www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Effective URL:
https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Submission: On April 27 via api (April 27th 2021, 11:08:08 am UTC) from US

Summary HTTP 133 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 22 domains to perform 133 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
28	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:9000:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 13	23.37.43.59 23.37.43.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7600:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.30.148.233 52.30.148.233	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	3.232.164.179 3.232.164.179	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 3	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
3 3	52.31.220.191 52.31.220.191	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::6815:24db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.205.120.60 34.205.120.60	14618 (AMAZON-AES) (AMAZON-AES)
1	63.35.129.75 63.35.129.75	16509 (AMAZON-02) (AMAZON-02)
133	35

12 151.101.113.164 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
685d5b1b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9000:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2363ded05a9bf1263dd12498a8ece954.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.37.43.59 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-43-59.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7600:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.148.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.164.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-164-179.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.220.191 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:24db (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.120.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-120-60.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.129.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-129-75.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	nytimes.com 1 redirects www.nytimes.com samizdat-graphql.nytimes.com a.et.nytimes.com myaccount.nytimes.com dd.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	966 KB
19	google.com 2 redirects news.google.com adservice.google.com play.google.com www.google.com	67 KB
18	nyt.com g1.nyt.com static01.nyt.com a1.nyt.com mwcm.nyt.com	392 KB
13	bluekai.com 1 redirects tags.bluekai.com stags.bluekai.com	13 KB
12	doubleclick.net 6 redirects securepubads.g.doubleclick.net 5290727.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	130 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	136 KB
7	googlesyndication.com 2363ded05a9bf1263dd12498a8ece954.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	250 KB
4	adsrvr.org 3 redirects insight.adsrvr.org match.adsrvr.org	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	717 B
3	google-analytics.com www.google-analytics.com	19 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	499 B
2	twitter.com analytics.twitter.com	481 B
2	bing.com 2 redirects c.bing.com	495 B
2	google.de www.google.de	172 B
2	google.dk adservice.google.dk	921 B
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
1	akstat.io 685d5b1b.akstat.io	202 B
1	chartbeat.net pnytimes.chartbeat.net	169 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	80 KB
133	22

	Domain	Requested by
17	a.et.nytimes.com	www.nytimes.com
12	www.nytimes.com	1 redirects www.nytimes.com
10	g1.nyt.com	www.nytimes.com g1.nyt.com
9	tags.bluekai.com	1 redirects www.googletagmanager.com stags.bluekai.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.nytimes.com news.google.com www.gstatic.com
6	www.gstatic.com	news.google.com www.gstatic.com
6	samizdat-graphql.nytimes.com	www.nytimes.com
5	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
4	mwcm.nyt.com	www.nytimes.com
4	stags.bluekai.com	www.nytimes.com tags.bkrtx.com stags.bluekai.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	match.adsrvr.org	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nytimes.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	analytics.twitter.com	stags.bluekai.com
2	c.bing.com	2 redirects
2	www.google.de	stags.bluekai.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	a1.nyt.com	www.nytimes.com www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.dk	securepubads.g.doubleclick.net
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
2	static01.nyt.com	www.nytimes.com
1	beacon.krxd.net	stags.bluekai.com
1	usermatch.krxd.net	1 redirects
1	685d5b1b.akstat.io	s.go-mpulse.net
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	tags.bkrtx.com	www.googletagmanager.com
1	static.chartbeat.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	mwcm.nytimes.com	www.nytimes.com
1	2363ded05a9bf1263dd12498a8ece954.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.go-mpulse.net	s.go-mpulse.net
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	s.go-mpulse.net	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
133	47

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
a.et.nytimes.com GTS CA 1D2	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.news.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
purr.nytimes.com GTS CA 1D2	`2021-03-31` - `2021-06-29`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2021-03-25` - `2021-06-23`	3 months	crt.sh
*.google.dk GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Frame ID: 52046F584558D50F6F8FF737D05BFE78
Requests: 89 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 01B39A3A191151CA3F0DAFEA3C044F5C
Requests: 3 HTTP requests in this frame

Frame: https://static01.nyt.com/ads/tpc-check.html
Frame ID: 379CEFE6C5BEF792013D2CA15449AAF8
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449867
Frame ID: BD414F85FAC2CA6AEB4F42D7698547C5
Requests: 14 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html
Frame ID: CEAC8358F01AABC9489EBF7CDFEDA17A
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Frame ID: 6B2B55B2B0F1ED2DD3A57A8948FE25C6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6CB29B81BCA6BEAC4A53498D42209785
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Frame ID: F9FEDA28AE3E7D97267861616BC6B889
Requests: 7 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=2&r=69539547
Frame ID: B8CAFFAF0D9558A08D21D8680097D54D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html HTTP 301
https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

133
Requests

100 %
HTTPS

63 %
IPv6

22
Domains

47
Subdomains

35
IPs

3
Countries

2157 kB
Transfer

6761 kB
Size

5
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html%3Fsmid%3Dfb-share&name=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says%20https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html%3Fsmid%3Dtw-share&text=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?OC=20000215740&campaignId=9977U
Title: Subscribers make stories like this possible. €2 €0.50/week Billed as €8 €2 every 4 weeks for one year You are purchasing a Basic Digital Access Subscription. You will be automatically charged €2 every 28 days for one year, and €8 every 28 days thereafter. Your subscription will continue until you cancel. By subscribing, you are accepting the Terms of Service, Privacy Policy, and Terms of Sale. [data-component-uuid="f615c490-5e5a-4d85-86a2-544220df802e"] .dockCard__button { background-color: #ffffff; } @media only screen and (min-width:1024px) { [data-component-uuid="f615c490-5e5a-4d85-86a2-544220df802e"] .dockCard__button:hover { } } SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel
Title: cancel

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2021 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html HTTP 301
https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html

Request Chain 103

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0&is_vtc=1&random=41588241 HTTP 302
https://www.google.de/pagead/1p-user-list/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0&is_vtc=1&random=41588241&ipr=y

Request Chain 104

https://c.bing.com/c.gif?uid=NJO3vegV99evTT5Q&Red3=MSBK_pd HTTP 302
https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TkpPM3ZlZ1Y5OWV2VFQ1UQ%3D%3D& HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFQdWmSkMlBREpSorOMTA_8&google_cver=1

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123&_test=YIfwhwAAejumUgBg HTTP 302
https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123&_test=YIfwhwAAejumUgBg

Request Chain 108

https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=bluekai&ttd_tpi=1 HTTP 302
https://tags.bluekai.com/site/5386?id=3ad38a6a-e3bd-4a84-82ad-31993d516dc6&gdpr=1&gdpr_consent=

Request Chain 123

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=688969732 HTTP 302
https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=688969732&ipr=y

Request Chain 124

https://c.bing.com/c.gif?uid=yJ4qv7WY99enTT5Q&Red3=MSBK_pd HTTP 302
https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=eUo0cXY3V1k5OWVuVFQ1UQ%3D%3D& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=eUo0cXY3V1k5OWVuVFQ1UQ%3D%3D&google_tc= HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEM8po5hxfitFsJvLKx3Qezs&google_cver=1

Request Chain 127

https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123 HTTP 302
https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123

Request Chain 128

https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai&ttd_tpi=1 HTTP 302
https://tags.bluekai.com/site/5386?id=3ad38a6a-e3bd-4a84-82ad-31993d516dc6&gdpr=1&gdpr_consent= HTTP 302
https://usermatch.krxd.net/um/v2?partner=bluekai HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=bluekai

133 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request north-korea-hacking-interpark.html Show response
www.nytimes.com/2016/07/29/world/asia/
Redirect Chain

http://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

234 KB
60 KB

112ms
32ms

Document
text/html

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f6e33363723afe00b9a288165254f1c934c617ef2c5dce13c17b07561fcde29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2016/07/29/world/asia/north-korea-hacking-interpark.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: nyt-gdpr=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Mon, 26 Apr 2021 19:14:15 GMT
last-modified: Mon, 26 Apr 2021 19:14:15 GMT
x-scoop-last-modified: 2018-01-20T01:00:31.840Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1619464455.406504,VS0,VE5
x-origin-time: 2021-04-26 19:14:16 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 27 Apr 2021 11:07:48 GMT
age: 57212
x-served-by: cache-lga21981-LGA, cache-hhn4071-HHN
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1619521668.069260,VS0,VE6
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=LopHYILQFNO6jyBwGnMDOY; Expires=Wed, 27 Apr 2022 11:07:48 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Wed, 27 Apr 2022 11:07:48 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com nyt-geo=DK; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
x-datadome: protected
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2016/07/29/world/asia/north-korea-hacking-interpark.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 59537

Redirect headers

Server: Varnish
Retry-After: 0
Content-Length: 0
Location: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Accept-Ranges: bytes
Date: Tue, 27 Apr 2021 11:07:47 GMT
X-Served-By: cache-hhn4033-HHN
X-Cache: HIT
X-Cache-Hits: 0
Set-Cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:47 GMT; Path=/; Domain=.nytimes.com
x-gdpr: 1
X-Frame-Options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2016/07/29/world/asia/north-korea-hacking-interpark.html
Connection: close
X-API-Version: F-0

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 241ms
19ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 1719120
x-guploader-uploadid: ABg5-UzL4Sg8QXPB_FxHA8sC2bnknFULuVWcjqreevhQe27R7neAtpD6OIsL_QKabSsvhTWAyBlZK3zQqEYmQfl8xnE
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-cph20637-CPH
accept-ranges: bytes
expires: Thu, 07 Apr 2022 13:35:48 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1619521668.336873,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 492

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 32ms
31ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q== md5=8t/i0xcrDEvURwPHlq+SQg==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 19341263
x-guploader-uploadid: ABg5-UzadwJJVco0UpaJTaU9yrgZMaUz_4aMwQT08kD2RC8WFP2U69rcjJ1SjFhy7-H0mWZMfVmtkBKnVkLIRUioNaU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2020-09-15 14:33:25 UTC
content-length: 1832
x-served-by: cache-hhn4071-HHN
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521668.122405,VS0,VE1
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1600171892731484
expires: Wed, 15 Sep 2021 14:33:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 17784

