www.nytimes.com Open in urlscan Pro
151.101.193.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&...
Submission Tags: falconsandbox
Submission: On July 17 via api (July 17th 2022, 6:23:32 am UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 14 domains to perform 112 HTTP transactions. The main IP is 151.101.193.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2900.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
6	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
15	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	99.84.146.5 99.84.146.5	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2	34.192.116.222 34.192.116.222	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:d800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:79b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.0.64.204 52.0.64.204	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
112	25

38 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.146.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-146-5.txl52.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.116.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-116-222.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:d800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:79b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.64.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-64-204.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2900 a.et.nytimes.com — Cisco Umbrella Rank: 6622 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 9108 als-svc.nytimes.com — Cisco Umbrella Rank: 12025 myaccount.nytimes.com — Cisco Umbrella Rank: 13475 dd.nytimes.com — Cisco Umbrella Rank: 12744 meter-svc.nytimes.com — Cisco Umbrella Rank: 12914 a.nytimes.com — Cisco Umbrella Rank: 8604 purr.nytimes.com — Cisco Umbrella Rank: 8804 mwcm.nytimes.com — Cisco Umbrella Rank: 12904	1 MB
30	nyt.com g1.nyt.com — Cisco Umbrella Rank: 10445 static01.nyt.com — Cisco Umbrella Rank: 8065 typeface.nyt.com — Cisco Umbrella Rank: 30307 a1.nyt.com — Cisco Umbrella Rank: 9028 mwcm.nyt.com — Cisco Umbrella Rank: 18894	740 KB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 10480	159 KB
8	googlesyndication.com 82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	40 KB
4	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7787 iteratehq.com — Cisco Umbrella Rank: 6694	31 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
2	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3326	16 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7770	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 685	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1247	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 6937	792 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	105 KB
112	14

	Domain	Requested by
17	www.nytimes.com	www.nytimes.com
16	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
12	a.et.nytimes.com	www.nytimes.com
8	samizdat-graphql.nytimes.com	www.nytimes.com
6	mwcm.nyt.com	www.nytimes.com
5	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	typeface.nyt.com	www.nytimes.com typeface.nyt.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
3	static01.nyt.com	www.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	a.nytimes.com	www.nytimes.com mwcm.nyt.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	www.googletagservices.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
112	32

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
cn.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
nyt.qualtrics.com
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-07-13` - `2022-10-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
a.nytimes.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Frame ID: 47FEC286EF41F94B2712F3BFCE89A6F3
Requests: 83 HTTP requests in this frame

Frame: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924
Frame ID: A3A19E8DAB0C218129D93C3DC4D9D8E6
Requests: 11 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: B07BC1D79576C3DB2E630F836576230A
Requests: 3 HTTP requests in this frame

Frame: https://82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63F7352C13F5F47B2F3618C875C7557E
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage
Frame ID: 1F360B181117FE0943E7409C6258247C
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage
Frame ID: 1942A3C77DEB470DCE39738144DD73CB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17F6925FD9830F71A0EF235F9125A131
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F93311EC9653D09099FC9EC5C9E66941
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments - The New York TimesThe New York Times: Digital and Home Delivery Subscriptionsplus-iconcheck

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

112
Requests

100 %
HTTPS

56 %
IPv6

14
Domains

32
Subdomains

25
IPs

2
Countries

2396 kB
Transfer

7158 kB
Size

28
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/world/20190322/government-hackers-nso-darkmatter/
Title: 阅读简体中文版

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/world/20190322/government-hackers-nso-darkmatter/zh-hant/
Title: 閱讀繁體中文版

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=1281e5fc-d028-11ea-a072-340cee6a52b6&campaignId=9WJRH
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancellation
Title: cancel.

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

URL: http://nyt.qualtrics.com/jfe/form/SV_6xph8FSrgDdOgap?link=DL&mtc=1&src=https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage&agt=BUrp2ch4wCjSijxbpCz1vD&gwlp=2
Title: Tell us why

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage

Request Chain 93

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request government-hackers-nso-darkmatter.html Show response
www.nytimes.com/2019/03/21/us/politics/ 274 KB
85 KB 523ms
465ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

107b47fa0927d6165dcd8b7d2c1073cb1c8820aab0307d1f6b52477f822cb997

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 84832
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Sun, 17 Jul 2022 06:23:25 GMT
fastly-restarts: 1
last-modified: Sun, 17 Jul 2022 06:23:24 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2019/03/21/us/politics/government-hackers-nso-darkmatter.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 933c9026edb045e1ae3169d58a9bbc64
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cloud-trace-context: 5ba21ff93e593c3763c8dcdf77e7afc4/7403360913130288777;o=1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1658039005.675900,VS0,VE6
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Sun, 17 Jul 2022 06:23:24 GMT
x-nyt-edge-cache: MISS-MISS
x-nyt-route: vi-story
x-origin-time: 2022-07-17 06:23:25 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2021-11-08T16:14:59.937Z
x-served-by: cache-lga21948-LGA, cache-fra19124-FRA
x-timer: S1658039005.675900,VS0,VE454
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 53ms
7ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 6430285
x-guploader-uploadid: ADPycdtp3zlyaGMN2P4BAxclCfyXuB6ZGUbngiI4XI-StnQTUKe4_0pdwKBamc4qOAlXujd1lYDKsHNHb1XpELDrqDSz6HS1J58y
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10629
via: 1.1 varnish
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Wed, 03 May 2023 20:12:00 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1658039005.212134,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149653041
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9789
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 29008

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 14218810
x-guploader-uploadid: ADPycdsSoNrnpIIAO3KSlsJB1RKp_ZFzNH7PHrSxlTMXoCOqo0yCW6fud4EEpIwxOtZzlEgB1tma57v5imQVKurCueo
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:18 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.168067,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 26519
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Wed, 02 Feb 2022 16:43:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1643820183725633
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-5db31041dcbd2ca4bd5c.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 9ms
9ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-5db31041dcbd2ca4bd5c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b8c210f64aea2fb1ab87df1a29192e57fc2aaf2645239e1ffc51ad1545fb93ff

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 140490
x-guploader-uploadid: ADPycdvszyoBtdkmI6LaREroRgMtJCAWLMk9AuEl-ytIqjdmfB280Vcp_6o7sQMlrcZWpWDmnE9bMe81X0H21zH6CPjpeg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-15 15:22:27 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.201801,VS0,VE1
etag: "096753e8a682bf5ad006b96008652b6f"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-5db31041dcbd2ca4bd5c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3740
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7364
last-modified: Fri, 15 Jul 2022 15:10:39 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=YJ6g5A==, md5=CWdT6KaCv1rQBrlgCGUrbw==
x-goog-generation: 1657897839223738
expires: Sat, 15 Jul 2023 15:21:55 GMT
x-gdpr: 1
x-goog-stored-content-length: 20914
accept-ranges: bytes

GET
H2 200 merlin_152362026_74841236-7d44-4a0b-be74-a84cfb5ed1bb-superJumbo.jpg
static01.nyt.com/images/2019/03/22/us/politics/22hackers1/ 208 KB
209 KB 139ms
98ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2019/03/22/us/politics/22hackers1/merlin_152362026_74841236-7d44-4a0b-be74-a84cfb5ed1bb-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c1a69577f3de2401ef7b2e104e0e47ec2dae6506f8653473d3e270cead6391a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/webp
age: 130753
x-guploader-uploadid: ADPycdtSWbjLzTrYv9ClR9jvuy58LLZZe0bCCWhT53N1Q9pcDVDL5W7FMHeDt_cUjC4OzTAIwHa9AjlPT4QBdoR1O-QgCQ
x-cache: HIT, MISS
fastly-io-info: ifsz=532499 idim=2048x1365 ifmt=jpeg ofsz=213326 odim=2048x1365 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 213326
x-served-by: cache-iad-kjyo7100088-IAD, cache-fra19124-FRA
server: UploadServer
x-timer: S1658039005.253136,VS0,VE92
etag: "+xLvBVS2a8v4ruudxBm0xMakx+31I/AwQAfMQlj3RWs"
vary: Accept
x-goog-hash: crc32c=Wc4B8Q==, md5=O2IIlpoDWWGllw11uuLAHw==
x-goog-generation: 1553270815297728
access-control-allow-origin: *
expires: Fri, 08 Jul 2022 08:31:12 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 532499
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 merlin_145774026_b9c4dc80-00d4-4383-ae74-b676dfe8760a-jumbo.jpg
static01.nyt.com/images/2019/03/22/us/politics/22hackers3/ 31 KB
32 KB 141ms
108ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2019/03/22/us/politics/22hackers3/merlin_145774026_b9c4dc80-00d4-4383-ae74-b676dfe8760a-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e28d50b5eb7065c3375896ce248b0d9ac300bed71b5bb00bc423632f5692bb51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 76418
x-guploader-uploadid: ADPycduNBTeIVIVa-Wm8UYUl7Lwc0K0hQ0VG6CDwtylQPJ1nrmUUnttNv-28H0KUmBhfgX4uSYVcuNX3-h1eU0UncYsqTw
x-cache: HIT, MISS
fastly-io-info: ifsz=88003 idim=1024x683 ifmt=jpeg ofsz=32082 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 32082
x-served-by: cache-iad-kjyo7100176-IAD, cache-fra19124-FRA
server: UploadServer
x-timer: S1658039005.253017,VS0,VE94
etag: "amR3HQVfvsNq8NtN4d3fX1JRpX2rlo1e3xc4FIpJmiI"
vary: Accept
x-goog-hash: crc32c=KLVJRg==, md5=jILY9USKZXVt7tHGZJWM7g==
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 15 Jun 2022 09:58:17 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 vendor-6590b33d4cb850db967c.js Show response
www.nytimes.com/vi-assets/static-assets/ 214 KB
64 KB 9ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2108325
x-guploader-uploadid: ADPycdvtOBkH-JjTMFxCAdROUYsBpzEFYF6A6NC6SAeEaNQfWsuE78xhw-e5ulUJ4mmaHbRSGVQKptLdS2nCvi6aOXCmew
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-22 20:44:40 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.239149,VS0,VE1
etag: "b75822cbef7de86ec44450c02f1a5b75"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 34150
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 64035
last-modified: Wed, 22 Jun 2022 20:31:02 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Z9tGOA==, md5=t1giy+996G7ERFDALxpbdQ==
x-goog-generation: 1655929861916886
expires: Thu, 22 Jun 2023 20:44:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 219560
accept-ranges: bytes

