64373
x-guploader-uploadid: ADPycdtaSUCRu7FYbVpqmdwBBtL4QVAU5cXNMFWYd4vbDIqp7_HRy1geH_xBCbS4_cRLd8l6Upwky1csiP-F3_B_LZ_3
x-cache: HIT, HIT
fastly-io-info: ifsz=57260 idim=600x400 ifmt=jpeg ofsz=20362 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 20362
x-served-by: cache-iad-kcgs7200075-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.962918,VS0,VE0
etag: "HgptyONOa/q5S4Wu8Bmu8iespkfAg/f1az2b4Z6jO3U"
vary: Accept
x-goog-generation: 1691594084392926
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Qt16jg==, md5=8+nNtSAxV6gfKVXiqLfA5Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 57260
x-amz-checksum-crc32c: Qt16jg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11, 7

GET
H2 200 09robertson-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/obituaries/09robertson/ 17 KB
17 KB 56ms
40ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/obituaries/09robertson/09robertson-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f721e817d44da2d37e72e097e092c3dcc3dee80247a656470edb77482d8f0413

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 20:14:47 GMT
date: Thu, 10 Aug 2023 09:08:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 46421
x-guploader-uploadid: ADPycdtnCqlb5PBUgz7sgG-bKugPGQIxGShsLiNZL0N5g8-79qljUOiNEtnTQ_pLSAair3H2qHIoarl195Wbnvl8GAbPug
x-cache: HIT, HIT
fastly-io-info: ifsz=42995 idim=600x400 ifmt=jpeg ofsz=17306 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 17306
x-served-by: cache-iad-kjyo7100084-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.963242,VS0,VE0
etag: "y2SEEH+Dk6kYYG0WZp16v505qyZiz2AQ5a3/zrZiKpI"
vary: Accept
x-goog-generation: 1691612053208860
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=OAVhrQ==, md5=kHeftNKbHqg8O3QIKDDVHg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 42995
x-amz-checksum-crc32c: OAVhrQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 6

GET
H2 200 09xp-FBISHOOTing--ckft-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/09xp-FBISHOOTing--ckft/ 59 KB
60 KB 47ms
31ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09xp-FBISHOOTing--ckft/09xp-FBISHOOTing--ckft-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8154d281c454921482104fc209ec9245322c9031142d5c8f8c2fb73c21bf9895

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 20:25:40 GMT
date: Thu, 10 Aug 2023 09:08:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 45768
x-guploader-uploadid: ADPycdvnIU4_QHck54iQvkvaULEnJuxQmnJz18AMqiRwgfarpT_iimpp7ydfh7jjAFaGzSICLj2C9Pyh7Ox7gVi4uB_KGxofZaQ-
x-cache: HIT, HIT
fastly-io-info: ifsz=109615 idim=600x400 ifmt=jpeg ofsz=60700 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 60700
x-served-by: cache-iad-kiad7000159-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.962159,VS0,VE0
etag: "Zao4068bJJAG3LHcJncNwm0XwE5yzc4i4H2GOhw6YMU"
vary: Accept
x-goog-generation: 1691612695452269
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Zb9IRw==, md5=J3Yt8VfXbYqPGq/TeMUgEg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 109615
x-amz-checksum-crc32c: Zb9IRw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 290

GET
H2 200 09ukraine-ledeall-01a-kczq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/09ukraine-ledeall-01a-kczq/ 44 KB
44 KB 35ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09ukraine-ledeall-01a-kczq/09ukraine-ledeall-01a-kczq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d783dbeec62b9d7741beb09c2acf3fee02a9e24a8571e90a87e5e15d77d13303

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 22:11:17 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 39431
x-guploader-uploadid: ADPycdsM6QEt785Aaxt-VIh7bIbTHdjnYYeHSXZh7BJzHyaDeFravm2nZxFLpdI6rb6w1GqfduK37fUpP-toYOf6Mb9gRA
x-cache: HIT, HIT
fastly-io-info: ifsz=74850 idim=600x400 ifmt=jpeg ofsz=44592 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 44592
x-served-by: cache-iad-kiad7000065-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.005756,VS0,VE0
etag: "scg+wtvsc3A5edYC5AUJHGfeUDeRmnIqL/mkST7X0ZY"
vary: Accept
x-goog-generation: 1691618748529746
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=0/WGJA==, md5=msOyVk/y4wPQ9RTjy41E4w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 74850
x-amz-checksum-crc32c: 0/WGJA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 123

GET
H2 200 09Disney-01-kqjp-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/08/09/multimedia/09Disney-01-kqjp/ 15 KB
15 KB 32ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09Disney-01-kqjp/09Disney-01-kqjp-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0fc9cd1a827da0fed618503cbf3a9a155e89956f281d8a05343f3bdf6f733607

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 20:07:13 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 46876
x-guploader-uploadid: ADPycdtqW2tJqTxnE-PRi_yqZvmn2fsk7wuLdPlaYWjuqZ4SNYLbp96hHPYb90225DY8R0YaWZmaEYRRjME9goJ52Ksuog
x-cache: HIT, HIT
fastly-io-info: ifsz=53815 idim=600x400 ifmt=jpeg ofsz=15270 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 15270
x-served-by: cache-iad-kcgs7200085-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.005858,VS0,VE0
etag: "4GvXXPu5KKKme285+ob12jnkbi04192J0MI8517v4u4"
vary: Accept
x-goog-generation: 1691611507029279
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=MWtLYw==, md5=qCIvVrFqwpMN7aeVerNBog==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 53815
x-amz-checksum-crc32c: MWtLYw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 3

GET
H2 200 author-charles-blow-thumbLarge.png
static01.nyt.com/images/2022/02/26/opinion/author-charles-blow/ 20 KB
21 KB 36ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/02/26/opinion/author-charles-blow/author-charles-blow-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

da9ecef91fd9a447be7b38fe40b181fe4518d05fc3437c471814b8dfb12effae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 02 Aug 2023 08:30:18 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 88229
x-guploader-uploadid: ADPycdtsbNP4M5bSrz69vi7-T-vIYr4pha-H7UYhnf6m3Xne3nsmTQZ2S5ngp4IwRdfn5ED_pIFHAYxPPs_Txqcnr_MeXg
x-cache: HIT, HIT
fastly-io-info: ifsz=31471 idim=150x150 ifmt=png ofsz=20716 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 20716
x-served-by: cache-iad-kcgs7200114-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.006841,VS0,VE0
etag: "+AUfcSm0JhiD1RA7PXlW6A2uIqBveV8GuGhlUYvEyB0"
vary: Accept
x-goog-generation: 1645871644886139
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=UWfjwA==, md5=d5LriDQIlKP7ipa7d6Mtvg==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 31471
x-amz-checksum-crc32c: UWfjwA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1604, 304

GET
H2 200 09chekh-1-ljvp-square320.jpg
static01.nyt.com/images/2023/08/09/multimedia/09chekh-1-ljvp/ 26 KB
27 KB 34ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/multimedia/09chekh-1-ljvp/09chekh-1-ljvp-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

17b10e45fec299c0219bed0bcc3a897b625aaada7475a1dd9dfb2eec54682d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 10 Aug 2023 05:27:03 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 13286
x-guploader-uploadid: ADPycduR7Wt2QWuiWps1WcHWFbTqBlL4CBEtECIwEY3keJLxgmInHed0aiNaLPm_ZIQKLKH_t3xGu2IB7YXzthjiLvneMvq8_VT8
x-cache: HIT, HIT
fastly-io-info: ifsz=47938 idim=320x320 ifmt=jpeg ofsz=26794 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 26794
x-served-by: cache-iad-kjyo7100124-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.006825,VS0,VE0
etag: "a2dP4a2mm5YLGkAxI1dPhc+SN2YJkd06titY8X1NGRI"
vary: Accept
x-goog-generation: 1691643604601276
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=qsGiqA==, md5=1RsCXdfFDBcTBbjaSUw7Ng==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 47938
x-amz-checksum-crc32c: qsGiqA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11, 24

GET
H2 200 Tufekci-Zeynep-circular-thumbLarge-v3.png
static01.nyt.com/images/2015/03/16/opinion/Tufekci-Zeynep-circular/ 24 KB
24 KB 33ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2015/03/16/opinion/Tufekci-Zeynep-circular/Tufekci-Zeynep-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