GET
H2 200 adslot-c6799a1fd4a8c46b31aa.js Show response
www.nytimes.com/vi-assets/static-assets/ 15 KB
6 KB 39ms
39ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-c6799a1fd4a8c46b31aa.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eab03af418946d398a1f3e70061688e066cc8833fdd6b13f5210875e68b54de5

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/adslot-c6799a1fd4a8c46b31aa.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=iUlPLw== md5=+52YKcDUTagPJgfrpTOoCA==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 66650
x-guploader-uploadid: ABg5-UytNRZHTCwyA6KU_NiBW-f_9qW0fAQGOuICoLUXOt0AjolX2LK1M7R09s7zuIEGbRkKVmNNxLDe0vjXIv91UXVJIYeYKA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-26 16:37:11 UTC
content-length: 5407
x-served-by: cache-hhn4071-HHN
last-modified: Mon, 26 Apr 2021 16:25:47 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521668.156898,VS0,VE1
etag: "fb9d9829c0d44da80f2607eba533a808"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-c6799a1fd4a8c46b31aa.js
x-goog-generation: 1619454347004887
expires: Tue, 26 Apr 2022 16:36:58 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 14917
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3599

GET
H2 200 29KOREA-web1-jumbo.jpg
static01.nyt.com/images/2016/07/29/world/29KOREA-web1/ 89 KB
89 KB 361ms
354ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2016/07/29/world/29KOREA-web1/29KOREA-web1-jumbo.jpg?quality=90&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a2b7ca640256930fe54570cffe05216d507724660d3d70afa0b11c8da926de5c

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-amz-meta-goog-reserved-file-mtime: 1469703485
x-guploader-uploadid: ABg5-Uy5eQws-yfoPmJtFTiBJSMvizAFOJo7xXucHZSH7hky1xX0SU7m5jms0NMVCuj-Dloo1BSRqjjqrOI0zEpcfq-ff95PlA
x-cache: MISS, MISS
fastly-io-info: ifsz=122422 idim=1024x683 ifmt=jpeg ofsz=90810 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 90810
x-served-by: cache-bwi5138-BWI, cache-cph20637-CPH
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1619521668.343640,VS0,VE335
etag: "4HMCZCEpW25subKKUiYoJdUezeelvT57txGagiSw0xc"
vary: Accept
x-goog-hash: crc32c=bhMreA==, md5=97xON6XcMDjEAM9HLb2mmA==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Apr 2021 11:07:48 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 vendor-44e3a9711a64dad40619.js Show response
www.nytimes.com/vi-assets/static-assets/ 264 KB
80 KB 32ms
31ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-44e3a9711a64dad40619.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8e1d48d63fd938f447964dfddb44ab4a95a406ff16c992eda7c26739c7990daf

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendor-44e3a9711a64dad40619.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=7XiN6g== md5=uuiNQ4PigCccuSovPE/e7A==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 389243
x-guploader-uploadid: ABg5-UxfA6E25Klz47AZiSuGPZMXZbJCnRTQZWlGjmuHKk0KXbNuk8pqa9jy54ous-iFL4gj80zirJEdQjvihaLRfC0n4ulRfg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-22 23:00:25 UTC
content-length: 81234
x-served-by: cache-hhn4071-HHN
last-modified: Thu, 22 Apr 2021 22:46:30 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521668.372102,VS0,VE1
etag: "bae88d4383e280271cb92a2f3c4fdeec"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-44e3a9711a64dad40619.js
x-goog-generation: 1619131590544292
expires: Fri, 22 Apr 2022 23:00:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 270320
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 23360

GET
H2 200 story-8f969a1e1c03e03f0de8.js Show response
www.nytimes.com/vi-assets/static-assets/ 988 KB
267 KB 35ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-8f969a1e1c03e03f0de8.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f5c114b33335bbbdd2256295a93890facfbda033ae91b8eaefde6655a71e6190

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/story-8f969a1e1c03e03f0de8.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=M4KkCA== md5=8vqKI7XRHH5cQg/tR6jS2Q==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 66636
x-guploader-uploadid: ABg5-UzbCQhO6i6Gz1kDBTmVDA-nxNSrZESPKUHv7bWg1kJhLUIUBYutMIZ-XkYsUd94kOqgPY54T4Qsj15YVHWP0KCpYWYyDQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-26 16:37:12 UTC
content-length: 272511
x-served-by: cache-hhn4071-HHN
last-modified: Mon, 26 Apr 2021 16:22:45 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521669.503343,VS0,VE1
etag: "f2fa8a23b5d11c7e5c420fed47a8d2d9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/story-8f969a1e1c03e03f0de8.js
x-goog-generation: 1619454165804248
expires: Tue, 26 Apr 2022 16:37:12 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1012222
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 main-d962b397ddf3836b81e9.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
318 KB 59ms
56ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dfdd17edc61438c49117c808965c2511b0195733a867e89b45d8975cf1347fbc

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/main-d962b397ddf3836b81e9.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=qJevUg== md5=L6NuBBRYKOI23VtD5cr0ew==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 66650
x-guploader-uploadid: ABg5-UxlgvKbVD-B1HjpoEkKaSGoSs7-GSfk-xK7mU0kj-ZiPC0ApxPNWDYCojkOAyRzTxJviWq9Q1rmPfwedA0_FIB3u_Cu2A
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-26 16:37:10 UTC
content-length: 324829
x-served-by: cache-hhn4071-HHN
last-modified: Mon, 26 Apr 2021 16:25:48 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521669.503697,VS0,VE2
etag: "2fa36e04145828e236dd5b43e5caf47b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
x-goog-generation: 1619454348492695
expires: Tue, 26 Apr 2022 16:36:58 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1084231
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 337 KB
80 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f8bb7480530dcbf8914302b38338eeec4e997f67bb88cbeecb7d2c97c4d494e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81278
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 71ms
20ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-2ec2eed /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-2ec2eed
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Tue, 27 Apr 2021 11:07:48 GMT
age: 49
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DK
x-nyt-region: 84
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 9d93dd90c999f2f9
samizdat-x-instance: 392ce2d3
samizdat-x-canary: false
x-served-by: cache-cph20636-CPH
x-cache: HIT
x-cache-hits: 1
x-timer: S1619521669.534781,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 19:50:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ 0
0 127ms
104ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
655 B 21ms
19ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-2ec2eed /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 20
x-cache: HIT
samizdat-x-instance: d0198fcc
x-samizdat-query-field-errors: 0
x-cache-hits: 1
x-samizdat-query-exe-id: 2730cd993adfb52d
content-length: 123
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 84
server: samizdat-graphql-2ec2eed
x-timer: S1619521669.556306,VS0,VE1
x-nyt-continent: EU
x-served-by: cache-cph20637-CPH
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DK
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
44 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d317bae8ff662e05e869c4dfa8841705b2cdc46b05e19553e19029eb69ee1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 03:22:53 GMT
server: sffe
age: 1794
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44357
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:27:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 118ms
41ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7246bff8d49e81252916f43d078680bb47e92c6ea4b5cbefef568a2a1fba36ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 819 of 1000 / last-modified: 1619516366"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21014
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:48 GMT

GET
H2 200 icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
1 KB 254ms
254ms Image
image/svg+xml 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4d41bce1e64d901b708a2f246cad8321f5a4a1053fb2558d255ee91e7b80ce97

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XAhLHA== md5=Qcod3bJg4I7ENkgcbF3X5w==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 2286997
x-guploader-uploadid: ABg5-UyJdUjR0pHARA_lkAU5txpXNqvgtXRjqGZ4g9upleHKgZtUDouO-3dZWSTMxL6BrirTwdO2_SVRUVsi5qYvTfE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-31 23:51:12 UTC
content-length: 624
x-served-by: cache-hhn4071-HHN
last-modified: Wed, 31 Mar 2021 22:46:44 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521669.735026,VS0,VE1
etag: "41ca1dddb260e08ec436481c6c5dd7e7"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
x-goog-generation: 1617230804869365
expires: Thu, 31 Mar 2022 23:51:11 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1187
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 14193

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 62ms
18ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 5905614
x-guploader-uploadid: ABg5-Uy87CZbUoJ-XVPWDlyBS9-AOO3tgqUlGFlg9Oi29bBZIE4jCSG8AtkWgISer1pQvoQ001wvb_tICPLN3yP_4-w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Fri, 18 Feb 2022 02:40:53 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1619521669.557332,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607509766
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9267

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 112ms
69ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 9455154
x-guploader-uploadid: ABg5-UxJVHu_2MukxWNLDCOcscy_njR2Xk-gXVGhSDRgeTQIRNXQi82Lw-PSBBm6jE2UwVUwCs_4hP-1G9kRD1aQhf41rcMiZw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Sat, 08 Jan 2022 00:41:53 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1619521669.557779,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921579365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9239

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 82ms
39ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 13587301
x-guploader-uploadid: ABg5-UzCL2Ly7b8pjoFfDtXZukDW0FeiasWLqJczRPH0AmzynlEqCKQ36hVsuHOX9yVPgkrQdxnc8Schk2L9ItFeXT1puEY4Fw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Sun, 21 Nov 2021 04:52:47 GMT
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1619521669.557443,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542919418422
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6829

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 112ms
70ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 13587302
x-guploader-uploadid: ABg5-UwpXK0b7VdLlcCOsfcS2C9c8prbC-YFJ2y2HdVmdSER-UYCJD_BGiKi93h9s0sYr1g_b5YIVxbOsFrDgL8EAGKM1Ss8Dw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Sun, 21 Nov 2021 04:52:47 GMT
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1619521669.557673,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542919868800
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5785

