www.nytimes.com Open in urlscan Pro
151.101.129.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt...
Effective URL:
https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Rea...
Submission: On February 11 via api (February 11th 2022, 8:35:09 am UTC) from CH — Scanned from DE

Summary HTTP 140 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 16 domains to perform 140 HTTP transactions. The main IP is 151.101.129.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2791.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
45	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
27	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	143.204.215.54 143.204.215.54	16509 (AMAZON-02) (AMAZON-02)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:3e00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.80.60.244 54.80.60.244	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
140	28

2 2606:2c40::c73c:671d (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

email.kharon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-54.fra53.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.60.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-60-244.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2791 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8038 a.et.nytimes.com — Cisco Umbrella Rank: 7547 als-svc.nytimes.com — Cisco Umbrella Rank: 9888 myaccount.nytimes.com — Cisco Umbrella Rank: 10383 dd.nytimes.com — Cisco Umbrella Rank: 9988 meter-svc.nytimes.com — Cisco Umbrella Rank: 9885 purr.nytimes.com — Cisco Umbrella Rank: 9713 a.nytimes.com — Cisco Umbrella Rank: 9275 mwcm.nytimes.com — Cisco Umbrella Rank: 10267	2 MB
19	google.com news.google.com — Cisco Umbrella Rank: 5027 adservice.google.com — Cisco Umbrella Rank: 59 play.google.com — Cisco Umbrella Rank: 32 www.google.com — Cisco Umbrella Rank: 2	69 KB
16	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9180 static01.nyt.com — Cisco Umbrella Rank: 6043 a1.nyt.com — Cisco Umbrella Rank: 8973 typeface.nyt.com — Cisco Umbrella Rank: 26395	378 KB
8	googlesyndication.com 3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	39 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 11082	149 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7694 iteratehq.com — Cisco Umbrella Rank: 7120	274 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	129 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1150 c.go-mpulse.net — Cisco Umbrella Rank: 549	51 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	kharon.com 1 redirects email.kharon.com	4 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 8914	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 607	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	96 KB
0	akamaihd.net Failed trial-eum-clientnsv4-s.akamaihd.net Failed trial-eum-clienttons-s.akamaihd.net Failed
140	16

	Domain	Requested by
24	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
16	www.nytimes.com	email.kharon.com www.nytimes.com
12	samizdat-graphql.nytimes.com	www.nytimes.com
10	g1.nyt.com	www.nytimes.com g1.nyt.com
8	news.google.com	www.nytimes.com news.google.com email.kharon.com www.gstatic.com
7	play.google.com	www.gstatic.com
6	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
5	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	dd.nytimes.com	email.kharon.com dd.nytimes.com myaccount.nytimes.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	platform.iteratehq.com	email.kharon.com platform.iteratehq.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	static01.nyt.com	www.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	typeface.nyt.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.nytimes.com	www.nytimes.com dd.nytimes.com
2	adservice.google.de	securepubads.g.doubleclick.net
2	email.kharon.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	myaccount.nytimes.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	mwcm.nytimes.com	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	email.kharon.com
1	static.chartbeat.com	email.kharon.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
0	trial-eum-clienttons-s.akamaihd.net Failed	s.go-mpulse.net
0	trial-eum-clientnsv4-s.akamaihd.net Failed	s.go-mpulse.net
140	38

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
www.justice.gov
archive.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
email.kharon.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-01-18` - `2022-04-18`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Frame ID: C1E1DB02E6ED0F3607075A23AD65EC36
Requests: 91 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 0FF31355F673A8B9205FC72BEEF6E552
Requests: 3 HTTP requests in this frame

Frame: https://3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 16A3B13093BBB78D24265ACF744B6DCC
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456824&publicationId=nytimes.com
Frame ID: 742A3615F5467D0FDB4949D8FEE5FB79
Requests: 13 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email
Frame ID: 85B4A3C435697149E4F3005A58BABD0D
Requests: 2 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: 785F8F880FD0B87F902E2165D59B8649
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35DA5418E62C75B32280355D6C5661EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2A746D51F3BA2B2568A8C5D640B73D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Justice Dept. Seizes $3.6 Billion in Bitcoin and Arrests Married Couple - The New York Times

Page URL History Show full URLs

https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-W... Page URL
https://email.kharon.com/events/public/v1/encoded/track/tc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8... HTTP 307
https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.h... Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