862418757663ae7210bf0db623cb4f066ae1d636a8c1fbfdf36252b0b1629352

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 30 Jul 2023 17:57:27 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 350821
x-guploader-uploadid: ADPycdt32sDSbPFa-_64YI00NY4VdPxFABxJNa9DG-8S7xLtzzOWHXVnmOyIZXJ7IrET3yGhjp2oH4rfsjE1C3r69GGrdA
x-cache: HIT, HIT
fastly-io-info: ifsz=38083 idim=150x150 ifmt=png ofsz=24224 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24224
x-served-by: cache-iad-kjyo7100114-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.006809,VS0,VE0
etag: "U85NJdZrYbn+qrIJ1lCxFWLwfRxPsqdYQq4Ii8ZlPqk"
vary: Accept
x-goog-generation: 1538581664529679
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=d5Cj8Q==, md5=KrA0jQmg+7Puxe5h+/tZFA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 38083
x-amz-checksum-crc32c: d5Cj8Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 59, 1049

GET
H2 200 ross-douthat-thumbLarge-v2.png
static01.nyt.com/images/2018/04/03/opinion/ross-douthat/ 19 KB
19 KB 33ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/04/03/opinion/ross-douthat/ross-douthat-thumbLarge-v2.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5556c070526b297dda9dbaa46030fea708a501c0c1eb4e6d401b1627ce3d153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 02 Aug 2023 09:37:13 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 140058
x-guploader-uploadid: ADPycdsCVdaQb1W-LyIMfMFTdq8E6kRmdY1_gFN2sMf1SL4z2vzlVuY6nLc736d9N3S33ZofjLAlKB6cDXbfLvfjCX-WhKSBIDzB
x-cache: HIT, HIT
fastly-io-info: ifsz=32116 idim=150x150 ifmt=png ofsz=19256 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19256
x-served-by: cache-iad-kjyo7100158-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.006801,VS0,VE0
etag: "v7TbdrMMvyz/v68htf7P3c8XmpF+2K/AqQNBwrkW/6g"
vary: Accept
x-goog-generation: 1667908945476148
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=4WSURw==, md5=LXPKJEbncHUN6JwDl2UFcg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 32116
x-amz-checksum-crc32c: 4WSURw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1703, 670

GET
H2 200 Peter_Coy_Final-thumbLarge.png
static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/ 19 KB
19 KB 34ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Tue, 01 Aug 2023 08:50:20 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 173887
x-guploader-uploadid: ADPycduAPgZFZ0R40fL0NJHxTZhuXNDVOH0V9CT-q3CSaeEkKdRwtGEvg2gxYU3iEgOCbswkNCYTzPiPoSwxzHnmQ_yk
x-cache: HIT, HIT
fastly-io-info: ifsz=30899 idim=150x150 ifmt=png ofsz=19030 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19030
x-served-by: cache-iad-kiad7000050-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.042790,VS0,VE0
etag: "pKxVSvUhBTYCP2nV/TCQfl9L8Trc0nAOFrwQjd7jZzw"
vary: Accept
x-goog-generation: 1678306549211650
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=HcBmbg==, md5=a/NESZYrulE18m32Zyd6QA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30899
x-amz-checksum-crc32c: HcBmbg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 291

GET
H2 200 Jessica_Grose_newsletter-thumbLarge.png
static01.nyt.com/images/2021/11/09/opinion/Jessica_Grose_newsletter/ 21 KB
21 KB 33ms
30ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/11/09/opinion/Jessica_Grose_newsletter/Jessica_Grose_newsletter-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

91f20084237de3b491ac997a40b3a2bd6617b6cf49fe9795f11fe7586f97bf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 03 Aug 2023 14:37:04 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 585085
x-guploader-uploadid: ADPycdua5w7vBgjNzrC0GiGlWaJEHkKKsRfxhgyeDTSyePuLAQ3e4cgCksjYLCmNNFwD_aeBLXSv7PQZ8B6nlQJVMLrt
x-cache: HIT, HIT
fastly-io-info: ifsz=35952 idim=150x150 ifmt=png ofsz=21064 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 21064
x-served-by: cache-iad-kjyo7100063-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.043056,VS0,VE0
etag: "N3RFxsCMhQr2DvBS7WMjHdS5VPxCbv/depXk7La16iM"
vary: Accept
x-goog-generation: 1636495888285157
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=64lplA==, md5=f1/uUWEaemYDg9bM3GfTNA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 35952
x-amz-checksum-crc32c: 64lplA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 571, 716

GET
H2 200 09berry-square320.jpg
static01.nyt.com/images/2023/08/09/opinion/09berry/ 15 KB
15 KB 32ms
31ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/09/opinion/09berry/09berry-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e72b31426b976654587dbeef06f96c66956062b9198daf53f15d35960a4666de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 09:44:15 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 84254
x-guploader-uploadid: ADPycdvlqAj4u9-pn4ipuGcR29-JX_5DW826h2XCpsFSi_aCdKRTpNahB8coQ0q4Z0-Ohn-L9vvr0nyB1QsLfDsyW0et-w
x-cache: HIT, HIT
fastly-io-info: ifsz=34248 idim=320x320 ifmt=jpeg ofsz=15052 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 15052
x-served-by: cache-iad-kiad7000071-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.043203,VS0,VE0
etag: "kAAegTE5Oh+Fri7e21bLNq0z4tlubXCS82zRpSHFJDg"
vary: Accept
x-goog-generation: 1691571629143843
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=wdHMVQ==, md5=XmC/mgefDqnD5sLAKsAJSA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 34248
x-amz-checksum-crc32c: wdHMVQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8, 845

GET
H2 200 author-david-wallace-wells-thumbLarge.png
static01.nyt.com/images/2022/05/16/reader-center/author-david-wallace-wells/ 19 KB
19 KB 31ms
30ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/05/16/reader-center/author-david-wallace-wells/author-david-wallace-wells-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

74b6fc56535b66c4398f259e885820997f9ab7d1a981f218fabc1e8c02a14bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 31 Jul 2023 19:10:29 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 227737
x-guploader-uploadid: ADPycdvVQOitPZK17wAskcohJylS9Ix6KPNMaLydeaVxub8uA9SyqQimd0a6YZdKJi9i8MrORErwZmk0eXi7gfN-4VOAUgjgME-B
x-cache: HIT, HIT
fastly-io-info: ifsz=31685 idim=150x150 ifmt=png ofsz=18984 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18984
x-served-by: cache-iad-kjyo7100040-IAD, cache-chi-kigq8000139-CHI
server: UploadServer
x-timer: S1691658509.043188,VS0,VE0
etag: "hM5cf5LE96jtY5wu/fR7udnIHseBLrl2p46pC5Edz8A"
vary: Accept
x-goog-generation: 1652720316724319
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=U8bcEQ==, md5=6FKuHqiyeXx4gliUGBJyCQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 31685
x-amz-checksum-crc32c: U8bcEQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 353

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 35ms
35ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://nytimes-com.diced.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 2
content-encoding: gzip
content-length: 20
date: Thu, 10 Aug 2023 09:08:29 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: CO
x-samizdat-query-exe-id: 93e415d22cefd2e6
x-samizdat-query-field-errors: 0
x-served-by: cache-chi-klot8100050-CHI
x-timer: S1691658509.123807,VS0,VE0

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET
H2 200 09vid-HI-carousel-99022-cover-master675.jpg
static01.nyt.com/images/2023/08/10/09vid-HI-carousel-99022-cover/ 18 KB
19 KB 29ms
28ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/10/09vid-HI-carousel-99022-cover/09vid-HI-carousel-99022-cover-master675.jpg?quality=75&auto=webp

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2692b7bc3a4a4eecde9c12085879f32e6dbf87ce32fb65618cf6024803e5578a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://nytimes-com.diced.sh/
Origin: https://nytimes-com.diced.sh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 10 Aug 2023 04:01:23 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 18426
x-guploader-uploadid: ADPycdt49bDepaSvhfoo8g-rC4EOAx_iz7gGQhqRN8XA4zgyZMKxy1Ivx30Vk3pwSxk8MSiE4zIo-qzG5kGj18Ck1OJigtQGWrIj
x-cache: HIT, HIT
fastly-io-info: ifsz=45025 idim=675x450 ifmt=jpeg ofsz=18598 odim=675x450 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18598
x-served-by: cache-iad-kiad7000144-IAD, cache-chi-kigq8000020-CHI
server: UploadServer
x-timer: S1691658509.310183,VS0,VE0
etag: "DfmksFgpQoNmXeDOi8GEEqOBRTW5+0J+pR5do4glRgM"
vary: Accept
x-goog-generation: 1691638387323339
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=9a0XQw==, md5=lXT8eJi6DegjahDgWv0etw==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 45025
x-amz-checksum-crc32c: 9a0XQw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11, 18