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 111ms
69ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 13587301
x-guploader-uploadid: ABg5-UyYxaQnyJxjR8rgNTxbZrExGzCaYn-as6jQSUYdA_KljBYt1URGSdAJbQyRC9eNM3GswNZu2gpS2aItNPXiyKOEubWeZw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Sun, 21 Nov 2021 04:52:47 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1619521669.557661,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921450962
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8214

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 82ms
39ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 13587301
x-guploader-uploadid: ABg5-Uwt2muSBClDeFGv9ZESFSqfUSsf1UlLWm1wjk7EUL4j9Dhon1aWlEusfEEkmXlNLZIGCjtT_6GIxH4BzDNRWhs
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Sun, 21 Nov 2021 04:52:47 GMT
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1619521669.557325,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542919285570
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3853

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 80ms
38ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
content-type: font/woff2
age: 1719118
x-guploader-uploadid: ABg5-UwrWen2X77jDBieBTH4aRJGCvrqj5fo-89N7J3GFwLGCfk6cq-Itqpt-s58sdW0sTcVcnQB_g_EfO9k2JKKbVanvgCWbg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Thu, 07 Apr 2022 13:35:50 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1619521669.557528,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513818473
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8951

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 01B3 393 B
691 B 43ms
34ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

817f8a98047781c87ac300c2365e33f351efeaf95a856b9088e506ad0b76de5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/prefetch-assets
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 8470581821645586515
x-datadog-parent-id: 8470581821645586515
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=600
x-nyt-backend: lire-ui
etag: W/"189-xVsPGEDJtkthj9GpyrUcOoB7t3g"
content-encoding: gzip
x-cloud-trace-context: 87877e283af2e936b83cec1e46045398
server: Google Frontend
x-datadome-timer: (null),VE213
accept-ranges: bytes
date: Tue, 27 Apr 2021 11:07:48 GMT
via: 1.1 varnish
age: 41
x-served-by: cache-cph20637-CPH
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
x-api-version: F-X
content-length: 277

GET
H2 200 tpc-check.html Show response
static01.nyt.com/ads/ Frame 379C 1 KB
1 KB 25ms
24ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/ads/tpc-check.html
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a948a4464f5fd459e65b35799dc65da324e59d9f307e12c51a34471186631d3e

Request headers

:method: GET
:authority: static01.nyt.com
:scheme: https
:path: /ads/tpc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

x-guploader-uploadid: ABg5-UzDwz46z5XOC0nGYZyUrFaz3uOfeLksMgpaLEtIJuulWkIIosvM7vti8X7QJCd-Q7d1WvO32qNN_UxsG0sV7ss
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
expires: Sat, 10 Apr 2021 08:33:28 GMT
last-modified: Wed, 03 Apr 2019 14:30:57 GMT
etag: "598d685c63f68aaefa1f7c474e83327c"
content-type: text/html
x-goog-hash: crc32c=4YnpCQ== md5=WY1oXGP2iq76H3xHToMyfA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
server: UploadServer
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-nyt-gcs-bucket: nyt-ads-static-assets
accept-ranges: bytes
date: Tue, 27 Apr 2021 11:07:48 GMT
age: 268460
x-served-by: cache-bwi5170-BWI, cache-cph20637-CPH
x-cache: HIT, HIT
x-cache-hits: 2, 35
x-timer: S1619521669.711886,VS0,VE0
vary: Accept-Encoding
timing-allow-origin: *
content-length: 550

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-efa2c4230988f2e2d63b.js Show response
www.nytimes.com/vi-assets/static-assets/ 71 KB
14 KB 33ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-efa2c4230988f2e2d63b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dbdcbb20f0ca5a49da5a2c5c15626c9fca751c0f522a5842b8ab48bf10a55624

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-efa2c4230988f2e2d63b.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yq1d/A== md5=p4hxylWon2sW7jN3I7nIdg==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 935392
x-guploader-uploadid: ABg5-Uz_2rpJlBly1zB9KbpE_Ps9ddpsyzQiK_K0_1W_gl_GZ-CvmUb5xfTAUvvlaUOK9hnPEY0e63WNkQ9VZyrqcBA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-16 15:17:56 UTC
content-length: 13841
x-served-by: cache-hhn4071-HHN
last-modified: Fri, 16 Apr 2021 14:51:33 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521669.911918,VS0,VE1
etag: "a78871ca55a89f6b16ee337723b9c876"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-efa2c4230988f2e2d63b.js
x-goog-generation: 1618584693734078
expires: Sat, 16 Apr 2022 15:17:56 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 72764
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 22186

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
5 KB 33ms
33ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

110a392ca8298c0e09bd9b10968b3790ae9058936ea8b98a0f10b953d84a686d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=3AN1/w== md5=vUhOx5oAEPTMsypd4RuVIw==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 1588900
x-guploader-uploadid: ABg5-UyzJo6Cs6eby3IRBPxGL4tkmJ4TGEhQrW2QmA2FUAMm_XlxOvERmqu8a9NnxjC2PqVVUnNWTmNes4IW5ZGIQKs
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-09 01:46:09 UTC
content-length: 4756
x-served-by: cache-hhn4071-HHN
last-modified: Fri, 09 Apr 2021 01:13:39 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521669.912047,VS0,VE1
etag: "bd484ec79a0010f4ccb32a5de11b9523"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js
x-goog-generation: 1617738080500082
expires: Sat, 09 Apr 2022 01:46:09 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 20255
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 21125

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js Show response
www.nytimes.com/vi-assets/static-assets/ 30 KB
7 KB 34ms
34ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b705360a40c45dacbecc3b0a349d5c15120e497a80b2d32700dd16f512a7dea7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js
pragma: no-cache
cookie: nyt-gdpr=1; nyt-a=LopHYILQFNO6jyBwGnMDOY; datadome=8MAOVfUwqwfKkzQZmOniWfiWTS7.apciYbZGD6.IT3LMppZMg4A409TciWD6n1HYbA0A55dzPqGoWj2_JoZn0Q4vSPxHbRBIcXU_nf-.ph; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=18qUIA== md5=dmQ6Y9ikJ5rib0kycmVmPg==
date: Tue, 27 Apr 2021 11:07:48 GMT
content-encoding: gzip
x-api-version: F-X
age: 1060519
x-guploader-uploadid: ABg5-Uyb6el5Hjd0i46BOfNvLSzNWxWHOCnuukMnl9FlGVeQX7SDYiPST6llyPSdSe458vRApKYS94QU8s-4nxjxfkpN8VsAlg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-15 04:32:30 UTC
content-length: 6145
x-served-by: cache-hhn4071-HHN
last-modified: Thu, 15 Apr 2021 01:37:26 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521669.912225,VS0,VE1
etag: "76643a63d8a4279ae26f49327265663e"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js
x-goog-generation: 1618450646208382
expires: Fri, 15 Apr 2022 04:32:29 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 30824
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:48 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 21100

POST
H2 200 track
a.et.nytimes.com/ 0
0 124ms
124ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 223 KB
34 KB 52ms
7ms Script
text/javascript 2600:9000:2156:9000:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9000:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2a0950ef75a2684d278572fb5f63f86f96d6d6c9ecb284764874ab9c4a89fc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "37cd9-5c08b9c86e331-gzip"
age: 1693
x-cache: Hit from cloudfront
content-length: 34214
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 08:39:02 GMT
server: Apache
date: Tue, 27 Apr 2021 10:39:35 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: vW_zvT84DR7p2IwkzQYTRUMGFXkz6aoHnda1s192bNvl4XdPWIU_IQ==
expires: Tue, 27 Apr 2021 11:39:35 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 20 KB
6 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e38cee6f27ca78fbc78c1652257f91aad7d5b09179950e02fbcd33f3ee7d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 10:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 03:22:53 GMT
server: sffe
age: 2655
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6175
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:13:33 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame BD41 25 KB
8 KB 76ms
66ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=449867

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a50e5d4b6526fe9ab40e8d4ec3132533fff702b50beb0893a9eb69a0ce6ec5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R4C7Qqd3hwpmdwogAn6ZkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-R4C7Qqd3hwpmdwogAn6ZkA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=449867
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Apr 2021 11:07:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-security-policy: script-src 'report-sample' 'nonce-R4C7Qqd3hwpmdwogAn6ZkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-R4C7Qqd3hwpmdwogAn6ZkA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=214=Hcb95c3SR3iQS7-sPadz1X288h7wKngTOkGobD0g3Gol0AkyM12ti9W8WDZ-l7GHxfPpaEo6sHODVvGbpRI3ZwjpKIkNYW6ADlICc_mcXiElUjAZAbyzbcLmx1ytrKHG7EoqJw4EGWIHuO3Kx51kpNQItuq2iBJbL9zUCyBeaw4; expires=Wed, 27-Oct-2021 11:07:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 19ms
8ms Other
image/svg+xml 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 10:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 2671
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:13:17 GMT

GET
H3-29 200 pubads_impl_2021042201.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 50ms
49ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108299
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:49 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
55 B 64ms
63ms Fetch
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 18ms
18ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-2ec2eed /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-2ec2eed
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Tue, 27 Apr 2021 11:07:49 GMT
age: 1
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DK
x-nyt-region: 84
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: b32505808bbf406f
samizdat-x-instance: c6b20e05
samizdat-x-canary: false
x-served-by: cache-cph20636-CPH
x-cache: HIT
x-cache-hits: 1
x-timer: S1619521670.763329,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 19ms
18ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-2ec2eed /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-2ec2eed
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Tue, 27 Apr 2021 11:07:49 GMT
age: 1
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DK
x-nyt-region: 84
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: a734ffa65302433c
samizdat-x-instance: c6b20e05
samizdat-x-canary: false
x-served-by: cache-cph20636-CPH
x-cache: HIT
x-cache-hits: 2
x-timer: S1619521670.797969,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 528 B
1 KB 295ms
196ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&pageviewID=uavqoKYIHzzIEHwdGAMx9nYg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: cdfc7439d98dc19221e80b5f0649f7073a3d730050d2f416c16030a90b2c2bc9