140
Requests

99 %
HTTPS

67 %
IPv6

16
Domains

38
Subdomains

28
IPs

2
Countries

2949 kB
Transfer

9443 kB
Size

32
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Fsmid%3Dfb-share&name=Justice%20Dept.%20Seizes%20%243.6%20Billion%20in%20Bitcoin%20and%20Arrests%20Married%20Couple&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Justice%20Dept.%20Seizes%20%243.6%20Billion%20in%20Bitcoin%20and%20Arrests%20Married%20Couple%20https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Fsmid%3Dtw-share&text=Justice%20Dept.%20Seizes%20%243.6%20Billion%20in%20Bitcoin%20and%20Arrests%20Married%20Couple

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/press-release/file/1470186/download?utm_medium=email&utm_source=govdelivery
Title: court documents

Search URL Search Domain Scan URL

URL: https://archive.nytimes.com/www.nytimes.com/interactive/technology/bitcoin-timeline.html
Title: first conceived in 2008

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71 Page URL
https://email.kharon.com/events/public/v1/encoded/track/tc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71?_ud=a9278a8f-db25-4564-a05b-bd4ca8aabd3e&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email

140 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38...
email.kharon.com/e3t/Btc/5D+113/cQDY704/ 10 KB
3 KB 346ms
218ms Document
text/html 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 11 Feb 2022 08:35:00 GMT
content-type: text/html;charset=utf-8
cf-ray: 6dbc3dc8bc2d3748-MXP
last-modified: Fri, 11 Feb 2022 08:35:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 541e3a29-34b0-4f91-911d-b19709e2b726
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuXfAV%2FsMjoW0M7qmiQ7SvG8qe7K1NH%2Bmp5eBLYkxV1t%2FCGxLO0LxuFGQWQrEMao5dfMrPwOytOwc2tnB1uKtk2g%2Bf06jB41GOkiHZqKniAG18ee8dyNIZCFa4ncqDfIRcLgRMkRq4CQWBO0ixQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request ilya-lichtenstein-heather-morgan-bitcoin-laundering.html Show response
www.nytimes.com/2022/02/08/us/politics/
Redirect Chain

https://email.kharon.com/events/public/v1/encoded/track/tc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0K...
https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HE...

316 KB
75 KB

234ms
53ms

Document
text/html

151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email

Requested by

Host: email.kharon.com
URL: https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8f2a77bb30f058f34029ac9b27035c4356b3c8e0cda720132922976d281628b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-b3-traceid: 2b275125baf441909f9ca574104c6e3b
x-nyt-data-last-modified: Fri, 11 Feb 2022 08:25:47 GMT
last-modified: Fri, 11 Feb 2022 08:25:47 GMT
x-scoop-last-modified: 2022-02-09T14:05:39.450Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1644568056.941467,VS0,VE7
x-origin-time: 2022-02-11 08:27:36 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:01 GMT
age: 468
x-served-by: cache-lga21962-LGA, cache-hhn4051-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1644568501.235860,VS0,VE8
vary: Accept-Encoding, Fastly-SSL
x-datadome: protected
x-nyt-app-webview: 0
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-nyt-edge-cache: HIT-HIT
content-length: 74793

Redirect headers

date: Fri, 11 Feb 2022 08:35:01 GMT
location: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
cf-ray: 6dbc3dca3f183748-MXP
link: <https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4a669bc2-e789-4349-bd85-5d0c8228dd01
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRJvHgu9sSi0Ax%2BSHkZl36Dk7IXBLNLrXSscDrc7it%2Bshq46cOeSzW%2BCxX4Fc%2F%2BetS6lESKTHHicOeriXcp53JBA%2Btn5gYQTM0HtSv7dG8jv6%2BndtZhYYOpRkaR3FSciCTaW5jOINm84bTgB8Qs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 117ms
26ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 10392734
x-guploader-uploadid: ADPycdvM_HxElX7psfISEsaNQfEgnO2Zgx5cmB4AGrFveWBc7tmn1KIO6XBFRxV4kkQJuoRY7wL5yZmwCuWxcKNne2c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4051-HHN
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:42:47 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1644568501.404202,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 16012