GET
H2 200 story-7b4a2725a4e1f1a415fd.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
318 KB 12ms
11ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-7b4a2725a4e1f1a415fd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3441155b05f7619c37b5715943e446086a9d5c4952d69b7335a3733c3c9d68d9

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 138883
x-guploader-uploadid: ADPycdvtUPlLYz4t_RNbgPN1Av1mmiAUDyP6--Q7ne59wbZL_VUk5BdsNaedTWo21ODLZ3o3Z5FhG0z5sxLJyi5cAOY4qopZKhKy
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-15 15:48:43 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.239638,VS0,VE1
etag: "3201c3da616bd143a5b8df6d29ba75a5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-7b4a2725a4e1f1a415fd.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 100
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 324949
last-modified: Fri, 15 Jul 2022 15:40:43 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=wThRMQ==, md5=MgHD2mFr0UOluN9tKbp1pQ==
x-goog-generation: 1657899643086493
expires: Sat, 15 Jul 2023 15:48:42 GMT
x-gdpr: 1
x-goog-stored-content-length: 1235870
accept-ranges: bytes

GET
H2 200 headerfullbleedhorizontal-76cef79ba39c748fcdb9.js Show response
www.nytimes.com/vi-assets/static-assets/ 219 B
743 B 11ms
10ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/headerfullbleedhorizontal-76cef79ba39c748fcdb9.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c426a94bc3eee54f16dd1bf95d1a0700751585870965b676b7addd8b306f0623

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 919805
x-guploader-uploadid: ADPycdsGrBNKGZ8k-j1Zsrzn3s7RRmYVjCHkySa6SpYIOgHkZG8TwJTyKptJ5xq6bXCmLbvEL0GJ1OWHaswT-4fvNQadFQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 14:54:34 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.239585,VS0,VE1
etag: "59f0c5c789432648acbfaae13762bd63"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/headerfullbleedhorizontal-76cef79ba39c748fcdb9.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5694
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 204
last-modified: Wed, 06 Jul 2022 14:32:20 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=MAW0eg==, md5=WfDFx4lDJkisv6rhN2K9Yw==
x-goog-generation: 1657117940045838
expires: Thu, 06 Jul 2023 14:53:19 GMT
x-gdpr: 1
x-goog-stored-content-length: 219
accept-ranges: bytes

GET
H2 200 main-ee08719e50d9c7e83829.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
365 KB 12ms
11ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ef4d4fac130d9051ca0546459328828dae14477a25a623ea11c61df9b1cc3f20

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 140480
x-guploader-uploadid: ADPycdt5GXq0SuUD4eaDsu6liU8Z_aBfhpTo-QvyDMPGmpN9VJMciY6CkzThaC65F16qTw7fRGJwcgDBFVP6r3bmr7M-Eg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-15 15:22:27 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.239557,VS0,VE1
etag: "f34111bef75326f60c736d2d03d103f2"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 35
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 372433
last-modified: Fri, 15 Jul 2022 15:10:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=qU5I+g==, md5=80ERvvdTJvYMc20tA9ED8g==
x-goog-generation: 1657897840293825
expires: Sat, 15 Jul 2023 15:22:05 GMT
x-gdpr: 1
x-goog-stored-content-length: 1299353
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 389 KB
105 KB 69ms
25ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5cf5f58b3710e63b0339bec9a2656480a41bede98d896d6248968c9b955a007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106652
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 169ms
110ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
813 B 8ms
7ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: AM
x-b3-traceid: 70f20fcd6a54c540-4747e97e84b71361-1
age: 54
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 475ac8758acb6345
samizdat-x-canary: false
x-nyt-country: DE
x-timer: S1658039005.288729,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
x-cache-hits: 4
x-samizdat-query-sup-code
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: HIT
samizdat-x-instance: d63d4b5c
x-envoy-upstream-service-time: 16
content-length: 123
server: envoy
x-served-by: cache-fra19124-FRA
access-control-allow-credentials: true
x-datadog-trace-id: 70f20fcd6a54c540-4747e97e84b71361-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 55ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 40
cache-control: max-age=30
content-length: 0
date: Sun, 17 Jul 2022 06:23:25 GMT
samizdat-x-canary: false
samizdat-x-instance: 37cb5863
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 26ca784fabee7d3-30da0ab46970e187-1
x-cache: HIT
x-cache-hits: 6
x-datadog-trace-id: 26ca784fabee7d3-30da0ab46970e187-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: 88c343271efa6388
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19180-FRA
x-timer: S1658039005.280736,VS0,VE1

GET
H2 200 als Show response
als-svc.nytimes.com/ 1 KB
2 KB 216ms
125ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F389cfef4-d1d9-5a78-af0e-4d598c15a0e0&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: c6cf5f641f7278eaa12cc79c4b7e90358dd6ad78b0f32b4118422a25e63001a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1191

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 33ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7562087
x-guploader-uploadid: ADPycduEtqAI3BIksnb04NCNVhDBaeBU7Z-r9hxl5u1ll7LAAtl2wIBB8vM6JlXaNssSzuyhr1j2gbv_2RZ3LziXjH-6Lb3am3Vo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1658039005.277440,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180610251
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 64523

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 41ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 10562098
x-guploader-uploadid: ADPycdtCqsPnOyDqaY5AVVQFDUtW2hEoiPNf3Sdz27mHUZQ7LcrqJbc2HECo03yFFNZRkcjjM4mGA0B70g9GvXhd2Zk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:28:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658039005.277800,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 54054

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 41ms
14ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 20844826
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1658039005.277777,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 43760

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 46ms
20ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7562087
x-guploader-uploadid: ADPycdslCkX-ykRwNlstBtNVl1g0K0zeH9JvGn8pRHuodjoMmHWLEqiWJ9nrgJAOv4ckjYOJX3ojlQO2nEwOvscoon-XEw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1658039005.277829,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180561781
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19816
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 64665

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 40ms
14ms Font
font/woff2 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: font/woff2
age: 3216304
x-guploader-uploadid: ABg5-Uz3hE8t7c7KmBAPaa9SFjDOLTRqROzLa__9wr3zN8V5NVQVhY3Y8FLTTFTOPGqoE8SQ-1jh0U4weO-DT15uiEzm9-uuSA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:58:17 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1658039005.277864,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513818473
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 64111

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 34ms
9ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 10563429
x-guploader-uploadid: ADPycdtWUA73QKVflqS1lerBMV2SQeHK8ZYw9J-aQW2oYpZ6ZIE6yiUzGL1oJb9mmk7YcAQPLrAkGXbUOfKlVaiK-74
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:06:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658039005.277812,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23817

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 72ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-5db31041dcbd2ca4bd5c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

dc2329b30fd35c876dd7bdba63526c0d42a2b03eb3038bffb4e01a3999206b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28354
x-xss-protection: 0
server: sffe
etag: "1275 / 752 of 1000 / last-modified: 1657922915"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Jul 2022 06:23:25 GMT

GET
H2 200 imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
g1.nyt.com/fonts/family/imperial/ 27 KB
27 KB 8ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=l1jStw==, md5=MNYHNhPjPnQt5MEyWzEGXA==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 10474479
x-guploader-uploadid: ADPycdtr8RryvMwALCa6AmYoHRZLsq5mITOSvCmXMy2yECMHaGFhr-dlzUga6os_81GNPWccDH3z-_QwBGgmT2UBxNo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27268
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:48:45 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1658039005.293282,VS0,VE0
etag: "30d6073613e33e742de4c1325b31065c"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984485418
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27268
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 19998