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=7f8fdcaa-0a68-4677-bb14-1cbad87b2d29&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
355 B

74ms
67ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=7f8fdcaa-0a68-4677-bb14-1cbad87b2d29&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 10 Aug 2023 09:08:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=7f8fdcaa-0a68-4677-bb14-1cbad87b2d29&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H/1.1 200
OK cksync.php
cs.media.net/ 60 B
648 B 210ms
72ms Image
image/gif 173.223.56.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 09:08:29 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 60
x-mnet-hl2: E
Expires: Thu, 10 Aug 2023 09:08:29 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=467b96d2-815d-48aa-85b5-b42611a71627

61 B
623 B

253ms
137ms

Image
image/gif

173.223.56.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=467b96d2-815d-48aa-85b5-b42611a71627

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Server

173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 10 Aug 2023 09:08:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 10 Aug 2023 09:08:30 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:28 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=467b96d2-815d-48aa-85b5-b42611a71627
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1837040
content-length: 0
expires: Thu, 10 Aug 2023 00:00:00 GMT

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=syQWRXhc1Qu1EF5

61 B
639 B

162ms
158ms

Image
image/gif

173.223.56.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=syQWRXhc1Qu1EF5
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: HTTP/1.1
Server: 173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 09:08:33 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 61
x-mnet-hl2: E
Expires: Thu, 10 Aug 2023 09:08:33 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 09:08:29 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-013cfefc71e743b69@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=syQWRXhc1Qu1EF5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

current
medianet-match.dotomi.com/match/bounce/
Redirect Chain

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=13bb82a25aa1485&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsi...

1 B
90 B

408ms
407ms

Image
text/html

2606:ae80:1451:18::1720
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=13bb82a25aa1485&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Server: 2606:ae80:1451:18::1720 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:30 GMT
server: nginx
content-length: 1
content-type: application/octet-stream, text/html

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:30 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=13bb82a25aa1485&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=b40e7567-51a7-4e03-a69a-3ad0132075bb&google_hm=YjQwZTc1NjctNTFhNy00ZTAzLWE2OWEtM2FkMDEzMjA3NWJi
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECjFwDMILSPjcrhrTHbMjSY&google_cver=1&ssp=medianet&bsw_param=b40e7567-51a7-4e03-a69a-3ad0132075bb
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b40e7567-51a7-4e03-a69a-3ad0132075bb&gdpr=&gdpr_consent=&gdpr_pd=

61 B
472 B

160ms
153ms

Image
image/gif

173.223.56.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b40e7567-51a7-4e03-a69a-3ad0132075bb&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Server

173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 10 Aug 2023 09:08:34 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 10 Aug 2023 09:08:34 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b40e7567-51a7-4e03-a69a-3ad0132075bb&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 10 Aug 2023 09:08:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pd
nytimes-d.openx.net/w/1.0/
Redirect Chain

https://nytimes-d.openx.net/w/1.0/pd
https://nytimes-d.openx.net/w/1.0/pd?cc=1

43 B
211 B

47ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:30 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://nytimes-d.openx.net/w/1.0/pd?cc=1
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 206 110485_1_09vid-HI-carousel-99022_wg_480p.mp4
vp.nyt.com/video/2023/08/10/ 3 MB
3 MB 113ms
96ms Media
video/mp4 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vp.nyt.com/video/2023/08/10/110485_1_09vid-HI-carousel-99022_wg_480p.mp4

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0452486a9e7b78043cf9d1331e1118d15078cb3a5e78caf5f18578c2be1c875c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://nytimes-com.diced.sh/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 10 Aug 2023 09:08:29 GMT
date: Thu, 10 Aug 2023 09:08:29 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 0
x-guploader-uploadid: ADPycdvie8ti619yt894PoHxUeWh2FQbk4J8py8qOqZjLCPF1OPu2fFhDySCLs-8VgLSWREiYXjjHKRU8Ad-iYyLe54RdbE4PYhi
x-cache: MISS
x-goog-storage-class: REGIONAL
Content-Range: bytes 0-2841755/2841756
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 2841756
x-served-by: cache-chi-kigq8000020-CHI
last-modified: Thu, 10 Aug 2023 08:51:04 GMT
server: UploadServer
x-timer: S1691658510.686998,VS0,VE66
etag: "4fbe4bfbc3e57c3fcd27f1a1e7ddfc84"
x-goog-generation: 1691657464099548
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=Kl898A==, md5=T75L+8PlfD/NJ/Gh5938hA==
cache-control: max-age=60, s-maxage=86400, stale-if-error=86400
access-control-allow-methods: GET, HEAD, OPTIONS
x-goog-stored-content-length: 2841756
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 121ms
121ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 98ms
98ms XHR
text/javascript 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fnytimes-com.diced.sh%2F&pid=kzHVTqn90CSjC&cb=1&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 9VRR8A3SRRAVVS711HP8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nytimes-com.diced.sh
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: LGDh4CCiiyLW3ev_p2bc_s2RzUpVIrQCPt7btsAOUsFDxgSyGablJA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 98ms
98ms XHR
text/javascript 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fnytimes-com.diced.sh%2F&pid=kzHVTqn90CSjC&cb=2&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: YBJ3FERHK6MQWEWWXKDW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nytimes-com.diced.sh
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: aRzRWBcPm_DUHE6DRyz-L5Ny1PH8XisiCmX_ZhtfFujhJlXEXJ-QMA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 96ms
95ms XHR
text/javascript 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fnytimes-com.diced.sh%2F&pid=kzHVTqn90CSjC&cb=3&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 4PR8C8W88CJ5M3WNEFTY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nytimes-com.diced.sh
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9Lpt6VpM3XzEFTx0Rw25TCcN0bQaKmUfpJ2SZw2SRRApKp51fxu2gQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 95ms
94ms Fetch
image/gif 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 42SST070WK0Z0Y6DTH0Y
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: NXj4u9LhxcASHX-np4oZEOVYW__oVkSWxaVs3nUqkAx3d_fKYKV-mg==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
414 B 93ms
93ms Fetch
image/gif 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: YAWJACA1CAN2JFZ06TE8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: _iGnPwtNTchE1xRxaOt-VAlPii29n3jZvnQCZ366XXNbCtAdDprpog==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 99ms
95ms Fetch
image/gif 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: NNY7ERB2SJ95BD341F3A
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: uUE7DKgnsjYVq21SWEeBilifWj8kNl3tn_4qORH5TLYo6ngnQC9Pow==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 92ms
91ms XHR
text/javascript 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fnytimes-com.diced.sh%2F&pid=kzHVTqn90CSjC&cb=4&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-bottom_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 123673XM052CMNY9QFDD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nytimes-com.diced.sh
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pBp8vcTne_dRaXgP4m_iAw7TCsf7pMz8fRk0NAyc-9CUiJbLg4n4NA==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 64ms
64ms Fetch
image/gif 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223030%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnytimes-com.diced.sh%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-amz-rid: 37BKKPHY71BRMA9Z45GE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: NH7wwn0-U0w4ktAFm9rUWeSEv9q1FXWtvks8qUK9zANHGvNhcwqurQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
14 KB 653ms
652ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=751341758023128&correlator=2490083870525547&eid=31076923%2C31070233%2C31075148%2C44769661&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691658510156&lmt=1691694470&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnytimes-com.diced.sh%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=949558943.1691658510&ga_sid=1691658510&ga_hid=1227031712&ga_fc=false&dlt=1691658503463&idt=6270&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D2%26amznp%3D2%26request_time%3D6313&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_20230809230824%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D3%26page_view_id%3Dd6vpki-kD8DyZ4sJlWupDh9i%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=2496155832

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eabbe603b5769552103ed0594eb648e472f3f77fb62b399378542a296f94a9c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14176
x-xss-protection: 0
google-lineitem-id: 6275722235
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440999674
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nytimes-com.diced.sh
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B954 6 KB
3 KB 207ms
68ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nytimes-com.diced.sh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 09:08:30 GMT
expires: Fri, 09 Aug 2024 09:08:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;u... Show response
5290727.fls.doubleclick.net/ Frame 2D4D
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com...