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 46ms
46ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 633162
x-guploader-uploadid: ADPycdug3EL0swpnPp5BiaAYBroOQkQOc8ROASgv_MUPlIaD6A-dSndbPMsDnouDGt400k8eaoulTVvf0Vupxk27tg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 00:42:19 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.314327,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 16311
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Thu, 03 Feb 2022 22:41:46 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1643067836219382
expires: Sat, 04 Feb 2023 00:42:19 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-9cd9aa2ae2d6a53c40af.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 22ms
22ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-9cd9aa2ae2d6a53c40af.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

51b78847fc20f97854556c421abeefae11b13e7627270e2c6ca78cfef3a90075

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 577126
x-guploader-uploadid: ADPycds74h-eb3hVAituRVSB68QOrIuLRCoV-sZYppX_Yohb1MIWQwexvK55lCyhBelrLqC-jXS6LKhecitp6rW1jcyvC0WukA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:15 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.362614,VS0,VE1
etag: "3eb9e94bc6201c263e6f1ad4947a291c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9cd9aa2ae2d6a53c40af.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 20722
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7237
last-modified: Fri, 04 Feb 2022 16:09:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=W68SaQ==, md5=PrnpS8YgHCY+bxrUlHopHA==
x-goog-generation: 1643990978080103
expires: Sat, 04 Feb 2023 16:16:14 GMT
x-gdpr: 1
x-goog-stored-content-length: 20494
accept-ranges: bytes

GET
H2 200 merlin_199575684_cb549cca-76dd-4ad4-8fe9-a5f54d1024b9-jumbo.jpg
static01.nyt.com/images/2022/02/08/us/politics/08dc-justice-1/ 30 KB
31 KB 205ms
129ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/02/08/us/politics/08dc-justice-1/merlin_199575684_cb549cca-76dd-4ad4-8fe9-a5f54d1024b9-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3211d4dfedcc03a35db563674340c2eaf577749103b651cc90c7ac52eb28541f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish, 1.1 varnish
age: 204931
x-guploader-uploadid: ADPycdvd78AnVU9LXwMKyXRCIMAetvK4dMBTjm2cWXNvSw6mAB0TA4avKhDFndQdIck6sS7wIh0hmk9tjwdBcVmKiUc
x-cache: HIT, HIT
fastly-io-info: ifsz=94936 idim=1024x683 ifmt=jpeg ofsz=31210 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 31210
x-served-by: cache-iad-kcgs7200041-IAD, cache-hhn4051-HHN
server: UploadServer
x-timer: S1644568501.467986,VS0,VE1
etag: "5eIl3YZwIDTPVgN2tjesjMfm5vuhMs4iFuykW3ab0iY"
vary: Accept
x-goog-hash: crc32c=WSu7qg==, md5=uQmv+DzsRD031qw2dTlxXg==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 08 Feb 2022 23:39:29 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 author-katie-benner-thumbLarge-v2.png
static01.nyt.com/images/2018/02/16/multimedia/author-katie-benner/ 24 KB
24 KB 165ms
128ms Image
image/png 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2018/02/16/multimedia/author-katie-benner/author-katie-benner-thumbLarge-v2.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e164ebf119ead586d81312109338af5fb35cb5b5a8eed418739edd2a5c40e18d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish, 1.1 varnish
age: 132952
x-guploader-uploadid: ADPycdsoekFiMx_neLPN0fDu7VMfe2RZulIvynJHxa-5hFrfrEpvsCSuakZB6Fbt00ZhMNtfy77PJRdoIg_MMrrTT0G64dRvhQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 3
content-length: 24593
x-served-by: cache-iad-kiad7000157-IAD, cache-hhn4051-HHN
last-modified: Mon, 16 Jul 2018 17:38:46 GMT
server: UploadServer
x-timer: S1644568501.468092,VS0,VE0
etag: "335ab92f94a43e1ed93541dc81494aaf"
vary: Origin
x-goog-hash: crc32c=P30Z/g==, md5=M1q5L5SkPh7ZNUHcgUlKrw==
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jan 2022 19:38:53 GMT

GET
H2 200 vendor-6dabc659e9ccac9b6f00.js Show response
www.nytimes.com/vi-assets/static-assets/ 252 KB
77 KB 25ms
21ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 723305
x-guploader-uploadid: ADPycdsGwRF5kq0rhNUW7IMlp4xMe6nYlktsNLaUKsHIGrS6d5-xShPNVUcy0Q_jhi5eHJSr5xvAjErzw8Det3cc6fA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 23:39:56 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.460131,VS0,VE1
etag: "8fc82adba8f7a20303f839ab3c923991"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 22536
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 77827
last-modified: Wed, 02 Feb 2022 23:34:48 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Aei76Q==, md5=j8gq26j3ogMD+DmrPJI5kQ==
x-goog-generation: 1643649050257546
expires: Thu, 02 Feb 2023 23:39:56 GMT
x-gdpr: 1
x-goog-stored-content-length: 258452
accept-ranges: bytes