GET
H2 200 d010de44-3b87-5dcb-899f-8a09b38d3924 Show response
www.nytimes.com/interactive/2022/uri/embeddedinteractive/ Frame A3A1 40 KB
15 KB 223ms
223ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf9665617319a0b0d869d5907b5510035699ab4e6ac86ffdc598591dea98fef8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: s-maxage=3600,no-cache
content-encoding: gzip
content-length: 14322
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Sun, 17 Jul 2022 06:23:25 GMT
last-modified: Sun, 17 Jul 2022 06:23:25 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: ef6cdb31f7f64532a1333c44e7cf6e10
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cloud-trace-context: e1d31379b397ec01782dd7ed5e2072e0/6522912469771264895;o=1
x-content-type-options: nosniff
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Sun, 17 Jul 2022 06:23:25 GMT
x-nyt-edge-cache: MISS-MISS
x-nyt-route: vi-interactive
x-origin-time: 2022-07-17 06:23:25 UTC
x-pagetype: vi-interactive-nyt5
x-scoop-last-modified: 2019-03-21T17:25:28.505Z
x-served-by: cache-lga21940-LGA, cache-fra19124-FRA
x-timer: S1658039005.311667,VS0,VE216
x-xss-protection: 1; mode=block

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 7ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 23870119
x-guploader-uploadid: ADPycdsE-CaQEzBGz1w0IiKXNYq4w0QMTVURjDXuhbSHJqxrRtu0z4QxRukgZfN-rYYhfPRiwLZOJQaRALIygOJniZU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Thu, 13 Oct 2022 23:48:06 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1658039005.317747,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982884098
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 28549

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame B07B 393 B
1 KB 28ms
7ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

c9ddd01050c3162ee6185b78d3ee887bba48f34dee1d0107aecc2e9bcb5ac47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543
cache-control: public, max-age=600
content-encoding: gzip
content-length: 276
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Sun, 17 Jul 2022 06:23:25 GMT
etag: W/"189-R9SdldbtU+zRNBVgn0TtWfu8TTE"
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 11
x-cloud-trace-context: 2f6875ae4d48f1cb91fc335714149214
x-content-type-options: nosniff
x-datadog-parent-id: 1144475566472815988
x-datadog-sampled: 1
x-datadog-sampling-priority: 1
x-datadog-trace-id: 8424821398118027816
x-envoy-upstream-service-time: 5
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-fra19124-FRA

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 10ms
9ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7562088
x-guploader-uploadid: ADPycdspT8rIN4vkjGzaGOB5bwEqcGSSBW8RL763kc7zsPM6G7kuF77gAwS-3Ov1nE0VpoWcreDk85YgMgBIjnAknK7nkNmJ7HIG
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1658039005.353102,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180541296
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 59094

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-b5b175bf8e931cdcff8f.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
15 KB 12ms
12ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-b5b175bf8e931cdcff8f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

275723b408a17e08587ecb96fa5b6f8f4b756324c7bbfe9a25ce6346f25abe27

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 140476
x-guploader-uploadid: ADPycdtX7UTpWafM_HLuC_2tuPRGOlaXeCkYLqOjIHwzV7IlMqmnAAEovx_sl0dmEl7RVIZZQ1LfPU3UEXMBe9VDDbb2m585G6dz
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-15 15:22:27 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.487607,VS0,VE1
etag: "bfd1a83975dda6e5ed0459af357ef88c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-b5b175bf8e931cdcff8f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3603
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13843
last-modified: Fri, 15 Jul 2022 15:10:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=26ks2A==, md5=v9GoOXXdpuXtBFmvNX74jA==
x-goog-generation: 1657897840453292
expires: Sat, 15 Jul 2023 15:22:08 GMT
x-gdpr: 1
x-goog-stored-content-length: 44203
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 14ms
13ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 3769356
x-guploader-uploadid: ADPycduYP-ZEbnhok842CZobXl2S7g5AvWoPWGOAkwpDTtWykuiYZXz1KgwlLppxirswxLTOGJ5yaxt_yDdBKDq99oRxfvqgCl6c
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-03 15:20:49 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.488008,VS0,VE1
etag: "31ae068f9753c44599fc91cfeeeead54"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 29340
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13353
last-modified: Fri, 03 Jun 2022 15:14:32 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=sxH6MA==, md5=Ma4Gj5dTxEWZ/JHP7u6tVA==
x-goog-generation: 1654269272247723
expires: Sat, 03 Jun 2023 15:20:48 GMT
x-gdpr: 1
x-goog-stored-content-length: 68978
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
5 KB 13ms
13ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2719813
x-guploader-uploadid: ADPycdsxdhqzJpq6_tlpbzhzwcKDOshbx-llb5-w19jt6Xzn2J8ghkG9OIdiH62a0gapGultE4sfoXaaLgFREiG6OL_KsQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-15 18:53:11 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039005.487964,VS0,VE1
etag: "e10a051414b80d3f4e5fcadfc8657375"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 29987
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5017
last-modified: Wed, 15 Jun 2022 18:51:16 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=PVfhtw==, md5=4QoFFBS4DT9OX8rfyGVzdQ==
x-goog-generation: 1655319075953589
expires: Thu, 15 Jun 2023 18:53:11 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 114ms
114ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 108ms
108ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 108ms
108ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 210 KB
43 KB 142ms
22ms Script
text/javascript 99.84.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.146.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-146-5.txl52.r.cloudfront.net

Software

Apache /

Resource Hash

ead13dc529694351614652c16fe0acb89a6506b13755fe087d9b01144c00e863

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "34661-5e3b088c312fe-gzip"
age: 241
x-cache: Hit from cloudfront
content-length: 43746
access-control-allow-origin: *
last-modified: Wed, 13 Jul 2022 14:23:51 GMT
server: Apache
date: Sun, 17 Jul 2022 06:19:25 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront), 1.1 117b54f007fbf40fc2a4bbbd8e88fc20.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2, TXL52-C1
accept-ranges: bytes
x-amz-cf-id: PTtWt0MyfXdmK86X-A34VGajBqQG2aOK7NomLpJTlw_zmUeTEjX7BQ==
expires: Sun, 17 Jul 2022 07:19:24 GMT

GET
H2 404 index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame B07B 0
0 11ms
10ms Script
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 2
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 23
content-length: 308
x-served-by: cache-fra19124-FRA
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: text/html; charset=UTF-8
x-cloud-trace-context: 59990c936c0d1082163b6f1dd55b4a53
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame B07B 431 KB
143 KB 8ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=d112e1a

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 270
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 146164
x-served-by: cache-fra19124-FRA
expires: Sat, 16 Jul 2022 22:58:09 GMT
server: envoy
etag: "Op9ysw"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 7101d5e2728cd21200d120381df0c96f
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 6

GET
H2 200 pubads_impl_2022071101.js Show response
securepubads.g.doubleclick.net/gpt/ 375 KB
128 KB 15ms
12ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 23:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131021
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 08:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 16 Jul 2023 23:42:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
375 B 52ms
22ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
expires: Sun, 17 Jul 2022 06:23:25 GMT

GET
H2 200 zam5nzz.css
typeface.nyt.com/css/ Frame A3A1 5 KB
986 B 37ms
8ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/css/zam5nzz.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 832a2f64ff7e0d83a0db5db389999d738ae413d99787aa211189c6defe4a243f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=GA/zEg==, md5=aXwh+4+psKpm0UdN+lBnmg==
date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 2273266
x-guploader-uploadid: ADPycduz9t9uI4USA0qRaoZ9mqfvwgTbCnKZavHLWZEpuOoplNxfom6VBH3JiX7YZn1TJxwJPQVcj_WT2OcVenhHTy4p4g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 400
via: 1.1 varnish
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Tue, 20 Jun 2023 22:55:39 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1658039006.617797,VS0,VE1
etag: "697c21fb8fa9b0aa66d1474dfa50679a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717000348
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 400
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 styles.css
www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/css/ Frame A3A1 503 KB
86 KB 10ms
10ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/css/styles.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b580db4c1ef2bc5e677aef306f5cf50156a3a286239ddbc4b07fb4c5cccca0a2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2187789
x-guploader-uploadid: ADPycdv6hrmsn-bwy_S8sV24xd6sMPfUi2vAk7hI8nSMJa92EW2wOnrjYw_47tAGlh5vDgUO1-FjvICW_SVixCde0rVTfw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-21 23:27:49 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039006.589927,VS0,VE1
etag: "cdeb67218f97490e65604aa11f6a7deb"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nyt5/20190823-143533-mbipe/css/styles.css
content-language: en
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 15
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 86907
last-modified: Fri, 23 Aug 2019 14:35:39 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=i/5WYQ==, md5=zetnIY+XSQ5lYEqhH2p96w==
x-goog-generation: 1566570939115170
expires: Wed, 21 Jun 2023 22:40:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 515219
accept-ranges: bytes
content-type: text/css

GET
H2 200 framework.js Show response
www.nytimes.com/vi-assets/static-assets/nyt5/decom-userinfo/js/ Frame A3A1 63 KB
20 KB 9ms
9ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/decom-userinfo/js/framework.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5752b74c9b7a6df07993aa482826fce9bcce5863c37e5952b5b0f9775946ad21