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:49 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 528

GET
H2 200 comments-23a67ff385b9f3623aeb.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
15 KB 36ms
36ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-23a67ff385b9f3623aeb.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ff497d39fcd10a7a510e3fdfb20278b79822a2c077e7d5a78e4faad7836698c4

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/comments-23a67ff385b9f3623aeb.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=M77xpA== md5=e8ctUIssSd1BUw+rAPF+ZA==
date: Tue, 27 Apr 2021 11:07:49 GMT
content-encoding: gzip
x-api-version: F-X
age: 589366
x-guploader-uploadid: ABg5-UwyarkRqviaevwQpItGP5MD33_j_522_o8sOOlNNJR3HoPynrqsvj0hXTAGHnasQidJdU1ZliFCk0BMR9cLZMs
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-20 15:25:03 UTC
content-length: 14947
x-served-by: cache-hhn4071-HHN
last-modified: Tue, 20 Apr 2021 15:20:09 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619521670.760677,VS0,VE1
etag: "7bc72d508b2c49dd41530fab00f17e64"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/comments-23a67ff385b9f3623aeb.js
x-goog-generation: 1618932009047501
expires: Wed, 20 Apr 2022 15:25:03 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 50914
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Tue, 27 Apr 2021 17:07:49 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 5

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
652 B 151ms
150ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-2ec2eed /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Tue, 27 Apr 2021 11:07:49 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
samizdat-x-instance: d0198fcc
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: c8b647f817c220f2
content-length: 77
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 84
server: samizdat-graphql-2ec2eed
x-timer: S1619521670.783087,VS0,VE132
x-nyt-continent: EU
x-served-by: cache-cph20637-CPH
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DK
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 198ms
198ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-2ec2eed /
Resource Hash: 4dd02fe3862528e0acf62c3be4d61f97298746e70fd378714bcae38922333d2d

Request headers

accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Tue, 27 Apr 2021 11:07:49 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-cache: MISS
samizdat-x-instance: 392ce2d3
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 2484ca4f64807638
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: 84
last-modified: Tue, 27 Apr 2021 11:07:49 GMT
server: samizdat-graphql-2ec2eed
x-timer: S1619521670.818361,VS0,VE179
x-nyt-continent: EU
x-served-by: cache-cph20637-CPH
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DK
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 135ms
114ms Fetch
text/html 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:49 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 8f9de3ab22599ad2843936cd12441714
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Tue, 27 Apr 2021 11:07:49 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 704ms
682ms XHR
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&jkcb=1619521669820
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8c1726d3dd80953e08ca7ae20a1da7d21e7d2b343ad812e5bd50f816f1131672

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: dade7a2311a6688085f4185c563ff042
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 890
expires: Tue, 27 Apr 2021 11:07:50 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
100ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 01B3 2 KB
1 KB 19ms
19ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-api-version: F-X
age: 323
x-cache: HIT
x-cache-hits: 3
content-length: 1252
x-served-by: cache-cph20637-CPH
server: Google Frontend
etag: "BzGoIA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: d99179788f401465dee9299cc54c0878
cache-control: public, max-age=600
x-datadome-timer: (null),VE170
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 20 Apr 2021 20:42:14 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 01B3 396 KB
134 KB 20ms
20ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=5af1861
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c09cfcfc4cb5b69cebc0ce87154e5fb1dfc2a0b80feb1f1264ab4da09c1a4fc3

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-api-version: F-X
age: 567
x-cache: HIT
x-cache-hits: 1
content-length: 136602
x-served-by: cache-cph20637-CPH
server: Google Frontend
etag: "BzGoIA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: d76e50808c7ea09e38b37b1e50d921c8
cache-control: public, max-age=600
x-datadome-timer: (null),VE217
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 20 Apr 2021 20:36:21 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
99ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 8 KB
2 KB 21ms
21ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=www.nytimes.com&t=5398406&v=1.720.0&sl=0&si=26b64e2a-941b-4bfb-9639-047306f966ab-qs7yx0&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77cbf8b1bbb8ba49cb6a30721e031b2cc8e5d74f93fc718ddf1b671d28161943

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1844

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 445 B
772 B 248ms
247ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1304245805419320&correlator=2372818720104488&output=ldjh&impl=fif&eid=31060853%2C31060897%2C31060507%2C44740387&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=29390238%2Cnyt%2Cworld%2Casia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D2217&cust_params=cookie%3Dunknown%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1619464455691%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dchoesanghun%26org%3Dinterpark%26geo%3Dsouthkorea%252Cnorthkorea%26des%3Dcyberattacksandhackers%252Ccomputersecurity%252Cecommerce%252Ccyberwarfareanddefense%26auth%3Dchoesanghun%26coll%3Dworldnews%252Casiapacific%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000004556158%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_mastercard%252Cgv_crime%252Cneg_orep%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cneg_hearts%252Cgs_tech%252Cgs_shopping_misc%252Cgs_tech_computing%252Cgs_shopping%252Cneg_msft%252Cgs_science%252Cneg_capitalone%252Cneg_google%252Cgs_law_misc%252Cgs_politics_misc%252Cneg_samsung%252Cgs_tech_phones%252Cgs_t%26abra_dfp%3Dmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cdfp_1p2_1_bk%252Cdfp_amzn_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_mt_1_mt%252Cdfp_adslot4v2_1_external%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_als_home_1_als%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%252Cdfp_prebid_0321_0_control%252Cdfp_mwtest_2_vendorb%252Cdfp_1p_ver_2_fp%252Cdfp_covid_msg_0121_1_sub_msg%252Cmkt_dfp_ods_0_control%26page_view_id%3DuavqoKYIHzzIEHwdGAMx9nYg%26sov%3D2%26uap%3Dbrowser%26aid%3DLopHYILQFNO6jyBwGnMDOY&cookie_enabled=1&bc=31&abxe=1&lmt=1619464455&dt=1619521670337&dlt=1619521668097&idt=2200&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=76&adks=1298241548&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=892656445.1619521670&ga_sid=1619521670&ga_hid=679816520&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ba6c40c00da06d743ae9c96b7c7f16a0ca027271c693abe23bc6f8d6deac6da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2363ded05a9bf1263dd12498a8ece954.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2363ded05a9bf1263dd12498a8ece954.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
405 B 251ms
250ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1304245805419320&correlator=2372818720104488&output=ldjh&impl=fif&eid=31060853%2C31060897%2C31060507%2C44740387&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=29390238%2Cnyt%2Cworld%2Casia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D2221&cust_params=cookie%3Dunknown%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1619464455691%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dchoesanghun%26org%3Dinterpark%26geo%3Dsouthkorea%252Cnorthkorea%26des%3Dcyberattacksandhackers%252Ccomputersecurity%252Cecommerce%252Ccyberwarfareanddefense%26auth%3Dchoesanghun%26coll%3Dworldnews%252Casiapacific%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000004556158%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_mastercard%252Cgv_crime%252Cneg_orep%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cneg_hearts%252Cgs_tech%252Cgs_shopping_misc%252Cgs_tech_computing%252Cgs_shopping%252Cneg_msft%252Cgs_science%252Cneg_capitalone%252Cneg_google%252Cgs_law_misc%252Cgs_politics_misc%252Cneg_samsung%252Cgs_tech_phones%252Cgs_t%26abra_dfp%3Dmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cdfp_1p2_1_bk%252Cdfp_amzn_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_mt_1_mt%252Cdfp_adslot4v2_1_external%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_als_home_1_als%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%252Cdfp_prebid_0321_0_control%252Cdfp_mwtest_2_vendorb%252Cdfp_1p_ver_2_fp%252Cdfp_covid_msg_0121_1_sub_msg%252Cmkt_dfp_ods_0_control%26page_view_id%3DuavqoKYIHzzIEHwdGAMx9nYg%26sov%3D2%26uap%3Dbrowser%26aid%3DLopHYILQFNO6jyBwGnMDOY&cookie_enabled=1&bc=31&abxe=1&lmt=1619464455&dt=1619521670343&dlt=1619521668097&idt=2200&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2058154392&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=150x66&msz=0x0&ga_vid=892656445.1619521670&ga_sid=1619521670&ga_hid=679816520&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

cad5c4d8cc2ea837598539864854aad4feafe257c2712c5fdba3eb8306a80a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 232 B
564 B 29ms
14ms XHR
application/json 2600:9000:2156:9000:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: bbf2943feffd00bc92a223918aeabf65db3bf8580d9840ca571c6a40b29cd073

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:50 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
x-amz-cf-id: flL8sIkMsZpaXX-uj8bnu1oaZ9FfplBsenoJKnhsizk8C5gwViDHCQ==
expires: 0

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ Frame BD41 20 KB
6 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e38cee6f27ca78fbc78c1652257f91aad7d5b09179950e02fbcd33f3ee7d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 10:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 03:22:53 GMT
server: sffe
age: 2657
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6175
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:13:33 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI61o... Frame BD41 143 KB
51 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI61oYGpb-4o43ZVHL0_QwXEIZcjug/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fad23a09b8938bc8915a34f8e0cef6ec21b2036eb98b8d6c7753899630f6144f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 13:49:30 GMT
server: sffe
age: 57346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51868
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:12:04 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 35 KB
7 KB 471ms
470ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=1&mr=0&ma=1&counted=true&granted=true&us=anon&context-type=&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e26579ed82711f69e4c4f7a3e7d195f42608f76240e5b4eb75f154d7bbe0b803