GET
H2 200 story-d917cb6aca65ac6ceb40.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
298 KB 92ms
87ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8f896b2bcc9fbfa73d461c2acc7517e1c1f472ab09863784a5943e139aabb7fa

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 56796
x-guploader-uploadid: ADPycdtD6XzyawkDSrcn3eCl0qaKXJfyQbZ4pMZlzc0W5oaSH5K89TJHf_ir3Cm-dvmtODVGGGVlR-t2DAcxwur5p2Y
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-10 16:48:25 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.461148,VS0,VE1
etag: "6e40e1d5a63b60ce336038244d398685"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 593
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 303478
last-modified: Thu, 10 Feb 2022 16:26:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=cMOlbQ==, md5=bkDh1aY7YM4zYDgkTTmGhQ==
x-goog-generation: 1644510398081186
expires: Fri, 10 Feb 2023 16:48:25 GMT
x-gdpr: 1
x-goog-stored-content-length: 1142793
accept-ranges: bytes

GET
H2 200 collections-738ea8825818c5a88956.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
303 KB 56ms
51ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/collections-738ea8825818c5a88956.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

14cbe8919167b2ca004646388716d3499ad0732a848013a2fa7c9cec50e3f8fd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 130143
x-guploader-uploadid: ADPycdui8zpQKvGDiTe2uo9YPXLUNhEp9vLKdXJnG2ISWOYzW58B0RTUV_rmkRvCEfiQQQ1IA0OwSa9dJMzzNWM_fa0
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 20:25:58 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.461226,VS0,VE1
etag: "e8d4a424f840f03c9bfec851fc4255e0"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/collections-738ea8825818c5a88956.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 377
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 309412
last-modified: Wed, 09 Feb 2022 20:23:34 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=14rrxg==, md5=6NSkJPhA8Dyb/shR/EJV4A==
x-goog-generation: 1644438213990697
expires: Thu, 09 Feb 2023 20:25:58 GMT
x-gdpr: 1
x-goog-stored-content-length: 1199292
accept-ranges: bytes

GET
H2 200 main-c5ae748151e1a510711c.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
360 KB 137ms
132ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

adf2af53724fd422bf12f2c7793a5ecf4d2094a23a5ce34084f1a2af70c9a300

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 130155
x-guploader-uploadid: ADPycdvCm2ovyJHKEQtrI6khn_95ZJoYiM13h7ucI7aRgSm13Y7rRDlC0Ci5ZVWwgLKmUWgF5YO7TaIxNueIgRUhZSc
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 20:25:46 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.463729,VS0,VE0
etag: "b0791eb5affc086cfda65dd3904d59fb"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-c5ae748151e1a510711c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1392
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 368467
last-modified: Wed, 09 Feb 2022 20:23:36 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=quEuRA==, md5=sHketa/8CGz9pl3TkE1Z+w==
x-goog-generation: 1644438216282658
expires: Thu, 09 Feb 2023 20:25:45 GMT
x-gdpr: 1
x-goog-stored-content-length: 1268174
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 360 KB
96 KB 113ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58a4a82eb5dae72f85ec771893734dd11a5276a6f840b56f977b7459ea857cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97874
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 158ms
45ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: d37836898ea352f7423a406500df61f3/2017331185630035637
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:01 GMT
age: 59
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: a1362a4765e1c892
x-served-by: cache-hhn4061-HHN
x-cache: HIT
x-cache-hits: 4
x-timer: S1644568502.562780,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 285ms
139ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
826 B 131ms
131ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: e483f982b206787-465926b9b7439863-1
age: 42
x-cache: HIT
samizdat-x-instance: fa27d9a3
x-samizdat-query-field-errors: 0
x-cache-hits: 5
x-samizdat-query-exe-id: 578b2165e2eaba14
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644568502.610178,VS0,VE1
x-nyt-region: BY
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: e483f982b206787-465926b9b7439863-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 143 KB
45 KB 156ms
45ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45355
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 18:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 08:35:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 117ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