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 5208284
x-guploader-uploadid: ADPycdtzbBW9bW8-BiwcAZr-VnOtBQJv5jRZmFf3BZcGtxZ8_iDO_gf5JLHsI1Cya8kNtO3pA9jMrPoNlOLUBxI3HWviu7Od97e4
x-goog-stored-content-encoding: identity
x-origin-time: 2022-05-17 23:38:42 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039006.590206,VS0,VE1
etag: "aad3e38441d8f67984cffd00de401138"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nyt5/decom-userinfo/js/framework.js
content-type: text/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 15
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 19669
last-modified: Tue, 20 Oct 2020 15:23:59 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=DMsUBw==, md5=qtPjhEHY9nmEz/0A3kAROA==
x-goog-generation: 1603207439124477
expires: Wed, 17 May 2023 23:38:41 GMT
x-gdpr: 1
x-goog-stored-content-length: 64086
accept-ranges: bytes

GET
H2 200 build.css
static01.nyt.com/newsgraphics/2014/bulleted-box/assets/ Frame A3A1 2 KB
1 KB 8ms
8ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2014/bulleted-box/assets/build.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b91a9e0c8350e7e0935acce873139e0ffbe6e123d8522c2b76089f4f8f64ab92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
content-type: text/css
age: 157863
x-amz-meta-goog-reserved-file-mtime: 1410810374
x-guploader-uploadid: ADPycdspoR28JlJifREAq1Ah_CPCb_07Hueud0nhxz_S-4Uu3lnvi2TPGSzoU64d-ba2HWsk_DMRLyCOYwMU2QJPwJX5xFDcovx0
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 516
x-served-by: cache-iad-kjyo7100167-IAD, cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Mon, 23 Oct 2017 22:25:12 GMT
server: UploadServer
x-timer: S1658039006.590174,VS0,VE1
etag: "75e8f8b08f3f4a7304455d9b7cb9aad0"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=XFsXQQ==, md5=dej4sI8/SnMERV2bfLmq0A==
content-language: en
via: 1.1 varnish, 1.1 varnish
x-goog-generation: 1508797512335383
expires: Fri, 01 Jul 2022 10:30:59 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 1656
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 vendors~headerfullbleedhorizontal-de335b3f8a4779b66ef5.js Show response
www.nytimes.com/vi-assets/static-assets/ 16 KB
5 KB 8ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~headerfullbleedhorizontal-de335b3f8a4779b66ef5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c99c089b9b370c38539abe945ea2b2f3d8b4c3761022f8d738a2928d6fbdbded

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 296782
x-guploader-uploadid: ADPycdu_u9-MPYRbZabofV7kpJJPDw8_sYzi9uQ0K_FkfIMa5lQPeHl_8Ky3M-CO-tLwEA7eUiNqpI7IpCzxLbAVhyIOjQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-13 19:57:04 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039006.784687,VS0,VE1
etag: "1cf1b9f46948767afddc7f57ba019bd6"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~headerfullbleedhorizontal-de335b3f8a4779b66ef5.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1891
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 3874
last-modified: Wed, 13 Jul 2022 19:52:08 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=FXTT6w==, md5=HPG59GlIdnr93H9XugGb1g==
x-goog-generation: 1657741928493094
expires: Thu, 13 Jul 2023 19:57:04 GMT
x-gdpr: 1
x-goog-stored-content-length: 16613
accept-ranges: bytes

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A3A1 82 KB
28 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f3e0ebd2e286f5c8a1a31596caf7fe9d5d42db6204a047694c82a4f09162428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28575
x-xss-protection: 0
server: sffe
etag: "1275 / 639 of 1000 / last-modified: 1657923709"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Jul 2022 06:23:25 GMT

GET
H2 200 zam5nzz.js Show response
typeface.nyt.com/ Frame A3A1 506 B
759 B 12ms
12ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/zam5nzz.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/decom-userinfo/js/framework.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e5c84cddb3c2f45a67e1854845b794d3f073fe24a83b3fdbc603a55c63f31b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=qyavyA==, md5=RF/z/lzkARNMX924CAHa6A==
date: Sun, 17 Jul 2022 06:23:25 GMT
content-encoding: gzip
content-type: application/javascript
age: 14103772
x-guploader-uploadid: ADPycds4Z-WrwyZE3KLJOvPw8owUHwKbwpQ0HHv3qumUxON7_6pBYqqi-PHtf37y8FlQOrudMAM7_9BliEuJ2WrHHK4S0sF2Yg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 290
via: 1.1 varnish
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Sat, 04 Feb 2023 00:40:34 GMT
last-modified: Mon, 16 Nov 2020 14:58:38 GMT
server: UploadServer
x-timer: S1658039006.861003,VS0,VE1
etag: "445ff3fe5ce401134c5fddb80801dae8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538718180648
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 506
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ Frame A3A1 30 KB
31 KB 7ms
7ms Font
font/woff 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by: Host: typeface.nyt.com
URL: https://typeface.nyt.com/css/zam5nzz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531

Request headers

Referer: https://typeface.nyt.com/css/zam5nzz.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: font/woff
age: 2181083
x-guploader-uploadid: ADPycduy24618eMwjLUAz5bqorHl2FA4nUWFTCYuea9JyCBN-EG7MYAfJ7FvJ2Nbh89sdJTr5DDUGQ0rjLDbpPQMH-dZrQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 31172
x-served-by: cache-fra19180-FRA
accept-ranges: bytes
expires: Thu, 22 Jun 2023 00:32:02 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1658039006.866651,VS0,VE0
etag: "5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717087378
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 31172
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 28

GET
H2 200 nyt-cheltenham-700-normal.woff
typeface.nyt.com/fonts/ Frame A3A1 34 KB
34 KB 7ms
7ms Font
font/woff 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-700-normal.woff
Requested by: Host: typeface.nyt.com
URL: https://typeface.nyt.com/css/zam5nzz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d2d6bccf906931343f10ef1b006b2e407b96e814ddfc50162ce420838de2e37f

Request headers

Referer: https://typeface.nyt.com/css/zam5nzz.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=5CnDsQ==, md5=ZvhevwfInxQezZMrarPPrA==
date: Sun, 17 Jul 2022 06:23:25 GMT
via: 1.1 varnish
content-type: font/woff
age: 1312689
x-guploader-uploadid: ADPycdsQ4W9uE315uKF2khuya77rl-RHmKVqhr_nGbUIuNxCVmVWLjnZriQS2qp7qLvoEVog4z9ab1n7Myr5kJs303zGaQPpEgmQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 34520
x-served-by: cache-fra19180-FRA
accept-ranges: bytes
expires: Sun, 02 Jul 2023 01:45:16 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1658039006.882358,VS0,VE0
etag: "66f85ebf07c89f141ecd932b6ab3cfac"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717093560
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 34520
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 20

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Sun, 17 Jul 2022 06:23:25 GMT
samizdat-x-canary: false
samizdat-x-instance: a0067b4c
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 658d84c0feb21aff-365db3fa27f41440-1
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: 658d84c0feb21aff-365db3fa27f41440-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: 83e21d0dae9c5d0c
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19180-FRA
x-timer: S1658039006.905530,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Sun, 17 Jul 2022 06:23:25 GMT
samizdat-x-canary: false
samizdat-x-instance: a0067b4c
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 658d84c0feb21aff-365db3fa27f41440-1
x-cache: HIT
x-cache-hits: 2
x-datadog-trace-id: 658d84c0feb21aff-365db3fa27f41440-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: 8ad6945f56f3e774
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19180-FRA
x-timer: S1658039006.943604,VS0,VE0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
8ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Sun, 17 Jul 2022 06:23:25 GMT
samizdat-x-canary: false
samizdat-x-instance: a0067b4c
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 658d84c0feb21aff-365db3fa27f41440-1
x-cache: HIT
x-cache-hits: 3
x-datadog-trace-id: 658d84c0feb21aff-365db3fa27f41440-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: aab9752f98e2e714
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19180-FRA
x-timer: S1658039006.979048,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
852 B 123ms
122ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: AM
x-b3-traceid: 64e9e178869f8762-6a8908b1c30c5091-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: a0067b4c
x-samizdat-query-field-errors: 0
x-envoy-upstream-service-time: 17
x-cache-hits: 0
x-samizdat-query-exe-id: 053816f172dd8363
samizdat-x-canary: false
x-nyt-continent: EU
server: envoy
x-timer: S1658039006.917929,VS0,VE111
x-nyt-region: BY
x-served-by: cache-fra19124-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 64e9e178869f8762-6a8908b1c30c5091-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 649 B
1 KB 333ms
206ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage&referer=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage&pageviewID=K5XQhuWdmS9DU5ifOy2lmbGX
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: ad1d65ba60cc2fd0f6f749039114e4a8eb77771e8479e7a4b68f038ce68ceaa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
253 B 117ms
117ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: AM
x-b3-traceid: 323a78820f07a1a-3bbaa27264de7b10-1
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 333445aff0cb59a7
samizdat-x-canary: false
x-nyt-country: DE
x-timer: S1658039006.951295,VS0,VE110
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Jul 2022 06:23:26 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 145dbaec
x-envoy-upstream-service-time: 19
content-length: 77
server: envoy
x-served-by: cache-fra19124-FRA
access-control-allow-credentials: true
x-datadog-trace-id: 323a78820f07a1a-3bbaa27264de7b10-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 41 KB
7 KB 460ms
460ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 27f55f580623f8f4c88e5a22391d0ddb3d9fe05e3ef362f3b861da2c23fd4643