Request headers

Referer: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-cph20637-CPH
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_spring-sale","dock":"MAG_web_regi_us_sale_apple-pay-dock-ecd-test","inlineUnit":"MAG_web_nonsub_all_spring-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1619521671.614448,VS0,VE451
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 8cb70df56ec0d68b9521e5e3d29354d9
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame BD41 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 464688
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:03:02 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L... Frame BD41 36 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI61oYGpb-4o43ZVHL0_QwXEIZcjug/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11d5ae11f8350cc68d0864026ee2e81c92c271c448253f55a83641fa9a9d103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 02:50:43 GMT
server: sffe
age: 57345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:12:05 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
253 B 194ms
194ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1304245805419320&correlator=2372818720104488&output=ldjh&impl=fif&eid=31060853%2C31060897%2C31060507%2C44740387&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=29390238%2Cnyt%2Cworld%2Casia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dstory-ad-1%26pos%3Dmid1%26request_time%3D2601&cust_params=cookie%3Dfalse%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1619464455691%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dchoesanghun%26org%3Dinterpark%26geo%3Dsouthkorea%252Cnorthkorea%26des%3Dcyberattacksandhackers%252Ccomputersecurity%252Cecommerce%252Ccyberwarfareanddefense%26auth%3Dchoesanghun%26coll%3Dworldnews%252Casiapacific%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000004556158%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_mastercard%252Cgv_crime%252Cneg_orep%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cneg_hearts%252Cgs_tech%252Cgs_shopping_misc%252Cgs_tech_computing%252Cgs_shopping%252Cneg_msft%252Cgs_science%252Cneg_capitalone%252Cneg_google%252Cgs_law_misc%252Cgs_politics_misc%252Cneg_samsung%252Cgs_tech_phones%252Cgs_t%26abra_dfp%3Dmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cdfp_1p2_1_bk%252Cdfp_amzn_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_mt_1_mt%252Cdfp_adslot4v2_1_external%252Cmkt_dfp_hd_paywall_zip_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cdfp_als_home_1_als%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%252Cdfp_prebid_0321_0_control%252Cdfp_mwtest_2_vendorb%252Cdfp_1p_ver_2_fp%252Cdfp_covid_msg_0121_1_sub_msg%252Cmkt_dfp_ods_0_control%26page_view_id%3DuavqoKYIHzzIEHwdGAMx9nYg%26sov%3D2%26uap%3Dbrowser%26aid%3DLopHYILQFNO6jyBwGnMDOY&cookie=ID%3D8cdcb4cb9c77cb6a-22262a22f2c70076%3AT%3D1619521670%3AS%3DALNI_MYbG6R0-pN2ms0ML3H8Yn8G7z0ybg&bc=31&abxe=1&lmt=1619464455&dt=1619521670699&dlt=1619521668097&idt=2200&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1494&adks=1870313508&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x312&msz=1600x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=892656445.1619521670&ga_sid=1619521670&ga_hid=679816520&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

5c760e0476a536ece172bca7ae1ca795f0f3e445a884f7d0f47a85e455ae436b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L... Frame BD41 96 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6dzI-Tzp05ztfYXFtBMnTgAoFxtA/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a944ac0d777cc32fb5b3a78cce0e856d19f053221cbc8d25c1ba1617f0ffb89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 02:50:43 GMT
server: sffe
age: 57345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33353
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:12:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6308
date: Tue, 27 Apr 2021 09:22:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 11:22:42 GMT

GET
H/1.1 200
OK 50550 Show response
tags.bluekai.com/site/ 41 B
648 B 250ms
186ms Script
text/javascript 23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/50550?ret=js&limit=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 11:07:50 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 41
BK-Server: 525b
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkW... Show response
5290727.fls.doubleclick.net/ Frame CEAC
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3Bwt...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u...

712 B
483 B

91ms
51ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

f9645b6f3d12e65ae58f00bd837c0f6eade6592c0e7bffe5d4395fb75502a061

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Apr 2021 11:07:50 GMT
expires: Tue, 27 Apr 2021 11:07:50 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 458
x-xss-protection: 0
set-cookie: IDE=AHWqTUkrH1XIVaJ_eT1jwnSECOISgN_bwu5K78AKCPmN44OCMV7mQ4i30dsYb_apL4w; expires=Sun, 22-May-2022 11:07:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Apr 2021 11:07:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 24ms
8ms Script
application/x-javascript 2600:9000:20eb:7600:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 15:16:26 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 71484
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: k6JNVg4xGqKT0plHUN9iMBwSY81kBPVjf-KyISp_m5VnsRdOCvNypA==
expires: Tue, 27 Apr 2021 15:16:26 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 114ms
48ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 19:39:43 GMT
Server: nginx/1.15.8
ETag: W/"601858ff-cae3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 27 Apr 2021 11:07:50 GMT
Connection: keep-alive
Content-Length: 16039
Expires: Tue, 04 May 2021 11:07:50 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
660 B 30ms
19ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
content-type: application/javascript
age: 44390
x-guploader-uploadid: ABg5-Ux5sZifwZsWkwTpj7agDGH_BjHIM7U3EXLBhB4Iz4ZWolmJU4LsK_Wkwk7Y_p2mgbnu62UuHrXIvozUd5zAd1k
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-cph20637-CPH
accept-ranges: bytes
expires: Sat, 20 Feb 2021 22:43:40 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1619521671.773491,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 50

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 30ms
20ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/comscore-streaming.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
content-type: application/javascript
age: 33175
x-guploader-uploadid: ABg5-UyOI27H_mpzkA2WSxgyk-ZB6nSm4AhyalgWSdKLQJWkXrLW_zCco2pyPpgf3n2thHGyTSuxYzzaBLr8dhPdeFSDiKNDVg
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 18717
via: 1.1 varnish
x-served-by: cache-cph20637-CPH
accept-ranges: bytes
expires: Fri, 05 Mar 2021 01:34:48 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1619521671.773497,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975621789
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 105675
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2

POST
H2 200 track
a.et.nytimes.com/ 0
0 108ms
108ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 152ms
49ms Image
image/gif 52.30.148.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=223308142
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=679816520&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&dr=&ul=en-us&de=UTF-8&dt=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=224598622&gjid=966826036&cid=892656445.1619521670&tid=UA-58630905-2&_gid=712529914.1619521671&_r=1&gtm=2wg4e1P528B3&cg1=world&cg2=asia&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&cd3=&cd4=World&cd9=9&cd10=null&cd12=Asia%20Pacific&cd13=null&cd14=international_desk&cd15=earned&cd16=referring_links&cd17=100000004556158&cd18=CHOE%20SANG-HUN&cd19=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says&cd20=&cd21=Article&cd23=World&cd25=Asia%20Pacific&cd26=null&cd27=null&cd28=null&cd29=null&cd30=2018-01-20T01%3A00%3A31.840Z&cd32=World%20News%2CAsia%20Pacific&cd33=SECTION&cd34=NEWS&cd36=29korea&cd37=413&cd38=Foreign&cd42=nyt-vi&cd43=Cyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security&cd44=Interpark&cd45=Choe%20Sang-Hun&cd46=North%20Korea%2CSouth%20Korea&cd48=null&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Foreign&cd54=international_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=2WRcdnnN4Abks7k3BwtkWUMM&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd149=0&cd150=0&cd162=&cd163=&cd164=2WRcdnnN4Abks7k3BwtkWUMM&z=1655452534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame BD41 237 B
225 B 65ms
65ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=619528884849295582&bl=boq_subscribewithgoogleclientserver_20210425.14_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=47271&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79be8500433b2b59aadb3b1d5d13c5a8cc7272799498c2b526f71f2abee0528c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L... Frame BD41 46 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6dzI-Tzp05ztfYXFtBMnTgAoFxtA/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c39ef95a64e6bc2c7a0714a4669695fd04a9e9487120a230ab4b9491e94f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 02:50:43 GMT
server: sffe
age: 57345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17644
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:12:05 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L... Frame BD41 236 B
183 B 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6dzI-Tzp05ztfYXFtBMnTgAoFxtA/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 02:50:43 GMT
server: sffe
age: 57345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:12:05 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L... Frame BD41 796 B
467 B 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.T3fbBllDqaw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FODAz0I_sc0.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,lwddkf,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6dzI-Tzp05ztfYXFtBMnTgAoFxtA/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b34227f01a61c83f0161be5a92d40872b2e564d5a81b23557938df23af32db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 02:50:43 GMT
server: sffe
age: 57345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 444
x-xss-protection: 0
expires: Tue, 26 Apr 2022 19:12:05 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
169 B 326ms
106ms Image
image/gif 3.232.164.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&u=Cumi09BFSgOFBho6vP&d=nytimes.com&g=16698&g0=Asia%20Pacific%2Cinternational_desk&g1=CHOE%20SANG-HUN&n=1&f=00001&c=0&x=0&m=0&y=3423&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2903&t=BWNUm2CvpmugCtFrj9C7cZd0Cil45W&V=126&i=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says&tz=-120&_acct=anon&sn=1&sv=BsO4ToC4kQdODNwOohI6VYnBA_NDG&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-164-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 log Show response
play.google.com/ Frame BD41 131 B
638 B 62ms
43ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
43ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 27 Apr 2021 11:07:50 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 11:07:50 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame BD41 131 B
154 B 58ms
46ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:50 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame BD41 131 B
154 B 56ms
44ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
43ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 27 Apr 2021 11:07:50 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 11:07:50 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame BD41 131 B
154 B 60ms
45ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 11:07:50 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
40ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 27 Apr 2021 11:07:50 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 11:07:50 GMT
cache-control: private

GET
H3-29 200 dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=*;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=1000000...
adservice.google.com/ddm/fls/z/ Frame CEAC 42 B
63 B 54ms
54ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=*;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CP2vlq-knvACFY4z4AodjywAlg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8814439778453;gtm=2wg4e1;auiddc=1316076400.1619521671;u4=;u5=undefined;u6=undefined;u7=2WRcdnnN4Abks7k3BwtkWUMM;u8=;u10=;u11=1;u12=100000004556158;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 50136
stags.bluekai.com/site/ 62 B
550 B 252ms
179ms Image
image/gif 23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/50136?limit=1&id=2WRcdnnN4Abks7k3BwtkWUMM&gtmcb=335307816
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 11:07:51 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: c45e
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK Cookie set 50134 Show response
stags.bluekai.com/site/ Frame 6B2B 2 KB
3 KB 301ms
250ms Document
text/html 23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8be978a2b69f86234c22cb5b0c408e66c09f19bd52856f083fef0ec958e0fde9