598 B
497 B

72ms
66ms

Document
text/html

142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

2cd64d0dd98d382583d3e8ad7eb4d57f99b4e97d14b3cab01447f4b00f24ebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nytimes-com.diced.sh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 322
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 09:08:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 09:08:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 60ms
51ms Script
application/x-javascript 2600:9000:24f1:fc00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 08:54:41 GMT
content-encoding: gzip
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:52:49 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 829
etag: W/"64d2e361-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: YyqVWvelSoJ8rByQtdGfSsaEChErVqRFeKk7qBU-owjcc9XZF65Gpw==
expires: Thu, 10 Aug 2023 10:54:41 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
413 B 84ms
65ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Fri, 18 Mar 2022 07:54:33 GMT
date: Thu, 10 Aug 2023 09:08:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 5930
x-guploader-uploadid: ADPycdtbHyWHiz9ILGV3wjn5LUG7oCfouUlVEDunhvCBZ1YSycE-m1jwjNPfLWe_F6I6R-ilpBVbvFOgYI5i825ehcQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-chi-kigq8000139-CHI
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1691658511.542386,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 187

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 83ms
65ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Wed, 19 Apr 2023 06:41:04 GMT
date: Thu, 10 Aug 2023 09:08:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 20361
x-guploader-uploadid: ADPycdsFQvR0KaPkJL3Zvf0kKTR-083acLchrpBC_FzBsj32gBFoRlV8bqxSWuoAzZn0Pts-326OBcwrJWt8Krk-_KfuLGban3r3
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-chi-kigq8000139-CHI
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1691658511.542302,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 944

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 123ms
35ms Script
text/javascript 2606:4700:20::ac43:4842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:30 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 09:02:46 GMT
server: cloudflare
age: 344
cf-polished: origSize=4729
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ield0qtb%2FY2skVEy2CPu2rhrEgJ%2Bk1EwXrFECTZWMB0llvvZUUb8ytUqfmqlmvLbWRttipHXslWanxozQDEew%2FZ1yJO1xPuiRB714LKvP00Vkk3oC%2BDjxQbtws64hSknpeWgTBzGTdXkANiCvSADyqpx"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f47183b2a5b1127-ORD
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 container.html Show response
a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 36E5 6 KB
3 KB 157ms
59ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nytimes-com.diced.sh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 09:08:30 GMT
expires: Fri, 09 Aug 2024 09:08:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
96ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 124ms
40ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
dd.nytimes.com/js/ 240 B
625 B 167ms
64ms XHR
application/json 13.35.93.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-113.jfk50.r.cloudfront.net

Software

DataDome /

Resource Hash

a37386cd5d591842bc19127be20e657261427b87e16efe2f1b2b0ec848577327

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:34 GMT
via: 1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 240
x-amz-cf-id: gxF2BTH2btBk9AjAuxhGrf76v72vrj4eb7HU5yDlE8rABNPeexC2Ug==
expires: 0

GET
H2 200 dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;u... Show response
adservice.google.com/ddm/fls/i/ Frame 452F 194 B
440 B 191ms
68ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI3V7oTf0YADFcYPcQodah8GIA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4874383981132;auiddc=1928234746.1691658510;u17=https%3A%2F%2Fnytimes-com.diced.sh%2F;u5=;u18=;gtm=45He3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnytimes-com.diced.sh%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 09:08:34 GMT
expires: Thu, 10 Aug 2023 09:08:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 234ms
43ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=Cn1EpxQvW6hBSe9ee&d=nytimes-com.diced.sh&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10791&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fnytimes-com.diced.sh%2F&b=11236&t=CrHaD66lrLpDG033oY-j0RimrFv&V=141&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=600&sn=1&sv=BqQ6yAB-nYQCYLF6EWBb_DBSoB2s&sd=1&im=06672fd3&_
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:34 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 36E5 7 KB
1 KB 239ms
58ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Aug 2023 09:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 08:20:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Aug 2023 09:08:34 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 36E5 24 KB
6 KB 72ms
54ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 20:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Aug 2024 20:15:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 36E5 7 KB
804 B 239ms
59ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&lang=en

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Aug 2023 09:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 08:40:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Aug 2023 09:08:34 GMT

GET
H2 200 2178290142467267654
tpc.googlesyndication.com/simgad/ Frame 36E5 24 KB
24 KB 73ms
56ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178290142467267654?

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:33:02 GMT
x-content-type-options: nosniff
age: 588932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24219
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Aug 2024 13:33:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36E5 179 KB
57 KB 249ms
70ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 09:08:34 GMT

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 95 KB
19 KB 608ms
594ms Script
text/javascript 2606:4700:20::ac43:4842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=nytimes-com.diced.sh
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b6eb95b5318d5510a9a18b3591ea2e0967640fa3727688329bd41cd0d50dcdd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Aug 2023 09:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrvTvTHN2zyvMLRGDoF1PYbDjvo8vCe6FVcQHZ2jr96C7xUQcLaB%2B9PVfDUu8LFnjzdEjUHDd9QsxWIonud55qZetlr56Yd93i6ggx%2F3PPur%2BpjXXXP4hW2CzKFvE%2BagscTloKdY8J6PWwSuCD4fWWqI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f471854b8e41127-ORD
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 111ms
44ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F08%2F10%2F110485_1_09vid-HI-carousel-99022_wg_480p.mp4&i=&g0=Homepage&u=C2oV7-BdP9ciDCMZSO&t=B6zsymBThgpAkgRUnsoEU_Bz6Dl5&x=0&y=0&V=141&VS=H5&n=1&b=11260&r=&_vd=14004&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=nytimes-com.diced.sh&_pu=Cn1EpxQvW6hBSe9ee&_pt=CrHaD66lrLpDG033oY-j0RimrFv&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s2&_vcs=0&_vbr=-1&_vvs=0.116&_vpt=62&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vaup=auto&_vce=0&c=0&W=0&R=1&I=0&E=0&j=20&tz=600&_
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:34 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36E5 0
0 61ms
61ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyPf8hxgWL19pAhfpeqYTG5nnjPSN3rt4r0j1SeBwqAHqPgb0VojwNIvkBayZW3KhL_zzNK6bxQmBenC5isz47wuXFpmPbdCR92i4qQtXqXtZmH-m4rZoXPlciPAXr7jt9EyQqboEDjHyeNcp4LWm9ElOFloxXQIfY3Sc0QBSAF0AQHH0PtzbveihDiDNtgMY6SjeMx75viaUVPOy4kzj963vgO61Wj6dl9MHqLzimJ-B9tgLLLqU0lrISwZJd9EPIPCZzgodhdakgJwOgfXI8b8j2ANKYVY_aBbSjy5NvTHGsXoctX1MkvqFbOGV4Wo7eqL7aTlI7pSrgjquEyCz9y8ad1BzRBQmd0Qw4SNiPL627GY4iunejpw&sai=AMfl-YT5fjJAcmpYO2WCgtcVSixlB7t4_lRmI-UJB4thBnqc0uj_fJtgkvfL4BYTwyekMbsZVxp2OojenuvBrKwHd-QhZBXcXO3ZPnnj4Xtni51c-H69fXpY7esLyFOA4d2zOYIvIZezhLsDggngdn8&sig=Cg0ArKJSzNWhnQZh5_kmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ad-tracking.js Show response
static01.nytimes.com/ads/adplatforms/cdn/ET/ Frame 36E5 9 KB
10 KB 107ms
107ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js?cb=114050614

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Thu, 10 Aug 2023 09:08:34 GMT
date: Thu, 10 Aug 2023 09:08:34 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-guploader-uploadid: ADPycdvoKds5U_np0otabYolyGb0VcFThv-ugXDocn_RxwlSFS-nmKU8YPktGc4wEJ344SvcLQg7OtdRTW8wV62f8o7NbA
x-cache: MISS, MISS
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 9231
x-served-by: cache-iad-kiad7000144-IAD, cache-chi-kigq8000139-CHI
last-modified: Mon, 10 Jul 2023 17:00:44 GMT
server: UploadServer
x-timer: S1691658515.845431,VS0,VE71
etag: "b787e3d6003409a1e48a30e0600cdb37"
vary: Accept-Encoding
x-goog-generation: 1689008444082064
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=t5C97A==, md5=t4fj1gA0CaHkijDgYAzbNw==
cache-control: private, max-age=0
x-goog-stored-content-length: 9231
x-amz-checksum-crc32c: t5C97A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H3 200 2178290142467267654
tpc.googlesyndication.com/simgad/ Frame 36E5 24 KB
24 KB 44ms
44ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178290142467267654?

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:33:02 GMT
x-content-type-options: nosniff
age: 588932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24219
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Aug 2024 13:33:02 GMT

GET
H3 200 9376744555904406431
tpc.googlesyndication.com/simgad/ Frame 36E5 435 KB
435 KB 52ms
46ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9376744555904406431?