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: AM
x-b3-traceid: 2162a2144ff1adf-50b05fc569c51bc0-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 9adc0464
x-samizdat-query-field-errors: 0
x-envoy-upstream-service-time: 69
x-cache-hits: 0
x-samizdat-query-exe-id: ac11434e54f9872c
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sun, 17 Jul 2022 06:23:26 GMT
server: envoy
x-timer: S1658039006.987209,VS0,VE449
x-nyt-region: BY
x-served-by: cache-fra19124-FRA
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 2162a2144ff1adf-50b05fc569c51bc0-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-2b400f7fd910fd25efcb.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 8ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-2b400f7fd910fd25efcb.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7fced283905ba08a854f7176a4c57a89d9359c58c5cda63b062218f87a9f0537

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 919783
x-guploader-uploadid: ADPycdudYReB3AiNRQUKIMAxYsx8dWyvHKpZHASyS0sla2emO28DaHeJVjPZ0IYQiPXjy2XeN19t7CILpUoNQiR62-W3kbZv37nx
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 14:53:43 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039006.992840,VS0,VE1
etag: "252169e5e3bd67dd3159e720fea39f4f"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-2b400f7fd910fd25efcb.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 21359
date: Sun, 17 Jul 2022 06:23:25 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15168
last-modified: Wed, 06 Jul 2022 14:32:20 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=bqNNnQ==, md5=JSFp5eO9Z90xWecg/qOfTw==
x-goog-generation: 1657045303244299
expires: Thu, 06 Jul 2023 14:53:43 GMT
x-gdpr: 1
x-goog-stored-content-length: 51638
accept-ranges: bytes

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 399ms
131ms XHR
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage&caller_id=nyt-vi&jkcb=1658039006011&referrer=&sourceApp=nyt-vi
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: envoy /
Resource Hash: fd9593899f5fd12164c1d22267ac4e84850619a5142a9cd3ff1eee6da20742e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: d0d608345e7ae045e2c089db30b9184e
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 32
access-control-allow-headers: Content-Type, x-requested-by
expires: Sun, 17 Jul 2022 06:23:26 GMT

GET
H2 200 requestHandler Show response
www.nytimes.com/svc/community/V3/ 3 KB
3 KB 130ms
130ms Script
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html&cmd=GetCommentSummary&method=get&callback=jsonp_1658039006013_80362

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b36e3ce140f37f5aad30146f85bb9c9f61cc9c440fc6c546336015545a3123cc

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 0
x-cache: MISS
x-origin-time: 2022-07-17 06:23:26 UTC
x-served-by: cache-fra19124-FRA
server: nginx
x-timer: S1658039006.018732,VS0,VE122
strict-transport-security: max-age=63072000; preload; includeSubdomains
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/svc/community/V3/requestHandler?callback=<esi:include%20src="/esi/jsonp-callback"/>&cmd=GetCommentSummary&method=get&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html
content-type: application/json
x-gdpr: 1
access-control-allow-credentials: true
x-nyt-route: community-svc-cacheable
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-nyt-edge-cache: MISS
x-nyt-app-webview: 0
x-cache-hits: 0

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 194ms
121ms Fetch
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 60a56a9f296ee40575f4c254ad71486e
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Sun, 17 Jul 2022 06:23:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 80ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 690 B
442 B 51ms
51ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2076184179636828&correlator=833858229355645&eid=31064682%2C44752586&output=ldjh&gdfp_req=1&vrg=2022071101&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=1&adks=3176986310&didk=2459026112&sfv=1-0-38&ecs=20220717&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D870&cust_params=als_test_clientside%3Dweb_none_none_20220717062325%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1658039004866%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dqahtanisaudal%26org%3Dnsogroup%252Cdarkmatterllc%26geo%3Disrael%252Cunitedarabemirates%252Cmexico%252Csaudiarabia%26des%3Dcyberwarfareanddefense%252Csurveillanceofcitizensbygovern%252Cgovernmentcontractsandprocurem%252Ccomputersecurity%252Cclassifiedinformationandstates%252Cespionageandintelligenceservic%26auth%3Dmarkmazzetti%252Cadamgoldman%252Cronenbergman%252Cnicoleperlroth%26coll%3Dusnews%252Cuspolitics%252Catwar%26artlen%3Dxlong%26ledemedsz%3Dfullbleed%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000006412819%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt11%252Cpt13%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_mastercard%252Cneg_ibm%252Cneg_google%252Cneg_capitalone%252Cneg_ms_safe%252Cneg_mtb%252Cneg_hearts%252Cneg_chanel%252Cneg_orep%252Cneg_bp%252Cneg_bofa%252Cneg_gg1%252Cneg_sabic%252Cgs_tech%252Cneg_cathay%252Cggl_wrk_collab%252Cneg_mktg_safe_q4_2019%252Cgs_tech_computing%252Cgv_crime%252Cgs_politics%252Cgs_politics_misc%252Cgs_tech_phones%252Cgs_law_misc%252Cgs_law%252Cgs_science_misc%252Cgs_t%26mt%3DMT10%252CMT3%252CMT8%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DK5XQhuWdmS9DU5ifOy2lmbGX%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DBUrp2ch4wCjSijxbpCz1vD%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1658039006363&lmt=1658039004&dlt=1658039005145&idt=696&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage&frm=20&vis=1&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=137567910.1658039006&ga_sid=1658039006&ga_hid=1954076368&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

642a2b62b6b8f3aa44c4a1119fe827390c035a8f7cef6fffcd67c8c1370ac440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63F7 6 KB
4 KB 86ms
21ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 06:23:26 GMT
expires: Mon, 17 Jul 2023 06:23:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.js
www.nytimes.com/vi-assets/static-assets/nyt5/decom-userinfo/js/foundation/ Frame A3A1 202 KB
0 21ms
21ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/decom-userinfo/js/foundation/main.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/decom-userinfo/js/framework.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/interactive/2022/uri/embeddedinteractive/d010de44-3b87-5dcb-899f-8a09b38d3924?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 3309179
x-guploader-uploadid: ADPycdvj33jEBO8lkBRya39Ga_9WsHtg2V-uO8dp6nQYNrfYjs5zKz-c9O23NoHfkHJQV8FwnDOozbS1qVBJd_kIgmum5w
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-08 23:10:27 UTC
x-served-by: cache-fra19124-FRA
x-timer: S1658039006.420871,VS0,VE1
etag: "e7389cd5dc36571d4fb0309ab0bc2ba6"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nyt5/decom-userinfo/js/foundation/main.js
content-type: text/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 14
date: Sun, 17 Jul 2022 06:23:26 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 67487
last-modified: Tue, 20 Oct 2020 15:24:00 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=brHeyw==, md5=5zic1dw2Vx1PsDCasLwrpg==
x-goog-generation: 1603207440535416
expires: Thu, 08 Jun 2023 23:10:27 GMT
x-gdpr: 1
x-goog-stored-content-length: 206439
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 121ms
121ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
dd.nytimes.com/js/ 232 B
565 B 81ms
36ms XHR
application/json 99.84.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.146.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-146-5.txl52.r.cloudfront.net
Software: DataDome /
Resource Hash: 4574dced7b50919e2088ce59f8be87edf641fe99194bfe31304656ef1a2aa5c5

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:26 GMT
via: 1.1 f66aaf2d9f6a8e65595a1e24d5f18bcc.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
x-amz-cf-id: ZtW86qstRdW05JS1F3VVS4_wQagK0sqZZdVq604oZnezGiQHGp2Rvw==
expires: 0

GET
H3 200 pubads_impl_2022071401.js
securepubads.g.doubleclick.net/gpt/ Frame A3A1 195 KB
0 13ms
13ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 18:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131659
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jul 2023 18:37:04 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 55 KB
13 KB 397ms
377ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?action=click&module=Top%20Stories&pgtype=Homepage&plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 5243b03abc7e7c0208c67cd2a6bc700c28736f181b30a218c9494d2655daf097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-envoy-upstream-service-time: 269
x-served-by: cache-fra19124-FRA
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1658039007.551233,VS0,VE370
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-user-status, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: b250b553f65c94efc840e47ea0dac70f
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
13ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5238
date: Sun, 17 Jul 2022 04:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 17 Jul 2022 06:56:08 GMT

GET
H3

200

activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus... Show response
5290727.fls.doubleclick.net/ Frame 1F36
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fw...