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bkdc=phx; bku=5LD99/qyCtYRQtGG
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

Content-Type: text/html
Content-Length: 2311
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
BK-Server: ace8
Date: Tue, 27 Apr 2021 11:07:51 GMT
Connection: keep-alive
Set-Cookie: bku=5LD99/qyCtYRQtGG; expires=Sun, 24-Oct-2021 11:07:51 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

GET
H2 200 metered_assets.common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 170 KB
56 KB 32ms
22ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/metered_assets.common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f31630ca68a1086f818077d97587e57029a187035e20fb6e4bf891ba0371b2a4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
age: 82159
x-cache: HIT
content-length: 56793
x-served-by: cache-cph20637-CPH
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:24:42 GMT
server: nginx
x-timer: S1619521671.127652,VS0,VE0
x-origin-server: mwcm-pub-est09.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 10

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/areas/metered_assets/dock/js/src/ 1 KB
945 B 33ms
24ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/areas/metered_assets/dock/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56dba20d926a7d5f923b1fe9a8a448ba814726dbe39550df193d664a68089709

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
age: 82148
x-cache: HIT
content-length: 836
x-served-by: cache-cph20637-CPH
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:24:42 GMT
server: nginx
x-timer: S1619521671.127592,VS0,VE0
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/areas/metered_assets/dock/css/ 5 KB
1 KB 21ms
20ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/areas/metered_assets/dock/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98cf9b007ec0593192cdfc0a9c68fca78602e2aef75080628a4fb24ccec352b8

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
age: 82159
x-cache: HIT
content-length: 1199
x-served-by: cache-cph20637-CPH
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:24:42 GMT
server: nginx
x-timer: S1619521671.131314,VS0,VE0
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 logo-nyt-header.svg
mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/libs/assets/img/logo-nyt-header.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71a1a7e4b8e99b30226b248180515bec029985cc0c6777e286efa7db1dd3c855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
age: 82148
x-cache: HIT
content-length: 1844
x-served-by: cache-cph20637-CPH
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:24:43 GMT
server: nginx
x-timer: S1619521671.131385,VS0,VE0
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 21ms
20ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=zgCcGg==, md5=oirj7R53XOkM7Rbxgi9N3A==
date: Tue, 27 Apr 2021 11:07:51 GMT
via: 1.1 varnish
content-type: font/woff2
age: 2286512
x-guploader-uploadid: ABg5-Ux-9l_fGqT9bvHXFCD837CqrZ597_QpzNnRfwU-YWoJTcUthghkfDW6cWZFz0n8lEQsuWrsSuFeBaIurPONZzbMdkyA2A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28604
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Thu, 31 Mar 2022 23:59:19 GMT
last-modified: Thu, 21 Jan 2021 15:56:45 GMT
server: UploadServer
x-timer: S1619521671.138007,VS0,VE0
etag: "a22ae3ed1e775ce90ced16f1822f4ddc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244605512421
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28604
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5045

GET
H2 200 franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 22ms
22ms Font
font/woff2 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date: Tue, 27 Apr 2021 11:07:51 GMT
via: 1.1 varnish
content-type: font/woff2
age: 8331997
x-guploader-uploadid: ABg5-Uy2ZdvXp0WFwM5zu59U-tnwMREC6SqB_1ri70MYOgNwTe-8w331M_G9rDKJlPf3l-4kO1FYcunOMfyTDJOFdEA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 20212
x-served-by: cache-cph20650-CPH
accept-ranges: bytes
expires: Fri, 21 Jan 2022 00:41:13 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1619521671.138219,VS0,VE0
etag: "abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921515746
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20212
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5675

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=679816520&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&dr=&ul=en-us&de=UTF-8&dt=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dock&ea=impression&el=MAG_web_regi_us_sale_apple-pay-dock-ecd-test&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=892656445.1619521670&tid=UA-58630905-2&_gid=712529914.1619521671&gtm=2wg4e1P528B3&cg1=world&cg2=asia&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&cd3=&cd4=World&cd9=9&cd10=null&cd12=Asia%20Pacific&cd13=null&cd14=international_desk&cd15=earned&cd16=referring_links&cd17=100000004556158&cd18=Choe%20Sang-Hun&cd19=North%20Korea%20Stole%20Data%20of%20Millions%20of%20Online%20Consumers%2C%20South%20Says&cd20=&cd21=Article&cd23=World&cd25=Asia%20Pacific&cd26=null&cd27=null&cd28=null&cd29=null&cd30=2018-01-20T01%3A00%3A31.840Z&cd32=World%20News%2CAsia%20Pacific&cd33=SECTION&cd34=NEWS&cd36=29korea&cd37=413&cd38=Foreign&cd42=nyt-vi&cd43=Cyberattacks%20and%20Hackers%2CComputer%20Security%2CE-Commerce%2CCyberwarfare%20and%20Defense&cd44=Interpark&cd45=Choe%20Sang-Hun&cd46=South%20Korea%2CNorth%20Korea&cd48=null&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Foreign&cd54=international_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=2WRcdnnN4Abks7k3BwtkWUMM&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd149=0&cd150=0&cd162=&cd163=&cd164=2WRcdnnN4Abks7k3BwtkWUMM&z=1327835803

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 15:44:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69818
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2

200

/
www.google.de/pagead/1p-user-list/1008590664/ Frame 6B2B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0&is_vtc=1&random=41588241
https://www.google.de/pagead/1p-user-list/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0&is_vtc=1&random=41588241&ipr=y

42 B
108 B

18ms
18ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0&is_vtc=1&random=41588241&ipr=y

Requested by

Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1008590664/?label=-SogCP-z8nsQyL734AM&guid=ON&script=0&is_vtc=1&random=41588241&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4538
tags.bluekai.com/site/ Frame 6B2B
Redirect Chain

https://c.bing.com/c.gif?uid=NJO3vegV99evTT5Q&Red3=MSBK_pd
https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596

62 B
741 B

180ms
180ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:51 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: dc09
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
x-msedge-ref: Ref A: 333030A6E0264D6AB86AB7EB5B10E3B2 Ref B: FRAEDGE1413 Ref C: 2021-04-27T11:07:51Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 6B2B 43 B
311 B 153ms
149ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=NJO3vegV99evTT5Q&p_id=661892&

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Tue, 27 Apr 2021 11:07:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7f44ddda5e2675fa2918a7a3d8f16497
x-transaction: 0083a019006cdc0e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

2981
tags.bluekai.com/site/ Frame 6B2B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TkpPM3ZlZ1Y5OWV2VFQ1UQ%3D%3D&
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFQdWmSkMlBREpSorOMTA_8&google_cver=1

62 B
761 B

234ms
173ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFQdWmSkMlBREpSorOMTA_8&google_cver=1
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:51 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 487e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFQdWmSkMlBREpSorOMTA_8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4413
tags.bluekai.com/site/ Frame 6B2B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123
https://sync-tm.everesttech.net/ct/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123&_test=YIfwhwAAejumUgBg
https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123&_test=YIfwhwAAejumUgBg

62 B
741 B

214ms
181ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123&_test=YIfwhwAAejumUgBg
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:51 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: ff1e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619521672.522545,VS0,VE0
x-served-by: cache-hhn4025-HHN
x-cache: HIT
location: https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123&_test=YIfwhwAAejumUgBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

5386
tags.bluekai.com/site/ Frame 6B2B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=bluekai&ttd_tpi=1
https://tags.bluekai.com/site/5386?id=3ad38a6a-e3bd-4a84-82ad-31993d516dc6&gdpr=1&gdpr_consent=

62 B
769 B

232ms
201ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=3ad38a6a-e3bd-4a84-82ad-31993d516dc6&gdpr=1&gdpr_consent=
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:51 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 7636
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://tags.bluekai.com/site/5386?id=3ad38a6a-e3bd-4a84-82ad-31993d516dc6&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 221

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa76b82310c86226b4839d5c4c8a81060fe9c302e391b8e7fa2a076bfa487aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7014
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
2 KB 62ms
32ms Script
application/javascript 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c80ac7c4861f34ef4b2059636f5f58924986ec44406c48e65ad7b921ea172e9

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 569
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SCCBXSM7CCB8M1DF
x-amz-id-2: xAHoWqyAba/Rcs3AMu8BI9+g0WLSMIBjE77fZuvLEG4rmtyeYqO1073OrSNGQXta87rq6Zuo638=
last-modified: Thu, 15 Apr 2021 15:47:28 GMT
server: cloudflare
etag: W/"616805639c6ad078d36253ef6bd794b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fJ6HNc1KyZ%2FZ24bYYpuO9GnmmskbL6Qc%2Fxq%2BgePazWOPp3tLhRis5I8Cpj2pAu0NTBUBkyl0R5JgG%2BQOCH%2Fb4AUe97O6ECtFDUERmp63e9aTDh9jVhfIK3G65Kal%2Fdpf5Xt0"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-request-id: 09b49caa6b0000d6bd7192b000000001
cf-ray: 646796f0ad9bd6bd-FRA

POST
H2 204 /
685d5b1b.akstat.io/ 0
202 B 28ms
26ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://685d5b1b.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:51 GMT
content-type: image/gif
access-control-allow-origin: https://www.nytimes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:51 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 27 Apr 2021 11:07:51 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6CB2 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 27 Apr 2021 10:51:47 GMT
expires: Wed, 27 Apr 2022 10:51:47 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 964
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sdk-prod-73d00e27914c0fe68ea3.js Show response
platform.iteratehq.com/ 870 KB
236 KB 65ms
50ms Script
application/javascript 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-73d00e27914c0fe68ea3.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c3eb4f099644d748580b6d0681c043012dfc9bb4516acb7419f3754d7560d9