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f35eb84078ea2b334a083a090ec8069a537525bd6bd1e7d6e484f876e5f39c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:17:09 GMT
x-content-type-options: nosniff
age: 489085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445778
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Aug 2024 17:17:09 GMT

GET
H3 200 container.html
a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 36E5 6 KB
6 KB 70ms
64ms Image
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
URL: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2653
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Aug 2024 09:08:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 36E5 14 KB
15 KB 219ms
47ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 07:50:38 GMT
x-content-type-options: nosniff
age: 523077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 07:50:38 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 36E5 15 KB
15 KB 230ms
58ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:24:52 GMT
x-content-type-options: nosniff
age: 92623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:24:52 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 36E5 14 KB
14 KB 81ms
79ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 11:00:30 GMT
x-content-type-options: nosniff
age: 79685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 11:00:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36E5 0
0 72ms
71ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRz7q9ViC6K7EGJ4b7QVbtY6O92Cl_JTls-2L-AiTMoz6173XlAKK8v6rYKEpnhFvZyA7ZSQdmovPolFNMDR8am-FOLFbh0MpsBH9Mbh2h8iduZwt4sYJjvn9AV0SgxOQUNo6dmUbDhc-Ed8P769c9E3iC4RgpLJ-xZjRCjehQPOBBOCv_1CE4ABm-q9Njilgyxnfa5TRB0EDSw0kXGZw4vH5F2qwX-x7zAJ7-StU5wMP6x5tEEwCA4CMcQA0aexlMcpNgreuwHFI0K7k03PbxyM13JeqhezanBWyGjAye3J_g6-1lxCYfAW3MbmVscI4fpXTbBJqsp5LfLryndJg&sai=AMfl-YSq0DAk_GQKUzXsFTnUb9o314P80Anh_QagA7W-YlNEcHjuIjl8ARk49cQvUuPUWj8V6o3HCEWkhaj_eSLx7a9appoUoY-FPxwsOl2qxvVmvrGeD0sPHgVpR2REE19VhFdhS4CLa7p3Q2pNSzs&sig=Cg0ArKJSzEGOaByozjk2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Aug 2023 09:08:35 GMT

GET
DATA 200
OK truncated
/ Frame 36E5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 227e9395a80c78f79ecbdd15bac8f4aeb4bda149a0d2a19d0b5925fbaaba5d4d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eventtracker-snippet.js Show response
nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/ Frame 36E5 3 KB
4 KB 190ms
49ms Script
text/javascript 2607:f8b0:4006:820::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/eventtracker-snippet.js
Requested by: Host: static01.nytimes.com
URL: https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js?cb=114050614
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::2010 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 08:26:15 GMT
age: 2540
x-guploader-uploadid: ADPycdu8g_96oH4WtIBiCN4OYNOW2dUDzxZXd6hS_JQhviMsNivKGs9BX5yyvbOqD15LHijvFOt1WwHJX1SjCOkg34rB4Q
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3190
last-modified: Mon, 15 Aug 2022 20:07:43 GMT
server: UploadServer
etag: "dcda8651f2fd6410a0bac2a0625874aa"
x-goog-generation: 1660594063515807
x-goog-hash: crc32c=GCowug==, md5=3NqGUfL9ZBCgusKgYlh0qg==
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
x-goog-stored-content-length: 3190
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:26:15 GMT

GET
H/1.1 200
OK c.js Show response
collector.brandmetrics.com/ 0
188 B 248ms
46ms Script
text/javascript 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=nytimes-com.diced.sh&rnd=7643807
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=nytimes-com.diced.sh
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date: Thu, 10 Aug 2023 09:08:35 GMT
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H2 200 .status
a.et.nytimes.com// 0
0 74ms
72ms Fetch
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 250ms
78ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7016a85e7bb8cca71cb73bab552407a7cf4c81496e2568fbbb3e600798fa9ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11577
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 152ms
38ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde6f9afb424b1d8cc7d6baee3d04833d1ee5991af1aeb7d13220a261b31ad83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:35 GMT
x-amz-version-id: Rww1MHAN23kar5X.sCqojOEe.stJj0Cj
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: A8B8044R55V2G8BK
age: 506
x-amz-server-side-encryption: AES256
x-amz-id-2: cUcwm99+xflFLQjVnsp5KueLC0rNBXCNXHhaoTjEBVL7T1WA6mO3D7IzpMz+jRppWeJeaQzOpVE=
last-modified: Thu, 27 Jul 2023 19:52:49 GMT
server: cloudflare
etag: W/"c3fa04a79429d9dd7b16822dc191a17a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ns2gk9ZK6YKacEgqQUSi8I9L9PwLoaJP5othlni2fuGrp8ePRc3CXc91h7lnuNeGrzK8VrZrRxpZ4cY%2FTxhMbL%2FRKujQ%2FgDZafyV09iDjnHdBaC5aZmZzU%2F1bMuk88lWYvYLEgnEYJO%2BiggLT33PgDu45c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7f47185b8c8de13b-ORD

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain

https://sb.scorecardresearch.com/c2/3005403/cs.js
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

0
362 B

80ms
64ms

Script
application/javascript

108.139.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol: H2
Server: 108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-92.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:04:16 GMT
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 260
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Tokbo08pttA1-x3n5VKRnMYQQvjgp-bjFkFiBkZeomP3213EcJ24Ug==

Redirect headers

date: Thu, 10 Aug 2023 09:08:35 GMT
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /internal-c2/3005403/cs.js
content-length: 0
x-amz-cf-id: VoKz_i9MpsSveTeb3ZhV-zjqXfTeMtAgGKUoa8V4Rw1vq1n-tQWiXQ==

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 103ms
42ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=Cn1EpxQvW6hBSe9ee&d=nytimes-com.diced.sh&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=10811&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&PA=https%3A%2F%2Fnytimes-com.diced.sh%2F&b=11236&t=CrHaD66lrLpDG033oY-j0RimrFv&V=141&tz=600&_vi=&_vp=https://vp.nyt.com/video/2023/08/10/110485_1_09vid-HI-carousel-99022_wg_480p.mp4&_vdd=video%40nytimes.com&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vd=14004&sn=2&sv=BqQ6yAB-nYQCYLF6EWBb_DBSoB2s&sd=1&im=06672fd3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:35 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 match-prod-0a0676b824889679c2c6.js Show response
platform.iteratehq.com/ 85 KB
30 KB 37ms
37ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-0a0676b824889679c2c6.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a00dcd517c550afad5ff0c9d641bbfd4cfe2e93e8ff57b3162698f997a374579

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:35 GMT
x-amz-version-id: jK6FYHo9oMJLjlqTi2GAW763inhdsrbc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 1VP7QED1X9NXB33B
age: 836548
x-amz-server-side-encryption: AES256
x-amz-id-2: NwWdERz/WrsgaiW6cDQP1JgOjbH2NKUVgpLgd+S0/JYeWhVoHm3X+vxmDSbzbRKvj8tg15pi4RE=
last-modified: Thu, 27 Jul 2023 19:52:48 GMT
server: cloudflare
etag: W/"537be2cca408005f639f21b82210dce8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gm9ePEmA3HkZtxjOTs7ICfySCMM2M3Oe%2F65lW2BE44y6c1Rz6nNW%2FHjnC2LI9Kg3yduPs4LuDxc6jtf3YlgQf3%2FWQWfaBv%2FjBjFhs7G8n64NdQtYu%2BuLdrGd88F3RV7GNvjJlPMWxSaJCaOlUZjgTyKa3wE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7f47185c0cf6e13b-ORD

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
70ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 09:08:35 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 295 B
543 B 72ms
66ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-0a0676b824889679c2c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b64d8eb29192d678e01d6829d4f6afb12266ef2a9218e7f28f66a6acf689897

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Aug 2023 09:08:36 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoBlGgvFSyHj9o3zaSr3HZG0tIV%2Bkovj2ChsLQgdpoAGzowKA68Ec913msm7jwS5rPtIBC1Oy5f%2B6zHsGJRVpE3Xc2UgYg8PjuOepTJwN9REQkrdXUCYBH80Vt%2BYYrBZUrzQcO28M%2FAmUcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f47185dddc613fb-ORD