704 B
455 B

91ms
33ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

0ce5692195c70b48f941c1bd0a0caaa1c40f9e51a693c304d5a5755b51f5dc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 430
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 06:23:26 GMT
expires: Sun, 17 Jul 2022 06:23:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 06:23:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 55ms
8ms Script
application/x-javascript 2600:9000:2491:d800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:d800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 05:48:04 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:40:38 GMT
server: nginx
age: 2122
etag: W/"62b51616-9200"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: d6iilPVqfX1tG6n4GrlAPJgeHiXjTsaYW9kkG0JOASD6niEvi-VRWg==
expires: Sun, 17 Jul 2022 07:48:04 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
673 B 38ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
content-type: application/javascript
age: 37699
x-guploader-uploadid: ADPycdsGlzOhH_m2LyphPMn6GJaIpiYRji7U66VvBudBoCNwLMK8o0SJFwvVLj2-r0SepiIrpfCun_snBgs3hdsCppTP5nSClg
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-fra19124-FRA
accept-ranges: bytes
expires: Fri, 01 Oct 2021 00:34:40 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1658039007.610788,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 731

POST
H2 200 track
a.et.nytimes.com/ 0
0 120ms
119ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 40ms
15ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8f653cafd04ab5db661928b4c87574e6ef6b02dc3d43217532bbd681269076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Jul 2022 05:38:37 GMT
server: cloudflare
age: 2689
cf-polished: origSize=4800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZAEDBE%2FRvPjs%2B94gCG3SMJyEz4sgbiirIrpNE47qBj9mzoLRp8vYpeuXIBrhY8wtUsjfIiu3Y%2FBKMJJX2zwCB%2BAqtVS7YIsI9s98CaB04enixFY7NwOnTKCFpvbXvhQO0jhJV2iAisK4TFQM6VnrI2c"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72c0e38f4808bbb5-FRA
cf-bgj: minify

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 99ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=635174628
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 track
a.et.nytimes.com/ 0
0 110ms
110ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 46 KB
14 KB 15ms
14ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b2fe169da01c822cb71dc7e5171b8b837e9601219777dd71716ecf5208466d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Jul 2022 05:38:35 GMT
server: cloudflare
age: 2691
cf-polished: origSize=47244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s22LcGBnxtssEPDaLdISNyUMXT%2FYE5UIMf4rAQd36S1upTVZK2KLs6iVAP2Mm7uWaqqmeJe4AcLTDIdzUBLW9jklGz%2BXMQVLihvqShveHa3LC5t4AIlgDWXre7IADzjCGGrsVgxM6cm1JsPNrv1qWIYw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72c0e38f682abbb5-FRA
cf-bgj: minify

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 54ms
24ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1954076368&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html&dr=&ul=en-us&de=UTF-8&dt=A%20New%20Age%20of%20Warfare%3A%20How%20Internet%20Mercenaries%20Do%20Battle%20for%20Authoritarian%20Governments%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1711127817&gjid=1950322345&cid=137567910.1658039006&tid=UA-58630905-2&_gid=1105696814.1658039007&_r=1&gtm=2wg7d0P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage&cd3=%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000006412819&cd18=Mark%20Mazzetti%2CAdam%20Goldman%2CRonen%20Bergman%2CNicole%20Perlroth&cd19=A%20New%20Age%20of%20Warfare%3A%20How%20Internet%20Mercenaries%20Do%20Battle%20for%20Authoritarian%20Governments&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2019&cd27=2019-03-21-13&cd28=Thursday&cd29=13&cd30=1636388099937&cd32=U.S.%20News%2CU.S.%20Politics%2CAt%20War&cd33=SECTION%2CSECTION%2CSPOTLIGHT&cd34=NEWS&cd36=21dc-hackers&cd37=3202&cd38=Washington&cd42=nyt-vi&cd43=Cyberwarfare%20and%20Defense%2CSurveillance%20of%20Citizens%20by%20Government%2CGovernment%20Contracts%20and%20Procurement%2CComputer%20Security%2CClassified%20Information%20and%20State%20Secrets%2CEspionage%20and%20Intelligence%20Services&cd44=NSO%20Group%2CDark%20Matter%20LLC&cd45=Qahtani%2C%20Saud%20al-&cd46=Israel%2CUnited%20Arab%20Emirates%2CMexico%2CSaudi%20Arabia&cd48=March&cd49=heave_over_1600&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=BUrp2ch4wCjSijxbpCz1vD&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=BUrp2ch4wCjSijxbpCz1vD&z=638836036

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 315ms
97ms Image
image/gif 52.0.64.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html&u=DCEJ20Cg-H-ZCCHfKg&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Mark%20Mazzetti%2CAdam%20Goldman%2CRonen%20Bergman%2CNicole%20Perlroth&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2044&t=C4VaEC4QVZbCo6Expf9zlDBBeDCc&V=135&i=A%20New%20Age%20of%20Warfare%3A%20How%20Internet%20Mercenaries%20Do%20Battle%20for%20Authoritarian%20Governments&tz=0&_acct=anon&sn=1&sv=BKs37gSfM0NCDXs-k0g1C5DBI6wf&sd=1&im=06679ef3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.64.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-64-204.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:26 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hack...
adservice.google.com/ddm/fls/z/ Frame 1F36 42 B
63 B 86ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNCBkNCk__gCFUhGHQkdr3wJvg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9203977844384;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/ 101 KB
14 KB 28ms
7ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 633bf0deb9ed1763fb4c6f585c190b39d822ae7fa1746bbb43b1441b25ab4080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 299984
x-cache: HIT
x-envoy-upstream-service-time: 4
content-length: 14261
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 16:49:50 GMT
server: envoy
x-timer: S1658039007.962838,VS0,VE1
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1970

GET
H2 200 untitled5
mwcm.nyt.com/dam/LP/payment-methods/ 2 KB
1 KB 28ms
8ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled5
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 445140
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 1081
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:54:11 GMT
server: envoy
x-timer: S1658039007.963333,VS0,VE0
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 38

GET
H2 200 untitled2
mwcm.nyt.com/dam/LP/payment-methods/ 6 KB
3 KB 29ms
9ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 442561
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 2844
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:54:11 GMT
server: envoy
x-timer: S1658039007.963417,VS0,VE0
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 39

GET
H2 200 untitled4
mwcm.nyt.com/dam/LP/payment-methods/ 790 B
531 B 29ms
9ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled4
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 454405
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 383
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:54:12 GMT
server: envoy
x-timer: S1658039007.963472,VS0,VE0
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 38

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 135 KB
40 KB 26ms
10ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 0b819165d0aebefee404eec582bc9aaa41ebee06e655f21c2ac31d40291aa4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 299984
x-cache: HIT
x-envoy-upstream-service-time: 8
content-length: 40659
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 16:49:50 GMT
server: envoy
x-timer: S1658039007.963402,VS0,VE0
x-origin-server: mwcm-pub-est09.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3905

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/ 19 KB
5 KB 24ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ee08719e50d9c7e83829.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: cbe98f9cdafd815da89483144bb0833102e42e687f6ec6965f4b0cd077abcb41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:26 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 299984
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 4664
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 16:49:50 GMT
server: envoy
x-timer: S1658039007.963370,VS0,VE0
x-origin-server: mwcm-pub-est08.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1968

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
109ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
108ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sun, 17 Jul 2022 06:23:27 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 10479409
x-guploader-uploadid: ADPycdsXeoKh0SndThJmQ_TcO-7zR2jmF9RgrBR4oUSkvRqF5W7scU152QiMipnp7j5UYTUMJwetZfRdxouLcBPgWbSZN6TVVA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:26:38 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1658039007.016818,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 35035

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
8ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sun, 17 Jul 2022 06:23:27 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 20844690
x-guploader-uploadid: ADPycduDT18OMzqKfKbRt_NpAMCLo5M-PjyqVQMFsoWTgUubwJIsgNLotq6OOpNtP05FClIq1WeovfORsNEtvsv7jfKCDIbLRg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:11:57 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1658039007.016928,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2176

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sun, 17 Jul 2022 06:23:27 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2185344
x-guploader-uploadid: ADPycdupVAknaLAbZyLXtoF3zZHu6ewRVhws0-s0nXBPPnp5o7FJIFFmxtoVc8z92GcT8flqPn_-tfL0Hz9XeZzq4L179A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:21:02 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1658039007.018719,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2178

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 7ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Sun, 17 Jul 2022 06:23:27 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 28416044
x-guploader-uploadid: ADPycdsymaZ_hVarZRSMz9oRK8fzyiLWiVS0bijlw2WBVKbJ2Fv_EVC8acP2DFTQMKE85im75spxQ0P0zydZPaEXg2ZWybq_7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Mon, 22 Aug 2022 09:02:48 GMT
last-modified: Wed, 21 Jul 2021 17:23:54 GMT
server: UploadServer
x-timer: S1658039007.018703,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888234420447
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 45942

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 928 B
944 B 132ms
131ms XHR
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 6ffca2510b07d710874316ba5aa83a5802357de7c333e258de0d0eb618670cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:27 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 520db04cb7129613c1291b3dfa1a9b00
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 33
access-control-allow-headers: Content-Type, x-requested-by
expires: Sun, 17 Jul 2022 06:23:27 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 109ms
108ms Fetch
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 92ms
29ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c6850df895aa83fa917a1be75163e62f5cf7f6e2dda497a2098360da21fc0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Jul 2022 06:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10815
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus... Show response
5290727.fls.doubleclick.net/ Frame 1942
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fw...