b54aaadb0c8fe79a3322fe3629118551d2cae1add87a6c49b253bc7c916be068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27179
x-xss-protection: 0
server: sffe
etag: "1128 / 543 of 1000 / last-modified: 1644534541"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Feb 2022 08:35:01 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
3 KB 506ms
329ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F2eeed795-7a70-5524-9087-53de1a14770d&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d99f5154d86578caaf220fa71ff64eb43cbd5af78beb6a24cc3215f8f64779bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
2 KB 122ms
122ms Image
image/svg+xml 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 748304
x-guploader-uploadid: ADPycdtcWi95J9FFULKih-12kcMa009LHfRmLsgkwjO9nqGo0WhHgdDqzMXK8C2FRtvJqjeav_7wGzjTJOsaIejqORA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:17 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568501.476866,VS0,VE1
etag: "f5e6ba8f0613f5244e1e8ba2c4f8dd1a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
content-type: image/svg+xml
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9972
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 645
last-modified: Wed, 02 Feb 2022 16:43:04 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=GTQy+Q==, md5=9ea6jwYT9SROHouixPjdGg==
x-goog-generation: 1643067836495501
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 1162
accept-ranges: bytes

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 104ms
39ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11004766
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644568502.541671,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6775

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 103ms
38ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1497079
x-guploader-uploadid: ADPycdvZ-dNoU8ZbbF5veh7_wpjYLjdrCt2r7UDuhUc0s4sCqc_Qxe5-FAkovtwyxARj1-Y8dpJzZu_PlzmY43RY5w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Wed, 25 Jan 2023 00:43:42 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644568502.541897,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6756

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 143ms
78ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7976439
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644568502.542059,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4472

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 141ms
78ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7374324
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1644568502.542475,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2899

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 140ms
77ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 635677
x-guploader-uploadid: ADPycdvfBqqMROzpVlne3PkDbgl-yXu2aizDnQdtARIqTfTTIhwveau54361BWjPTxco1mpMBkcC0nMbcaaTrySlx4M
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Sat, 04 Feb 2023 00:00:24 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644568502.542597,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5803

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 112ms
50ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2105723
x-guploader-uploadid: ADPycduqaMXBgRcn7MaFE0xauF1LRpBsw12QO0GlqFvN8l8TjEYXxEFWI2i9FV13QZWYXeF0729D8DVFmoxY7aqUiOCBWzXN7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:39:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644568502.542739,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2793

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 200ms
138ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1230139
x-guploader-uploadid: ADPycdt57UDj0w-D-m5qHPt3GAvcuR5pNF06eirUU2sMnIic4_mbMoEZ3BONMGV1y2hG0YQ1Sod3cCTngaDoga3NJpC7b9Vrvw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Sat, 28 Jan 2023 02:52:41 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644568502.543036,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4066

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 112ms
49ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8571439
x-guploader-uploadid: ADPycdsPgT4lcseauEpJLQy0Zsg30Moickqr1VqZgSIgCB1QoXGXeqKooxxgUjtaoY-NEecarL-ob9XvEbblsldRDB3zOZzgsw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Fri, 04 Nov 2022 03:37:39 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644568502.542956,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984460387
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6541

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 0FF3 393 B
711 B 181ms
125ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

94193096daf7c70d7589d5e6ec9720a2cc53fa953fcc0e51f441ae7d48ff835c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

x-powered-by: Express
x-datadog-trace-id: 4037008806992425249
x-datadog-parent-id: 4037008806992425249
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-nyt-backend: lire-ui
content-encoding: gzip
x-cloud-trace-context: 685539aec10cf2d16ac900fd57acf809
server: Google Frontend
cache-control: public, max-age=600
etag: W/"189-FZQuefnmRjgB45y+BAIEbCHSQlE"
content-type: text/html; charset=utf-8
x-datadome-timer: (null),VE18
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:01 GMT
via: 1.1 varnish
age: 327
x-served-by: cache-hhn4051-HHN
x-cache: HIT
x-cache-hits: 12
vary: Accept-Encoding
x-api-version: F-X
content-length: 276