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 196ms
73ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://nytimes-com.diced.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 7f47185d5d5713fb-ORD
content-length: 0
date: Thu, 10 Aug 2023 09:08:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OM%2F9A3NTYChASQrQXHfsc0B5q%2BE2Ppnq%2BGX8Faq24X%2BDO9Qj4l7SlmkD6mgCmnuA9owY8lMtBEbgUnljNoLZ0F41MCPZZoQed4qeTfOgo%2FzNqybagCWCpEnGEGeInMB4W8wx%2F87%2FYSr57I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FC8 13 KB
5 KB 72ms
58ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nytimes-com.diced.sh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 06:51:48 GMT
expires: Fri, 09 Aug 2024 06:51:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C123 831 B
1 KB 219ms
62ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

551c53d242072d9d6e5311067bd912509ab066ce16098fc74a1ac2c4637cfd00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6-iBU3la74Yb8v7wZGfwjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nytimes-com.diced.sh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-6-iBU3la74Yb8v7wZGfwjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 09:08:36 GMT
expires: Thu, 10 Aug 2023 09:08:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FC8 37 KB
14 KB 153ms
59ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 06:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 06:51:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C123 0
0 124ms
110ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=751341758023128&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36E5 42 B
174 B 114ms
106ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttvy6X08x8uBXa_OXy8ILuP1fdplK835wHpHY4hS5VXL9X3c_looZ7FuxCRFGFjIw2FDiUrVjIoLiYhLMYFURQi5qtAp7D_jUpA-MErvoGxSINHFG3&sig=Cg0ArKJSzOO0AgcUvgJREAE&id=lidar2&mcvt=1003&p=16,0,286,1600&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2496155832&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691658513577&rpt=1446&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 09:08:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
347 B 90ms
88ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-0a0676b824889679c2c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NGQ0YTkxNDk2ZmQ4NjAwMDExMGY1ZGEiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjkxNjU4NTE2fQ.atdAMl-rRr1A81XsuhgTu1lfhElHRkDAYddSy46xhWQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Aug 2023 09:08:36 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmYalAi0P2uN57UcSaGNp%2F%2FOVTSXCwaYq7syvfj7%2BhRwXiyBftV9uLo1rFpCLaQcj6WMzyJPQdJCpYaGv%2Bij1zACIXr%2Fqe0ELE00GY%2BHs71fC4m7Q8aH4ZTVbC54cfWMmud52pDr2kfQkS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f4718603f7013fb-ORD

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 67ms
63ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://nytimes-com.diced.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 7f47185fcef113fb-ORD
content-length: 0
date: Thu, 10 Aug 2023 09:08:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMMraOXyPIbVxejN7fHrgcUZ8BfXUFfD248Nz3%2FxxwoS2FNg66qCUSyKHY8TJHqBwMmUrULN1OKMXVsgTwhqWPJ6hc8T9Xts7FyIs%2FROuGtPiBm4W5wD%2BWU%2BWe%2FuaO0bS19mEOQ2Sgbo%2Bmw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
100ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FC8 0
10 B 146ms
43ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rKj34g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 09:08:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
107ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=751341758023128&bg=!AAOlA1fNAAaiGN5Pghg7ADkAdvg8WpCKBJ45BqTEx3poO7zFFXr8NOLZdWektCxDfhMcQFSsRL4X24d8zI-SjU0nfoyMnk09stsCAAABiVIAAAAeaAEHCgAfy9a3k6UsVeutJWAClIJ8JEljU_kd1A4zsfGe5JuuN5kC1ZrJpV7f921dpZS_-z9lomeDmYaoNu_Bcv4cdm-5LRAp7a9IeZaqQdzXUfT6liGOIAJ82E4ydpDbG0QuoQTv_Pq1YQiJ3YIcvvUQfp6uJBFoaXcu9mSYwhQJg6-TdeAd6pPujFK4HuWatlv_XEasZhi5sBEhYMWoYohbvZi_M2k4MUzhsUdtwjuBs-LcTbgdAt68BYI0yTYwzk59SaY28boTJZ2lcUx4kmzZHUxaR0azyI4gPVnFYd6eb9TzO0dDHjhdG6OD2GfxaQMJO3W55Uvcfp6D76_ChqHyx6ZXnXZydF62xEq2nKFJJht16vzVuvFC14fBbdKwXOppyYF7xmO-5AqNJs6m9Q2s-kjDGxoHw_DHzDhV3JjQFAz1rUwZxUe1ggNM4PgLLD2ws8EYQxP6nRS-v9krcYnCVcph4iu8yVXrJmZXTquQAlAnmkGuc4319rYAD55yGvNaymzEqvp_wp6N4cni4EH4auL8qdUSNeALI0ERq1REutIow10pZUCIdU2LzefowyV_rialW4xYmuzh2_sotEMOPzQzNRzPJQnpz7zj2WrmHfjCNrHLsTkR3oNv51KtBsolUQ9sONazggNUg_TcxnXslX51K1ssVwXnb5hn1i2YlSeeOkXa9R7PrSb0xETABzIWu5WcEoFftvYv5kTLiX3SqSm-vQbVbj3OGAvT2VrsrCHWHxVAZnShOlPMP8FQoegbchbVpQmObaP2pV_lo3llDkE5OM-xChxmuGbF4lTpYMv0vRNL99__lJm6tV7OOKfulOuP3lqe6SUvlqwTPMABqKHKIELtRmsXXD8SFilzgKFINN6fdrU_KbO1J3ILo81eBVdtGLJkgZdEwjSzeCxByT41G-3ULt1nln6YmNzkWvxGdXRClcs3GQZvEaRHC303be44gZ0bvxVo5HKJy9_vzc5QYi0lNCxsmlDyLkOLfFmzAlmmiy1MSJeH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 73ms
73ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F08%2F10%2F110485_1_09vid-HI-carousel-99022_wg_480p.mp4&i=&g0=Homepage&u=C2oV7-BdP9ciDCMZSO&t=B6zsymBThgpAkgRUnsoEU_Bz6Dl5&x=0&y=0&V=141&VS=H5&n=1&b=11260&_vd=14004&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=nytimes-com.diced.sh&_pu=Cn1EpxQvW6hBSe9ee&_pt=CrHaD66lrLpDG033oY-j0RimrFv&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=5.121&_vpt=5069&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vaup=auto&_vce=5&c=0.09&W=0&R=1&I=0&E=5&j=20&tz=600&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 70ms
69ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 53ms
52ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F08%2F10%2F110485_1_09vid-HI-carousel-99022_wg_480p.mp4&i=&g0=Homepage&u=C2oV7-BdP9ciDCMZSO&t=B6zsymBThgpAkgRUnsoEU_Bz6Dl5&x=0&y=0&V=141&VS=H5&n=1&b=11260&_vd=14004&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=nytimes-com.diced.sh&_pu=Cn1EpxQvW6hBSe9ee&_pt=CrHaD66lrLpDG033oY-j0RimrFv&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=10.118&_vpt=10006&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vaup=auto&_vce=10&c=0.17&W=0&R=1&I=0&E=10&j=20&tz=600&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:44 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 87ms
80ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 47ms
47ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=Cn1EpxQvW6hBSe9ee&d=nytimes-com.diced.sh&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=10811&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=&PA=https%3A%2F%2Fnytimes-com.diced.sh%2F&b=11236&t=CrHaD66lrLpDG033oY-j0RimrFv&V=141&tz=600&_vi=&_vp=https://vp.nyt.com/video/2023/08/10/110485_1_09vid-HI-carousel-99022_wg_480p.mp4&_vdd=video%40nytimes.com&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vd=14004&sn=3&sv=BqQ6yAB-nYQCYLF6EWBb_DBSoB2s&sd=1&im=06672fd3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 55ms
51ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F08%2F10%2F110485_1_09vid-HI-carousel-99022_wg_480p.mp4&i=&g0=Homepage&u=C2oV7-BdP9ciDCMZSO&t=B6zsymBThgpAkgRUnsoEU_Bz6Dl5&x=0&y=0&V=141&VS=H5&n=1&b=11260&_vd=14037&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=nytimes-com.diced.sh&_pu=Cn1EpxQvW6hBSe9ee&_pt=CrHaD66lrLpDG033oY-j0RimrFv&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=15.116&_vpt=895&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vaup=auto&_vce=15&c=0.25&W=0&R=1&I=0&E=15&j=20&tz=600&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:49 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 48ms
47ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=Cn1EpxQvW6hBSe9ee&d=nytimes-com.diced.sh&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.27&x=0&m=0&y=10811&o=1600&w=1200&j=30&R=0&W=0&I=1&E=5&e=0&r=&PA=https%3A%2F%2Fnytimes-com.diced.sh%2F&b=11236&t=CrHaD66lrLpDG033oY-j0RimrFv&V=141&tz=600&_vi=&_vp=https://vp.nyt.com/video/2023/08/10/110485_1_09vid-HI-carousel-99022_wg_480p.mp4&_vdd=video%40nytimes.com&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vd=14037&sn=4&sv=BqQ6yAB-nYQCYLF6EWBb_DBSoB2s&sd=1&im=06672fd3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:50 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: nytimes-com.diced.sh
URL: https://nytimes-com.diced.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nytimes-com.diced.sh/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 49ms
48ms Image
image/gif 3.227.173.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=video%40nytimes.com&g=16698&p=https%3A%2F%2Fvp.nyt.com%2Fvideo%2F2023%2F08%2F10%2F110485_1_09vid-HI-carousel-99022_wg_480p.mp4&i=&g0=Homepage&u=C2oV7-BdP9ciDCMZSO&t=B6zsymBThgpAkgRUnsoEU_Bz6Dl5&x=0&y=0&V=141&VS=H5&n=1&b=11260&_vd=14037&_vi=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&_vp=nytimes.com%2F&_vh=nytimes-com.diced.sh&_pu=Cn1EpxQvW6hBSe9ee&_pt=CrHaD66lrLpDG033oY-j0RimrFv&_pr=&_vdd=nytimes.com&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=20.116&_vpt=5895&_vtn=https%3A%2F%2Fstatic01.nyt.com%2Fimages%2F2023%2F08%2F10%2F09vid-HI-carousel-99022-cover%2F09vid-HI-carousel-99022-cover-master675.jpg%3Fquality%3D75%26auto%3Dwebp&_vaup=auto&_vce=20&c=0.34&W=0&R=1&I=0&E=20&j=20&tz=600&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-173-138.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nytimes-com.diced.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 09:08:54 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Domain: purr.nytimes.com
URL: https://purr.nytimes.com/v1/purr-cache