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1019898
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SCC719RQR9CMNQ6Z
x-amz-id-2: wfV21Pmj2IT26ap7VGI2EjnCGxzfVw+PeETolLtNSFzau2Ip1vMnlfWZsWut7PCDokq7muzlfuI=
last-modified: Thu, 15 Apr 2021 15:47:22 GMT
server: cloudflare
etag: W/"8f1428ca88ee7550c53747097a0bec3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kBuKX%2FgtPd394cihtkPnXa4IIm1Dhd8qvoszbe5Ld%2FOFoakvUSJ%2FMP9TzWCS9RNizt1vcd%2FJJdmcd1cGN%2BLN75Q%2B7L6ZZMXzQK7x60rfyQj6WSF924%2B23%2B50MsE81Ldr5lEe"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 09b49caa9c0000e007b58f6000000001
cf-ray: 646796f0fd5fe007-FRA

GET
H3-29 200 style-49e408b8c1e44beafa1b.css
platform.iteratehq.com/ 145 KB
12 KB 34ms
19ms Stylesheet
text/css 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-49e408b8c1e44beafa1b.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3074968
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FS8Y3QFKEWCAR432
x-amz-id-2: zuPrV/sxaKvRGft7FRGAaA+c7tjWDeGnX7Sc8f7EcyMAXbebjwfQDXjINrquIBhcIpb6Ah6Yd1o=
last-modified: Wed, 10 Mar 2021 16:57:40 GMT
server: cloudflare
etag: W/"03c7fa2d3d6a28098dd43eb9b903eced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tsaykYsh9jQS538SpxQVssme8dwsjA9aE902AlR3sRiGGnJwZtxRSQWZXD9ye5k%2BrFjgrr9XASrUZhLE%2FKlRc0xedbEAdNm7b3e94BvAVVs6MRMxAFvg1Vn2tj4ZcJADt0iV"}]}
content-type: text/css
cache-control: max-age=31536000
cf-request-id: 09b49caa9c0000e007a0966000000001
cf-ray: 646796f0fd5de007-FRA

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CB2 14 KB
6 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 14953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Wed, 27 Apr 2022 06:58:38 GMT

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 165ms
135ms Preflight 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 27 Apr 2021 11:07:52 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
cf-request-id: 09b49cab7f00009754a015f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qDyEtJXMBacQK4JTtt%2FSspe0hWt5S3uoDcn0y6JTLq6f2%2BZ0xCUCLNeGZYbu6C5ajNc9Jfzq8Y5IhDMYpbe0p6FSgZf95GxT6FoEFhKdZZk7XqHyBTdopquO"}],"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 646796f26eda9754-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 249ms
238ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-73d00e27914c0fe68ea3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f5ed7602abd287c50d432264c5a700a4070989a78260f226e6ddefa3fac4c0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Tue, 27 Apr 2021 11:07:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I8D5Tbl9wDicC9czGXoXZusQz0m1d8vEeYUpzyFZbNtD%2BIr44nfgzDfZew%2Bgc9ULVyh7dHxAKyY7rktBey6q%2BIZvWNL9nWXsSUJrQ7UntcLpCv2bbJyk5WSz"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 646796f34b784a55-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b49cac1300004a55daba7000000001

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=1304245805419320&bg=!GBulG1_NAAZUuIlwVLg7ACkAdvg8Wk3-AjAcUydRQscv1KdwLHTmnpI-s5HC7K-mf8lHV6tR6vfB3gIAAAD8UgAAAA1oAQcKAUzmtk2K8TTNctRF_s3vU3z0vsOhSr_4R-RwAzTnHkPvHKOUfrvSLXp2dldLxJos8-4QjEZcwEkdzwi-rBmvs-mrU-A9F7hmzxQuXEP-LIUwuw1jL33aCxHSS2fwO0ku5UHxX4chh47RfsVv7HCTHLcZlaS3Z6_ltvwqHxpfiLuJgo5Yr_Q4ofXH-rFCbPT1Xt2S8J4efODMgE_XXKTpWsKuCQreOAq1Qc5QoZ-gZj-TgvRQVCH-lANmTgdmiEEWcGsiOESTivPMcNEzccUWYu8l6JS-XfhoIep-8DiHAaumhRrvBrMmDNN6eHgDMX5q8dHNx3H3Quj-fywOrvBXhXXYBMBpeQBWbie25DJNPaGbzGyHQEOZfqH-l5gNQrQGwgj4VrV2dSCOkGSjoCxxscUPJdm5X6HX5asKEMWO2e8vr-gVH6o6MFlTHCc35pkCH_vRkwoa-OM7Lp71aqT0Z4KBwzhPdk66NOKUdpqxXB6ynnGMrVxHRGLeBLtzTEQ9rXmh_EmOhfvMEn_4Pk2sHe8Ytsf96BIXfPsikmc37IJZ0qGYn4aXBJBH19b8si43GYtHcQh_8WUNlpzeiFoyVn0a09hSv6Pdj2apdL1tYcFlrktAdzd1tKcOmdza_lmwONg11nl6DVsxgAGL-Y5gPPusXRjhqW7xjFUGrRf5wAJp6i5_kDO70dS_vPQzr6NuO4-id1jgaN-sw3r-u48dWwk0Mwq4E5Ikc4GVCKklvovFJo7cX_uSIMr0DAfj_5fCUlA4aPQ1f_3Yqd8WKq_IUORMpmXIzfirfc9Ey0VuRWR4Mw7pHzyNNooYb5qkonk9zp4hu7wrYwYKFhsSMBo1qK098KB5AEhC3U7e1lhRfexY9JsmxOrt1AtCrrHyD1XUSpP0ZjU275F6O0id1uVu-cuUGkgAoulIRBh6gez48ECr8OPj9I3i7WLaOuftuD_wEZznTnbMBdOEZiNjKBAu0nZ6rcIrIB1ufjaKMYWlhZ3cWhTipRbgEqO3y67tPFZOg_q6EBK7bm3pB5Sz5_s0RvYnaFxEWRsSUMXj22b1cKZQmJxjKGVVHL8M-_DXj6v5YaObLleW9vp-qMx-Q6Bg6CCwP6_BAvCrdtf-wX488jYpdWh6rtprtNGDYrZP46YnKiyTfO4aJPT4lcJQ3IEGaQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
100ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK Cookie set 50134 Show response
stags.bluekai.com/site/ Frame F9FE 2 KB
3 KB 215ms
215ms Document
text/html 23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf330e57076e53c8d35e0ef5198d271b348d06ae9028641cad85f9b7e96bc18a

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bkdc=phx; bkpa=KJpEnXTLu5Dl1EW6+L21LRl6EYFwvc56E163pxNB56oUvf/NBeJVi02JnufOA9x9HUzD9Q==; bku=wHW99/4yCtY1CBL3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stags.bluekai.com/site/50134?ret=html&phint=regid%3D&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3DCHOE%20SANG-HUN&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D1&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2016%2F07%2F29%2Fworld%2Fasia%2Fnorth-korea-hacking-interpark.html&phint=referrer%3D&phint=section%3DWorld&phint=subsection%3DAsia%20Pacific&phint=pagetype%3DArticle&phint=keywords%3DCyberattacks%20and%20Hackers%2CE-Commerce%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CNorth%20Korea%2CSouth%20Korea%2CInterpark%2CChoe%20Sang-Hun&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3DWorld%20News%2CAsia%20Pacific&phint=contenttype%3Darticle&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=82607218

Response headers

Content-Type: text/html
Content-Length: 2311
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
BK-Server: edb2
Date: Tue, 27 Apr 2021 11:07:56 GMT
Connection: keep-alive
Set-Cookie: bkpa=; expires=Sat, 16-Jan-2016 00:00:00 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=wHW99/4yCtY1CBL3; expires=Sun, 24-Oct-2021 11:07:56 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/1008590664/ Frame F9FE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=688969732
https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=688969732&ipr=y

42 B
64 B

30ms
29ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=688969732&ipr=y

Requested by

Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=688969732&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4538
tags.bluekai.com/site/ Frame F9FE
Redirect Chain

https://c.bing.com/c.gif?uid=yJ4qv7WY99enTT5Q&Red3=MSBK_pd
https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596

62 B
525 B

184ms
184ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=86400, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 97ce
Expires: Wed, 28 Apr 2021 11:07:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:56 GMT
x-msedge-ref: Ref A: FDD614A07D8E4F84BC407922BBD3E1F0 Ref B: FRAEDGE1413 Ref C: 2021-04-27T11:07:56Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://tags.bluekai.com/site/4538?id=3DE9670B492E642D3599772D48456596
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 adsct
analytics.twitter.com/i/ Frame F9FE 43 B
170 B 154ms
152ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=yJ4qv7WY99enTT5Q&p_id=661892&

Requested by

Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Tue, 27 Apr 2021 11:07:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7f44ddda5e2675fa2918a7a3d8f16497
x-transaction: 008a7dff002a118e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

2981
tags.bluekai.com/site/ Frame F9FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=eUo0cXY3V1k5OWVuVFQ1UQ%3D%3D&
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=eUo0cXY3V1k5OWVuVFQ1UQ%3D%3D&google_tc=
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEM8po5hxfitFsJvLKx3Qezs&google_cver=1

62 B
549 B

224ms
224ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEM8po5hxfitFsJvLKx3Qezs&google_cver=1
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 11:07:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: b8b
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEM8po5hxfitFsJvLKx3Qezs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4413
tags.bluekai.com/site/ Frame F9FE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123
https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123