GET
H2 200 pubads_impl_2022020901.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 44ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122359
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Feb 2023 06:27:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
371 B 102ms
54ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
expires: Fri, 11 Feb 2022 08:35:01 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 48ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 09:12:50 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 76ms
47ms Other
image/svg+xml 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 09:19:52 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
57 B 121ms
121ms Fetch
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 190ms
26ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
37ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
266 B 181ms
180ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3254826342298579&correlator=2782204054176311&output=ldjh&eid=31063377%2C31064838%2C31064538&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D521&cust_params=als_test_clientside%3Dempty_empty_empty_empty_empty_20220211083501%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644557908208%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dmonacolisao%26org%3Djusticedepartment%252Cbitfinex%26geo%3Dhongkong%26des%3Dvirtualcurrency%252Cbitcoincurrency%252Ccyberattacksandhackers%252Ccurrency%252Cmoneylaundering%252Crobberiesandthefts%26auth%3Dkatiebenner%26coll%3Dusnews%252Cuspolitics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008198127%26pt%3Dnt1%252Cnt10%252Cnt14%252Cnt15%252Cnt17%252Cnt18%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt8%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_ibm%252Cneg_ms_safe%252Cneg_orep%252Cneg_mtb%252Cneg_chanel%252Cgv_crime%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cggl_wrk_collab%252Cgs_economy%252Cneg_bofa%252Cacc_cc%252Cneg_google%252Cgs_law_misc%252Cgs_economy_misc%252Cgs_law%252Cneg_debeer%252Cneg_hearts%252Cgs_tech_computing%252Cgs_shopping_misc%252Cgs_tech%252Cgs_science_misc%252Cgs_t%26is_viral%3Dlow%26tt%3D5%26mt%3DMT10%252CMT7%26abra_dfp%3Ddfp_prebid_0521_0_control%252Cdfp_disp_incr_1_test%252Cdfp_als_home_1_als%252Cdfp_adslot4v2_1_external%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_als_1_als%26sov%3D3%26page_view_id%3D4cLGZltQlXbp3-Ulun9NjMCQ%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DcrFeB7JeKSwTrzSJ94wNHX&cookie_enabled=1&bc=31&abxe=1&dt=1644568501817&lmt=1644567947&dlt=1644568501285&idt=505&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=76&adks=1133286891&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=1170823198.1644568502&ga_sid=1644568502&ga_hid=1474008248&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2238f023c46645d49418f2b51d416eb40ea37a673e605a8d81dac4bf6cd3bc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 16A3 6 KB
4 KB 156ms
23ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 11 Feb 2022 08:35:01 GMT
expires: Sat, 11 Feb 2023 08:35:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 0FF3 2 KB
1 KB 46ms
45ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 451
x-cache: HIT
x-envoy-upstream-service-time: 16
content-length: 1252
x-served-by: cache-hhn4051-HHN
expires: Fri, 11 Feb 2022 02:37:57 GMT
server: envoy
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: c1eca5fc7b2c90e8905a7a89ae205753
cache-control: public, max-age=600
x-datadome-timer: (null),VE378
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 13

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 0FF3 410 KB
139 KB 45ms
45ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=e0b3e20
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 536
x-cache: HIT
x-cache-hits: 16
content-length: 141763
x-served-by: cache-hhn4051-HHN
server: Google Frontend
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 443f0d6830ec80b540ab9900512a7b64
cache-control: public, max-age=600
x-datadome-timer: (null),VE159
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 09 Feb 2022 18:45:36 GMT