704 B
452 B

33ms
33ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

bf71339e65a42ca062049afcb3b0476e041a5a0d2b97eb2fc639f988c047726f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 429
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 06:23:27 GMT
expires: Sun, 17 Jul 2022 06:23:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 06:23:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Ping
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 117ms
116ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 42ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8c4634f29aa4466b11f6fb6d2d743b061eb45242aaa6f48b561de98eed66be

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ME4YDTR4TNDSVPVS
x-amz-id-2: artKgk54bCudxi4jOhBhatpFAr8iVAPbzPvtcDRoOuESNtfeKZAyqqyq5WVrJwVY52DfBwC1srQ=
last-modified: Thu, 07 Jul 2022 16:23:37 GMT
server: cloudflare
etag: W/"1087981ce27a90f52726efc721b00b15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcYrO3byS4NH%2BoKKMii4vxQgPBNosBUSVb14antMMF4TglmrC2V79o2CjTLWZi2ha%2BAkeHR9hdw4npgUg2%2BrbEuCZNSq9AzHAbBIibEyPj8DpOfyumjf%2BNGNR2FeYwYP0D8srseP2DgYm0ska0m7w5KnoIvT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 72c0e3928ca2bb97-FRA

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 7ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Sun, 17 Jul 2022 06:23:27 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 20847559
x-guploader-uploadid: ADPycdujO_lEKeKnl2kv2kfTdn-yFlbu_HRTBBnw3dPqmkA8asN5-R_Yx_Hnv6mzAXfXWOpkCfRb_9CsWoSF5H_YQH4ZPLv3Sw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Thu, 17 Nov 2022 23:24:07 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658039007.104896,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 50723

GET
H3 200 match-prod-93b3191957dacdb70255.js Show response
platform.iteratehq.com/ 82 KB
29 KB 32ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-93b3191957dacdb70255.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d71130ffe6dd5f689aa6697f6d843c9a3e72f2ab79506b14fef4a01e623c727

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 827897
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RRFE21284RWQCXHC
x-amz-id-2: KEXWqo0BsFmTUpjveN8C+lkhiYY+2qpebQYBLQh0Bz8wxmj2Nswg7U7Etuw7iaKQBtbLuOOuOt4=
last-modified: Thu, 07 Jul 2022 16:23:32 GMT
server: cloudflare
etag: W/"c1f7ebfa6e71da9bab074b51e2a598c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5xujM42z8fUs4Y4z0oXYRenKtRbzRTI%2FapjmzLHeXyHDUZzYs7J%2F9QR%2BByYdKMkLxfR937qqng%2Bc8T9rTt4OfSsJrqz6FlCRbmjwUlyEuM61fx%2BEby582Vqf0NVWHtVJEsrWoBQGzMA%2FXaNjxivQOrFbWcB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 72c0e392bd1690b5-FRA

GET
H3 200 dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hack...
adservice.google.com/ddm/fls/z/ Frame 1942 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNywqtCk__gCFYdFHQkdrusM3w;src=5290727;type=remar0;cat=gatew0;ord=1;num=1309916881522;gtm=2wg7d0;auiddc=570671683.1658039007;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F21%2Fus%2Fpolitics%2Fgovernment-hackers-nso-darkmatter.html%3Faction%3Dclick%26module%3DTop%2520Stories%26pgtype%3DHomepage?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 06:23:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Jul 2022 06:23:27 GMT

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 7ms
7ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Sun, 17 Jul 2022 06:23:27 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 10474271
x-guploader-uploadid: ADPycds58qZNM4wO6zEUOdFY1OFY8wCVPYBNlzDei9iLQHGRhrJBQrqhr5fn1GB1OJ3LkHa4rMJY2HKMY2sSfncbR9QzZ7z_IA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-fra19163-FRA
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:52:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658039007.169419,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982612741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 47571

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 131ms
118ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-93b3191957dacdb70255.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafbeca38aa3c03d33e3dc29494c4eb3d38bd7e5b4d552ee61359a9e738ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Sun, 17 Jul 2022 06:23:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIZCnHArMJS8haLOimaxTEbBdnrE%2FMCxPR9vIPfwIWHby41ajsIkdCpEMzOo4fYhu3g2uX%2B221AXj54ww19Y55I%2B04KP%2BnDaY1eRYB%2BiMSGUFbfZ%2B6mLWLPGwRiSzDz5DxdMMZfqgHDCrgbY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 72c0e393da45bb7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 134ms
108ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72c0e39319059bfb-FRA
content-length: 0
date: Sun, 17 Jul 2022 06:23:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bGP2MDpAi6KW%2Fjcmvn3oqDF7CD4uKKf3C8l81rM8aNLbzhzJ6d5%2Bruqf4my7Uf06NJAw0vMmy5TzGdfVzkvy6iKRduzYyv5g%2BonMtEBuAjX%2BvdUenmp7D0yS9lzzQfqLu3TBeUi2xhgz5CM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 17F6 13 KB
5 KB 67ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 20:27:47 GMT
expires: Sun, 16 Jul 2023 20:27:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F933 783 B
1 KB 64ms
25ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f21b88a4ef284a91947cdbc232f7ba956c278dc98477460cd3970812afd6657