Domain: a.nytimes.com
URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1691658506424&referrer=&sourceApp=nyt-vi

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: meter-svc.nytimes.com
URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fnytimes-com.diced.sh%2F&referer=https%3A%2F%2Fnytimes-com.diced.sh%2F&pageviewID=d6vpki-kD8DyZ4sJlWupDh9i

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 16:03:54	Name: sync Value: CgkIOhDYwNH1nTE=
.nytimes.com/	1970-01-20 22:39:54	Name: nyt-a Value: rCbXRFIAdKOOpdkZC24cBcTb
.et.nytimes.com/	1970-01-20 13:54:20	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 22:39:54	Name: sessionIndex Value: 1\|1691658503939\|rCbXRFIAdKOOpdkZC24cBcTb\|1691658503939
.et.nytimes.com/	1970-01-20 13:55:44	Name: et-ppvid Value: https://nytimes-com.diced.sh/=d6vpki-kD8DyZ4sJlWupDh9i
.rubiconproject.com/	1970-01-20 22:39:54	Name: khaos Value: LL4XSO8P-20-L5A6
.rubiconproject.com/	1970-01-20 22:39:54	Name: audit Value: 1\|mFVHqHkj5bHYuFtRvxYWh1Yvo2XO8wv+vGi7zdmzImZm5xyqGl34mzx+kZD9IjQsnpG8+xdNSs4dgsAcobv0dhZ0kVS2EqJc2jL6aH0a0w7VatUG29CcNb7FQD2yB//hsqlSNZOaaDQ=
.scorecardresearch.com/	1970-01-20 23:30:18	Name: UID Value: 15B0d9f9f0bec995e2dd85f1691658505
.openx.net/	1970-01-20 22:39:54	Name: i Value: 5f73f71e-c391-0060-17c4-d73d7d83f1e2\|1691658509
.3lift.com/	1970-01-20 16:03:54	Name: tluid Value: 4333368006603673335817
.bidswitch.net/	1970-01-20 22:39:54	Name: tuuid Value: b40e7567-51a7-4e03-a69a-3ad0132075bb
.bidswitch.net/	1970-01-20 22:39:54	Name: c Value: 1691658509
.criteo.com/	1970-01-20 23:15:54	Name: uid Value: 467b96d2-815d-48aa-85b5-b42611a71627
.media.net/	1970-01-20 22:39:54	Name: visitor-id Value: 3346601096419502000V10
.w55c.net/	1970-01-20 23:25:59	Name: wfivefivec Value: syQWRXhc1Qu1EF5
.dotomi.com/	1970-01-20 13:54:18	Name: DotomiTest Value: 13bb82a25aa1485
.diced.sh/	1970-01-20 16:03:54	Name: _gcl_au Value: 1.1.1928234746.1691658510
.w55c.net/	1970-01-20 14:37:30	Name: matchmedianet Value: 5
.bidswitch.net/	1970-01-20 22:39:54	Name: tuuid_lu Value: 1691658510
.media.net/	1970-01-20 14:37:30	Name: data-c Value: 467b96d2-815d-48aa-85b5-b42611a71627~~1
.media.net/	1970-01-20 14:37:30	Name: data-c-ts Value: 1691658510
.diced.sh/	1970-01-20 23:15:54	Name: __gads Value: ID=398b84cb87b62bbc:T=1691658510:RT=1691658510:S=ALNI_Mag-VcKhi0u03Svz4hjfN9fWCFP4Q
.diced.sh/	1970-01-20 23:15:54	Name: __gpi Value: UID=00000d89f61e6927:T=1691658510:RT=1691658510:S=ALNI_MbjKIQ6B2_aCwaFNIvEqTev3vyFDA
.media.net/	1970-01-20 22:38:28	Name: data-xu Value: syQWRXhc1Qu1EF5~~8
.adsrvr.org/	1970-01-20 22:41:20	Name: TDID Value: 7f8fdcaa-0a68-4677-bb14-1cbad87b2d29
.doubleclick.net/	1970-01-20 23:30:18	Name: IDE Value: AHWqTUlxIESNPd-Wur52mShz9TiWibVK5DOZrSrTf3K9bUfzhyYcOkW1xtK5SG9G2g0
.adsrvr.org/	1970-01-20 22:41:20	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCM7op4Tt4ow8EAUYBSABKAIyCwjSnJCqg-OMPBAFOAE.
.diced.sh/	1970-01-20 23:23:06	Name: _cb Value: Cn1EpxQvW6hBSe9ee
.diced.sh/	1970-01-20 23:23:06	Name: _chartbeat2 Value: .1691658514422.1691658514422.1.BqQ6yAB-nYQCYLF6EWBb_DBSoB2s.1
.diced.sh/	1970-01-20 13:54:20	Name: _cb_svref Value: null
.diced.sh/	1970-01-20 23:23:06	Name: _v__chartbeat3 Value: C2oV7-BdP9ciDCMZSO
.nytimes-com.diced.sh/	1970-01-20 22:39:54	Name: datadome Value: 0QNdO10xgS53AmZ9mWKvsji~gHjUf71BUAehKHWhnWyKcv4Z5BHFEnLtsnrAd5rkReU9L9fxtmKQaiFbnbJgWIbgHsPvRBXd4muiQOH1Eu7FsqPrStELk-NNkrnJ8bhp
.media.net/	1970-01-20 22:38:28	Name: data-bs Value: b40e7567-51a7-4e03-a69a-3ad0132075bb~~1
.diced.sh/	1970-01-20 23:30:18	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NGQ0YTkxNDk2ZmQ4NjAwMDExMGY1ZGEiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjkxNjU4NTE2fQ.atdAMl-rRr1A81XsuhgTu1lfhElHRkDAYddSy46xhWQ