62 B
525 B

201ms
201ms

Image
image/gif

23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 11:07:56 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=86400, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 860f
Expires: Wed, 28 Apr 2021 11:07:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 11:07:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619521677.557374,VS0,VE0
x-served-by: cache-hhn4025-HHN
x-cache: HIT
location: https://tags.bluekai.com/site/4413?id=YIfwhwAAejumUgBg&r=123
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F9FE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai&ttd_tpi=1
https://tags.bluekai.com/site/5386?id=3ad38a6a-e3bd-4a84-82ad-31993d516dc6&gdpr=1&gdpr_consent=
https://usermatch.krxd.net/um/v2?partner=bluekai
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=bluekai

0
337 B

141ms
46ms

Image
text/plain

63.35.129.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=bluekai
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.129.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-129-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 11:07:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=57 t=1619521677
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=bluekai
date: Tue, 27 Apr 2021 11:07:57 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Ping
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK Cookie set 50134 Show response
stags.bluekai.com/site/ Frame B8CA 71 B
754 B 174ms
174ms Document
text/html 23.37.43.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=2&r=69539547
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.43.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=56275598

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: ace8
Date: Tue, 27 Apr 2021 11:08:01 GMT
Connection: keep-alive
Set-Cookie: bkdc=phx; expires=Sun, 24-Oct-2021 11:08:01 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bkpa=KJpEnXTLu5DlBE96BgWFuithpuMJpPanvqWNDYF/n0fJ0D21LEPuvf/NLpxN+MxN1xz9S5/mK9==; expires=Sun, 24-Oct-2021 11:08:01 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=NL199JcyCtejIuTb; expires=Sun, 24-Oct-2021 11:08:01 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluekai.com/	1970-01-19 22:11:13	Name: bku Value: wHW99/4yCtY1CBL3
.bluekai.com/	1970-01-19 22:11:13	Name: bkpa Value: KJpEnXTLu5Dl1EW6+L21LRl6EYFwvc56E163pxNB56oUvf/NBeJVi02JnufOA9x9HUzD9Q==
.nytimes.com/	1970-01-19 18:02:06	Name: RT Value: "z=1&dm=nytimes.com&si=e09170b4-8f5d-4b1d-b1ce-df6165e38bd6&ss=knzxdwlm&sl=1&tt=2yr&bcn=%2F%2F685d5b1b.akstat.io%2F&ld=2yy"
.bluekai.com/	1970-01-19 22:11:13	Name: bkdc Value: phx
.nytimes.com/	1970-01-20 02:37:37	Name: nyt-a Value: 2WRcdnnN4Abks7k3BwtkWUMM

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js(Line 33) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: Subscriptions Runtime: 0.1.22.158
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: [GPT] Error in googletag.defineSlot: Cannot create slot /29390238/nyt/world/asia. Div element "top" is already associated with another slot: /29390238/nyt/world/asia.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: [GPT] Invalid arguments: googletag.defineSlot('/29390238/nyt/world/asia', [], 'top').
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'defineSizeMapping' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: [GPT] Exception in googletag.cmd function: TypeError: Cannot read property 'defineSizeMapping' of null.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6) Message: Invalid GPT fixed size specification: []
console-api	log	URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/metered_assets.common.js(Line 32) Message: Sumo Logic Logger requires you to set an endpoint.
console-api	log	URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/metered_assets.common.js(Line 32) Message: Sumo Logic Logger requires you to set an endpoint before pushing logs.
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d962b397ddf3836b81e9.js(Line 51) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2363ded05a9bf1263dd12498a8ece954.safeframe.googlesyndication.com
5290727.fls.doubleclick.net
685d5b1b.akstat.io
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.dk
analytics.twitter.com
beacon.krxd.net
c.bing.com
c.go-mpulse.net
cm.g.doubleclick.net
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
googleads.g.doubleclick.net
insight.adsrvr.org
iteratehq.com
match.adsrvr.org
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.chartbeat.com
static01.nyt.com
sync-tm.everesttech.net
tags.bkrtx.com
tags.bluekai.com
tpc.googlesyndication.com
usermatch.krxd.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
104.111.228.137
104.244.42.195
142.250.185.102
142.250.185.98
142.250.186.162
151.101.113.164
151.101.114.49
151.101.193.164
23.37.43.59
2600:9000:20eb:7600:18:1fcd:34e:d2a1
2600:9000:2156:9000:a:a8c5:a040:93a1
2606:4700:3032::ac43:c7c7
2606:4700:3037::6815:24db
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2013
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:813::2013
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200e
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
3.232.164.179
34.205.120.60
35.241.35.241
52.30.148.233
52.31.220.191
63.35.129.75
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536
110a392ca8298c0e09bd9b10968b3790ae9058936ea8b98a0f10b953d84a686d
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1d317bae8ff662e05e869c4dfa8841705b2cdc46b05e19553e19029eb69ee1c3
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2a0950ef75a2684d278572fb5f63f86f96d6d6c9ecb284764874ab9c4a89fc8d
2b34227f01a61c83f0161be5a92d40872b2e564d5a81b23557938df23af32db1
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
33a50e5d4b6526fe9ab40e8d4ec3132533fff702b50beb0893a9eb69a0ce6ec5
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4d41bce1e64d901b708a2f246cad8321f5a4a1053fb2558d255ee91e7b80ce97
4dd02fe3862528e0acf62c3be4d61f97298746e70fd378714bcae38922333d2d
4f6e33363723afe00b9a288165254f1c934c617ef2c5dce13c17b07561fcde29
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
56dba20d926a7d5f923b1fe9a8a448ba814726dbe39550df193d664a68089709
5c760e0476a536ece172bca7ae1ca795f0f3e445a884f7d0f47a85e455ae436b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6a944ac0d777cc32fb5b3a78cce0e856d19f053221cbc8d25c1ba1617f0ffb89
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
71a1a7e4b8e99b30226b248180515bec029985cc0c6777e286efa7db1dd3c855
7246bff8d49e81252916f43d078680bb47e92c6ea4b5cbefef568a2a1fba36ba
77cbf8b1bbb8ba49cb6a30721e031b2cc8e5d74f93fc718ddf1b671d28161943
79be8500433b2b59aadb3b1d5d13c5a8cc7272799498c2b526f71f2abee0528c
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7f8bb7480530dcbf8914302b38338eeec4e997f67bb88cbeecb7d2c97c4d494e
80c39ef95a64e6bc2c7a0714a4669695fd04a9e9487120a230ab4b9491e94f1c
817f8a98047781c87ac300c2365e33f351efeaf95a856b9088e506ad0b76de5c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8be978a2b69f86234c22cb5b0c408e66c09f19bd52856f083fef0ec958e0fde9
8c1726d3dd80953e08ca7ae20a1da7d21e7d2b343ad812e5bd50f816f1131672
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1d48d63fd938f447964dfddb44ab4a95a406ff16c992eda7c26739c7990daf
95f5ed7602abd287c50d432264c5a700a4070989a78260f226e6ddefa3fac4c0
98cf9b007ec0593192cdfc0a9c68fca78602e2aef75080628a4fb24ccec352b8
9c80ac7c4861f34ef4b2059636f5f58924986ec44406c48e65ad7b921ea172e9
a2b7ca640256930fe54570cffe05216d507724660d3d70afa0b11c8da926de5c
a2c3eb4f099644d748580b6d0681c043012dfc9bb4516acb7419f3754d7560d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a948a4464f5fd459e65b35799dc65da324e59d9f307e12c51a34471186631d3e
aa76b82310c86226b4839d5c4c8a81060fe9c302e391b8e7fa2a076bfa487aae
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b11d5ae11f8350cc68d0864026ee2e81c92c271c448253f55a83641fa9a9d103
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b705360a40c45dacbecc3b0a349d5c15120e497a80b2d32700dd16f512a7dea7
ba6c40c00da06d743ae9c96b7c7f16a0ca027271c693abe23bc6f8d6deac6da6
bbf2943feffd00bc92a223918aeabf65db3bf8580d9840ca571c6a40b29cd073
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c09cfcfc4cb5b69cebc0ce87154e5fb1dfc2a0b80feb1f1264ab4da09c1a4fc3
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c2e38cee6f27ca78fbc78c1652257f91aad7d5b09179950e02fbcd33f3ee7d1f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cad5c4d8cc2ea837598539864854aad4feafe257c2712c5fdba3eb8306a80a6f
cdfc7439d98dc19221e80b5f0649f7073a3d730050d2f416c16030a90b2c2bc9
cf330e57076e53c8d35e0ef5198d271b348d06ae9028641cad85f9b7e96bc18a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dbdcbb20f0ca5a49da5a2c5c15626c9fca751c0f522a5842b8ab48bf10a55624
dfdd17edc61438c49117c808965c2511b0195733a867e89b45d8975cf1347fbc
e26579ed82711f69e4c4f7a3e7d195f42608f76240e5b4eb75f154d7bbe0b803
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab03af418946d398a1f3e70061688e066cc8833fdd6b13f5210875e68b54de5
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31630ca68a1086f818077d97587e57029a187035e20fb6e4bf891ba0371b2a4
f5c114b33335bbbdd2256295a93890facfbda033ae91b8eaefde6655a71e6190
f9645b6f3d12e65ae58f00bd837c0f6eade6592c0e7bffe5d4395fb75502a061
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fad23a09b8938bc8915a34f8e0cef6ec21b2036eb98b8d6c7753899630f6144f
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff497d39fcd10a7a510e3fdfb20278b79822a2c077e7d5a78e4faad7836698c4

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

100 %HTTPS

63 %IPv6

22 Domains

47 Subdomains

35 IPs

3 Countries

2157 kBTransfer

6761 kBSize

5 Cookies

16 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

100 %
HTTPS

63 %
IPv6

22
Domains

47
Subdomains

35
IPs

3
Countries

2157 kB
Transfer

6761 kB
Size

5
Cookies

133 HTTP transactions
0 data transactions