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TX3JakONLPI_ClqoRg8FSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TX3JakONLPI_ClqoRg8FSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 06:23:27 GMT
expires: Sun, 17 Jul 2022 06:23:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F933 0
0 93ms
62ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071101&jk=2076184179636828&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 17F6 36 KB
14 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:55:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 17F6 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0MpSKw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 06:23:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
67ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071101&jk=2076184179636828&bg=!i4iliMzNAAaYcLjmuHA7ACkAdvg8Wswp25Ft9e8dk3-InhN4qDV0AzEB3i0grXyB9LwtSnrEh_gqkgIAAABfUgAAAAhoAQcKAPggKWx9bXGntDu4G-SFaI8KsNoEOU9G2JpnFHYK_q9lt8ZNuK-KUrGVt7PjA3CxVHnpnbYdlJNq9JnQmb11-tPYPmkxUPWyqCIIuK1O9Db6eO4rljnO2x3CcVdVD9kLWLQj8oFtoNY37Nm7w8DHNZzjOniDasjhsU_nzRbfeUROt25Ilej1igw-c5uTFuLjbZAkDAvFsuQtuGtTmk-a3Pden8evt_4JotR2wUvaopO67kXT5IKd36_0KmP8B3ab6j-DtXLOXw0I-E1zE-Q1kQtkJ8q4YM_WLjQpyVJi-PO58kQUBPV-YicBR_rZ6ft79lEh_LNz5uV215kCob8_a1DNMZi9WyvIeQQ66Mdq0FeBaR8DRtFnPRd3z_WIxu-R8cTxUm4e3nyuw2OT6_1KTEPtWB-6XaiB7WG0bxvWvhLXVfCG-736dej9hWEEPfyEBs389Bdczf3hve62O5S95D0dpR7m00gU_GQ1Esa3EtH2g_p0WpfbErgtfFqE2r_d0qKFOQh3I9CxhkfgcNGw9xJu79cRwMc6f4kdNEAKIDV9aS3gW6QxrSMxTBo9m3K7cpYlXiWmHuBKwN8MzhsmYT4bV3v9wkctBO-w5HLzqYLMa7jtV0xr14XxbhN_MMKyYIxeKTRc8CrO4US7XmNU-GE0A7d9iqlRpZkV9AqCwYdPxXrBE1f9k4AUPa6wV6NZqRjsTdKBH6Fjxz3Tb8XRgSld7mR3xLh0wwiAVSkrXvBF0k62d9uAHnTRTD4lid8FahvDUbFP3s5gUpA3fhqcggzkaZS2HDh_3HwMqTYu2D_dKSa1R87PZF14CsfslI8xe8bPVFV9T1X_MUBKZzp0irDxdgzi-v83aiAz8DW-49dLEfZWqUya_7S8uTwgtJfZHdKkssWyblbgb5_8HUJtoVUuFsbOBxlSMfGcGASfvhe6opT-Ltsib3D0iR0hwGH-kJlkiW_CDXKhCz1rr_foeU2c64CxXcuNIvPI9lsVa0vwbu__kuuKuqWoV_A9UA4DYg6NqIe7jDNX3mHzpcyGtJVq_Ezo4uxPaBmQ-r2Yl7OdIF79D6of696bMWZLbw4SmhkvQljuAs7_1YL-_n_ob4drri9XCh5WCikRujQRKhYLNKf8TXQQe7ZIaEjxCc09zz0gZvWU47KzMaMnoDqt1tTMxTk4EBzIbpi9UW2_OwO_S4_v0dDN8JK5mlLhJu-SgLKEUHbeX68ccNZQtAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
114ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html?action=click&module=Top%20Stories&pgtype=Homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nytimes.com/2019/03/21/us/politics	1969-12-31 23:59:59	Name: sumologic.logger.session Value: 61f8992d-ad13-4883-9b03-4a6a7260e3ca
.nytimes.com/	1970-01-20 13:19:35	Name: nyt-a Value: BUrp2ch4wCjSijxbpCz1vD
.nytimes.com/	1970-01-20 04:34:20	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 13:19:35	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 04:34:20	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 04:34:20	Name: nyt-geo Value: DE
.et.nytimes.com/	1970-01-20 04:34:00	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 13:19:35	Name: sessionIndex Value: 1\|1658039005339\|BUrp2ch4wCjSijxbpCz1vD\|1658039005339
.et.nytimes.com/	1970-01-20 04:35:25	Name: et-ppvid Value: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html=K5XQhuWdmS9DU5ifOy2lmbGX
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: ef6cdb31f7f64532a1333c44e7cf6e10
.nytimes.com/	1970-01-20 14:03:29	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-22 00:23:25	Name: nyt-m Value: 7D5E8F86AE9B4A90615FB842A151704F&uuid=s.ac56476f-0675-4d97-bef6-1a931e003349&er=i.1658039006&imu=i.1&igu=i.1&rc=i.0&t=i.0&n=i.2&ft=i.0&iga=i.0&v=i.0&vr=l.4.0.0.0.0&iue=i.0&ifv=i.0&iub=i.0&imv=i.0&e=i.1659340800&g=i.1&pr=l.4.0.0.0.0&vp=i.0&prt=i.0&iir=i.0&ier=i.0&igd=i.1&igf=i.0&ira=i.0&ird=i.0&s=s.core&fv=i.0&cav=i.1&ica=i.0&iru=i.1
.a.nytimes.com/	1970-01-20 13:19:35	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 04:35:02	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 04:35:02	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 13:55:35	Name: __gads Value: ID=a1cdb1c0ffa93d9d:T=1658039006:S=ALNI_MZbKx7SFEeh79Fk0m88yVzj_5mgMQ
.nytimes.com/	1970-01-20 06:43:35	Name: _gcl_au Value: 1.1.570671683.1658039007
.nytimes.com/	1970-01-20 13:19:35	Name: datadome Value: .5X68~VLlNlxD8tXVSflFyvHGQbpU2siAI22TS0ywF8pCHQ07GBtfVJg9CmGUE_SkJebgtMBl5uT-rUM2MpiDKyhUD_2IDs3spQAL7ZJlyvAF8y.OjoZ4wx7mLWNVAoF
.nytimes.com/	1970-01-20 22:05:11	Name: walley Value: GA1.2.137567910.1658039006
.nytimes.com/	1970-01-20 04:35:25	Name: walley_gid Value: GA1.2.1105696814.1658039007
.nytimes.com/	1970-01-20 04:33:59	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 14:02:47	Name: _cb Value: DCEJ20Cg-H-ZCCHfKg
.nytimes.com/	1970-01-20 14:02:47	Name: _chartbeat2 Value: .1658039006647.1658039006647.1.BKs37gSfM0NCDXs-k0g1C5DBI6wf.1
.nytimes.com/	1970-01-20 04:34:00	Name: _cb_svref Value: null
.doubleclick.net/	1970-01-20 13:55:35	Name: IDE Value: AHWqTUn1UX0jWcYbe669oDvhNVIreZnVOnBRAnnL6T4MvOQQxsTqANf76p03zbQSiEg
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1658039006339&isNew=0&pageIndex=2
.nytimes.com/	1970-01-20 13:19:35	Name: nyt-jkidd Value: uid=0&lastRequest=1658039007094&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-23 20:09:59	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MmQzYWFkZjAwM2U2MzAwMDEwZjhkNWYiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjU4MDM5MDA3fQ.hC4h-QG1xLCuuzjx_tjuYrbM7li3IHUho7zGORcIbpA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
82d373f7105dff68677a83b3057974b1.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
cdn.brandmetrics.com
dd.nytimes.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
142.250.186.134
151.101.129.164
151.101.193.164
151.101.65.164
172.217.16.130
2600:9000:2491:d800:18:1fcd:351:7bc1
2606:4700:20::681a:79b
2a00:1450:4001:800::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2001
2a00:1450:4001:811::2013
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a06:98c1:3120::3
2a06:98c1:3121::3
34.192.116.222
35.241.35.241
35.244.188.62
52.0.64.204
52.223.40.198
99.84.146.5
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
0b819165d0aebefee404eec582bc9aaa41ebee06e655f21c2ac31d40291aa4ed
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0ce5692195c70b48f941c1bd0a0caaa1c40f9e51a693c304d5a5755b51f5dc4e
107b47fa0927d6165dcd8b7d2c1073cb1c8820aab0307d1f6b52477f822cb997
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1e8f653cafd04ab5db661928b4c87574e6ef6b02dc3d43217532bbd681269076
1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
275723b408a17e08587ecb96fa5b6f8f4b756324c7bbfe9a25ce6346f25abe27
27f55f580623f8f4c88e5a22391d0ddb3d9fe05e3ef362f3b861da2c23fd4643
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
2b8c4634f29aa4466b11f6fb6d2d743b061eb45242aaa6f48b561de98eed66be
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531
31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91
3441155b05f7619c37b5715943e446086a9d5c4952d69b7335a3733c3c9d68d9
3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49
3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e
3f3e0ebd2e286f5c8a1a31596caf7fe9d5d42db6204a047694c82a4f09162428
4574dced7b50919e2088ce59f8be87edf641fe99194bfe31304656ef1a2aa5c5
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
5243b03abc7e7c0208c67cd2a6bc700c28736f181b30a218c9494d2655daf097
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
5752b74c9b7a6df07993aa482826fce9bcce5863c37e5952b5b0f9775946ad21
5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e
5c6850df895aa83fa917a1be75163e62f5cf7f6e2dda497a2098360da21fc0ac
60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633bf0deb9ed1763fb4c6f585c190b39d822ae7fa1746bbb43b1441b25ab4080
642a2b62b6b8f3aa44c4a1119fe827390c035a8f7cef6fffcd67c8c1370ac440
6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ffca2510b07d710874316ba5aa83a5802357de7c333e258de0d0eb618670cf9
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7fced283905ba08a854f7176a4c57a89d9359c58c5cda63b062218f87a9f0537
832a2f64ff7e0d83a0db5db389999d738ae413d99787aa211189c6defe4a243f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f21b88a4ef284a91947cdbc232f7ba956c278dc98477460cd3970812afd6657
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04
96b2fe169da01c822cb71dc7e5171b8b837e9601219777dd71716ecf5208466d
9d71130ffe6dd5f689aa6697f6d843c9a3e72f2ab79506b14fef4a01e623c727
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad1d65ba60cc2fd0f6f749039114e4a8eb77771e8479e7a4b68f038ce68ceaa0
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b36e3ce140f37f5aad30146f85bb9c9f61cc9c440fc6c546336015545a3123cc
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b580db4c1ef2bc5e677aef306f5cf50156a3a286239ddbc4b07fb4c5cccca0a2
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b8c210f64aea2fb1ab87df1a29192e57fc2aaf2645239e1ffc51ad1545fb93ff
b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993
b91a9e0c8350e7e0935acce873139e0ffbe6e123d8522c2b76089f4f8f64ab92
bf71339e65a42ca062049afcb3b0476e041a5a0d2b97eb2fc639f988c047726f
c1a69577f3de2401ef7b2e104e0e47ec2dae6506f8653473d3e270cead6391a0
c426a94bc3eee54f16dd1bf95d1a0700751585870965b676b7addd8b306f0623
c6cf5f641f7278eaa12cc79c4b7e90358dd6ad78b0f32b4118422a25e63001a7
c99c089b9b370c38539abe945ea2b2f3d8b4c3761022f8d738a2928d6fbdbded
c9ddd01050c3162ee6185b78d3ee887bba48f34dee1d0107aecc2e9bcb5ac47b
cafbeca38aa3c03d33e3dc29494c4eb3d38bd7e5b4d552ee61359a9e738ebf0d
cbe98f9cdafd815da89483144bb0833102e42e687f6ec6965f4b0cd077abcb41
cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9665617319a0b0d869d5907b5510035699ab4e6ac86ffdc598591dea98fef8
d2d6bccf906931343f10ef1b006b2e407b96e814ddfc50162ce420838de2e37f
d5cf5f58b3710e63b0339bec9a2656480a41bede98d896d6248968c9b955a007
dc2329b30fd35c876dd7bdba63526c0d42a2b03eb3038bffb4e01a3999206b56
e28d50b5eb7065c3375896ce248b0d9ac300bed71b5bb00bc423632f5692bb51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e5c84cddb3c2f45a67e1854845b794d3f073fe24a83b3fdbc603a55c63f31b23
ead13dc529694351614652c16fe0acb89a6506b13755fe087d9b01144c00e863
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d4fac130d9051ca0546459328828dae14477a25a623ea11c61df9b1cc3f20
fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3
fd9593899f5fd12164c1d22267ac4e84850619a5142a9cd3ff1eee6da20742e5

www.nytimes.com Open in urlscan Pro 151.101.193.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

100 %HTTPS

56 %IPv6

14 Domains

32 Subdomains

25 IPs

2 Countries

2396 kBTransfer

7158 kBSize

28 Cookies

18 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.193.164 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

56 %
IPv6

14
Domains

32
Subdomains

25
IPs

2
Countries

2396 kB
Transfer

7158 kB
Size

28
Cookies

112 HTTP transactions
0 data transactions