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://nytimes-com.diced.sh/(Line 159) Message: Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/(Line 159) Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/ Message: Access to fetch at 'https://purr.nytimes.com/v1/purr-cache' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://purr.nytimes.com/v1/purr-cache Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/ Message: Access to fetch at 'https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1691658506424&referrer=&sourceApp=nyt-vi' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1691658506424&referrer=&sourceApp=nyt-vi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/ Message: Access to fetch at 'https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fnytimes-com.diced.sh%2F&referer=https%3A%2F%2Fnytimes-com.diced.sh%2F&pageviewID=d6vpki-kD8DyZ4sJlWupDh9i' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fnytimes-com.diced.sh%2F&referer=https%3A%2F%2Fnytimes-com.diced.sh%2F&pageviewID=d6vpki-kD8DyZ4sJlWupDh9i Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nytimes-com.diced.sh/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://nytimes-com.diced.sh' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://nytimes-com.diced.sh/ Message: The resource https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://nytimes-com.diced.sh/ Message: The resource https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
a5ac46a8f87d9dd1967b9aba9a055178.safeframe.googlesyndication.com
aax.amazon-adsystem.com
adservice.google.com
als-svc.nytimes.com
c.amazon-adsystem.com
cdn.brandmetrics.com
cm.g.doubleclick.net
collector.brandmetrics.com
contextual.media.net
cs.media.net
dd.nytimes.com
dis.criteo.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g1.nyt.com
ib.adnxs.com
iteratehq.com
mab.chartbeat.com
match.adsrvr.org
medianet-match.dotomi.com
meter-svc.nytimes.com
nyt-dti-prd-staticjs.storage.googleapis.com
nytimes-com.diced.sh
nytimes-d.openx.net
pagead2.googlesyndication.com
platform.iteratehq.com
pm.w55c.net
pnytimes.chartbeat.net
prebid.media.net
purr.nytimes.com
rtb.openx.net
rumcdn.geoedge.be
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
static01.nytimes.com
tlx.3lift.com
tpc.googlesyndication.com
vp.nyt.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
x.bidswitch.net
a.nytimes.com
als-svc.nytimes.com
meter-svc.nytimes.com
purr.nytimes.com
samizdat-graphql.nytimes.com
108.138.107.138
108.139.47.92
13.35.93.113
142.250.65.198
142.250.80.98
151.101.193.164
151.101.65.164
173.223.56.26
18.164.98.157
20.40.202.2
2600:9000:24f1:fc00:18:1fcd:353:c61
2600:9000:2511:ca00:4:b37b:9440:93a1
2602:803:c002:200::62
2606:4700:20::681a:7e5
2606:4700:20::ac43:4842
2606:4700:3037::6815:5e5a
2606:ae80:1451:18::1720
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:820::2010
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2002
2a04:4e42:600::714
3.227.173.138
3.33.220.150
34.107.148.139
35.186.253.211
35.211.178.172
35.244.159.8
35.71.139.29
44.211.112.71
52.1.30.248
54.174.91.172
68.67.160.184
74.119.119.150
018499b49769bd666b31c40fceb9068b5560cd2792d80f2fbc494a506d06d77b
0452486a9e7b78043cf9d1331e1118d15078cb3a5e78caf5f18578c2be1c875c
04f7458cac10590b71a4d9c563ddd5f529b956241a320a07b941603ec4b87490
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0df4e29d229e31b62022463a0c7b701156b2606fb7359997f775b93bdf871a2c
0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805
0fc9cd1a827da0fed618503cbf3a9a155e89956f281d8a05343f3bdf6f733607
12073060c4889ce9b40ca956776bb42f3b95cc4df0c0f72b8164ee4e06875f52
17b10e45fec299c0219bed0bcc3a897b625aaada7475a1dd9dfb2eec54682d93
18e49b5e957c956263b2ec317a73b8ef50cab038cf5acd4b8175445176044e65
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1e6afbca37a6a12123503561f68fd64a64aefa854b7b580133d0978d91c9d29b
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
227e9395a80c78f79ecbdd15bac8f4aeb4bda149a0d2a19d0b5925fbaaba5d4d
2692b7bc3a4a4eecde9c12085879f32e6dbf87ce32fb65618cf6024803e5578a
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
29f241a5297cde04e6af274d77bde6c3d766da76d7ce3bb43c33ed532b955065
2cd64d0dd98d382583d3e8ad7eb4d57f99b4e97d14b3cab01447f4b00f24ebe2
2f35eb84078ea2b334a083a090ec8069a537525bd6bd1e7d6e484f876e5f39c6
32b3ca55e0bf592976f0330b2800cdafdf7e803c60f31901c44bfe78578efbd5
36efdf9e878bd0d16e932f3729dc82234b422027e54f96322b09af5edc84314a
3915c893cde8b16f9c34dd23dfe04bc285f168d871c83537ac927cf57057ffa7
3d1247592f8b1af44da6eebe304c894e20c0a6c552429983a2dd5385fb074adf
4625f8db7edef9c6825457e00545e7c9ea7045af88450210db715a2e4a97d366
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755
47af2c9b82e093e4c5f82b486159cf7d2ab63f11fc2696b247ce20f85bdfbe16
4ab4fdd07d461c1f96aa4e163e6678297e6ba4f7846bfcffc975d3931339f077
4d843110ca146ae5673b36cd7a1f840d850aeeeb3e3f472eb7f164ce8f5e7415
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
551c53d242072d9d6e5311067bd912509ab066ce16098fc74a1ac2c4637cfd00
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
5736eb81644ef04670dbbf0ee15f8d4736bd8050fd58b1f1e312869a0a855912
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
649c937aa09a423947b473150880a77ca3c75e58c547e11d425325110e3f9420
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
6b6eb95b5318d5510a9a18b3591ea2e0967640fa3727688329bd41cd0d50dcdd
7016a85e7bb8cca71cb73bab552407a7cf4c81496e2568fbbb3e600798fa9ab7
73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e
74b6fc56535b66c4398f259e885820997f9ab7d1a981f218fabc1e8c02a14bf3
75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f
7678de414d1eccc492214c621d05603b246f3337c0f9de1256ad757fda432ab2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b8bca3d4a0812b99546cabf5810f5bc9948fb1ecae20972d71ac574608ebe4f
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
80c588f9f129618081a1e4cea8d6c24e13dce8b312586d3fa63f024ae4ac0833
8154d281c454921482104fc209ec9245322c9031142d5c8f8c2fb73c21bf9895
85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c
862418757663ae7210bf0db623cb4f066ae1d636a8c1fbfdf36252b0b1629352
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b64d8eb29192d678e01d6829d4f6afb12266ef2a9218e7f28f66a6acf689897
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
91f20084237de3b491ac997a40b3a2bd6617b6cf49fe9795f11fe7586f97bf1e
9210c4893b69a5fda698845d8349409d6a39518d9dcc4842d0d20bccb43811a0
93fd944472228e4d79ca3d277814239234cdfabb52fa30b774a9c0f77ec6c224
978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487
9d4613c825d7b4ec064eb3cd9edb1fef1855749c85d94a38da4b2765b2d4980e
a00dcd517c550afad5ff0c9d641bbfd4cfe2e93e8ff57b3162698f997a374579
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a210a79953599e4929209c52b610843dcbd0c2c54a0a8805243eef8f8ae4f74b
a37386cd5d591842bc19127be20e657261427b87e16efe2f1b2b0ec848577327
b07d563ebfc18fd7233b96d04deb7350d5f962901c451208112790b1d201db53
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b5556c070526b297dda9dbaa46030fea708a501c0c1eb4e6d401b1627ce3d153
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cde6f9afb424b1d8cc7d6baee3d04833d1ee5991af1aeb7d13220a261b31ad83
ce2a8999c8b7158ef1cebf003a62fed43ca4b587d78aafd40f76aed089955c0c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725
d783dbeec62b9d7741beb09c2acf3fee02a9e24a8571e90a87e5e15d77d13303
da9ecef91fd9a447be7b38fe40b181fe4518d05fc3437c471814b8dfb12effae
dddc61874dbbea9dd3e87805e1d705e536d8a53f771e909a607d8f60b94a27d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72b31426b976654587dbeef06f96c66956062b9198daf53f15d35960a4666de
e9ceb47ffa14741b104904da8501412ba5d7333b1b642166ed79d1c6a776ceb4
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eabbe603b5769552103ed0594eb648e472f3f77fb62b399378542a296f94a9c6
ecd9333f4d54db1d20cf6b74adcb1080bb2b03224f8a5f90eec3000d907b6e99
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d7f53bc0957b1a0c1a2d09d2f6c157f90704a5f1f960fcfc405b4780ddf745
f721e817d44da2d37e72e097e092c3dcc3dee80247a656470edb77482d8f0413
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

nytimes-com.diced.sh Open in urlscan Pro 2606:4700:3037::6815:5e5a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

90 %HTTPS

45 %IPv6

27 Domains

52 Subdomains

36 IPs

1 Countries

5705 kBTransfer

10186 kBSize

34 Cookies

20 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nytimes-com.diced.sh Open in urlscan Pro
2606:4700:3037::6815:5e5a Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

90 %
HTTPS

45 %
IPv6

27
Domains

52
Subdomains

36
IPs

1
Countries

5705 kB
Transfer

10186 kB
Size

34
Cookies

154 HTTP transactions
3 data transactions