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js Show response
www.nytimes.com/vi-assets/static-assets/ 46 KB
16 KB 18ms
17ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4680da4b91fb39d747e566e471e11aaec1119bc6885b51ae8e4617387f08af7b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 577105
x-guploader-uploadid: ADPycdsK1WQUDy5ebEZtwlD0t4tsFZsUMvs1f-sHsS620M55dTgIFvc4JC2Sv7Tep6xoQQkR5ORBDhjny4vdTdMCuXiFuILAjg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:36 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568502.978797,VS0,VE1
etag: "22fb86dadd1d1e60c94bffe9c522a94a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19612
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14705
last-modified: Fri, 04 Feb 2022 16:09:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=dcN4NQ==, md5=IvuG2t0dHmDJS//pxSKpSg==
x-goog-generation: 1643990980186724
expires: Sat, 04 Feb 2023 16:16:36 GMT
x-gdpr: 1
x-goog-stored-content-length: 47594
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 22ms
21ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 724511
x-guploader-uploadid: ADPycdtBBf_OSyY7bysAkS1rifPEa2-gTy4OfYk-p7B9pbQISLIQ7hYq839o8BshJnCL2UizT7Cfgcl2bg7gQR4jf0jI-0h69g
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 23:19:51 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568502.979219,VS0,VE1
etag: "46159ad0cb7de89c83fc59e9dc0d61f9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 17909
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13291
last-modified: Wed, 02 Feb 2022 21:41:29 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=goxv5A==, md5=RhWa0Mt96JyD/Fnp3A1h+Q==
x-goog-generation: 1643776222051335
expires: Thu, 02 Feb 2023 23:19:51 GMT
x-gdpr: 1
x-goog-stored-content-length: 68853
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 25ms
25ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 635611
x-guploader-uploadid: ADPycduR2i6M9IKfAnA4bh01qx_PvWNw9kSUTVIsRB-AJ1XWhcowHcqh3JmM2YrerIQPHGB6T7OSic4YtOVZqpqgLlk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 00:01:31 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568502.979345,VS0,VE1
etag: "e4469edf0dfca6f7845a13a7b325dd05"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18484
date: Fri, 11 Feb 2022 08:35:01 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5012
last-modified: Thu, 03 Feb 2022 22:41:48 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=uxXxow==, md5=5Eae3w38pveEWhOnsyXdBQ==
x-goog-generation: 1643756617957502
expires: Sat, 04 Feb 2023 00:01:31 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 119ms
119ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
112ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 114ms
113ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 116ms
115ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 226 KB
42 KB 161ms
25ms Script
text/javascript 143.204.215.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-54.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

516400b3ca3a3a66efd43cac6c3565bd27abe9e4ab2055f76500c106b04cfc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "387f8-5d7819c610724-gzip"
age: 1593
x-cache: Hit from cloudfront
content-length: 42289
access-control-allow-origin: *
last-modified: Tue, 08 Feb 2022 13:22:37 GMT
server: Apache
date: Fri, 11 Feb 2022 08:08:30 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 77ddW7eEo3hUZl4w75ANdHpR5WCttwXKTxHqfV4htrd4mz0Qkngw3Q==
expires: Fri, 11 Feb 2022 09:08:29 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 742A 23 KB
7 KB 101ms
95ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=456824&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1616c4a39098915f70c25b9407fb7f212ddc34e3452987cdaf3cb278d3ce1bb1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-1vDQ7x3ur1HDGLupz89UMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-1vDQ7x3ur1HDGLupz89UMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Feb 2022 08:35:02 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-1vDQ7x3ur1HDGLupz89UMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-1vDQ7x3ur1HDGLupz89UMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 64ms
63ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: d37836898ea352f7423a406500df61f3/2017331185630035637
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:02 GMT
age: 61
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: b7a510e9ff26b4a4
x-served-by: cache-hhn4061-HHN
x-cache: HIT
x-cache-hits: 5
x-timer: S1644568503.680437,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 64ms
64ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: d37836898ea352f7423a406500df61f3/2017331185630035637
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:02 GMT
age: 61
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: bf40cc6b4f8183da
x-served-by: cache-hhn4061-HHN
x-cache: HIT
x-cache-hits: 6
x-timer: S1644568503.700851,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 41ms
41ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: d37836898ea352f7423a406500df61f3/2017331185630035637
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:02 GMT
age: 61
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: b2f94876b14de8d1
x-served-by: cache-hhn4061-HHN
x-cache: HIT
x-cache-hits: 7
x-timer: S1644568503.746879,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
770 B 115ms
114ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 08:35:02 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 6ecd27a2d122295a-10483fb1538a342d-1
x-cache: MISS
samizdat-x-instance: 074cdec2
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 4338a4e1aad37aba
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: BY
server: samizdat-graphql-d2257a7
x-timer: S1644568503.744319,VS0,VE105
x-nyt-continent: EU
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 6ecd27a2d122295a-10483fb1538a342d-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 642 B
1 KB 399ms
207ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email&pageviewID=4cLGZltQlXbp3-Ulun9NjMCQ
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 0f3358b5032a29237d557fcaefc991ee448decb8873e26b8df2e55aae273363a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:03 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 642

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
758 B 134ms
134ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 08:35:02 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 4f4582c5d173a821-405020092cfde57b-1
age: 0
x-cache: MISS
samizdat-x-instance: 4beac781
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 5a3053e0ede2ea25
content-length: 77
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644568503.766566,VS0,VE110
x-nyt-region: BY
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 4f4582c5d173a821-405020092cfde57b-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 43 KB
8 KB 179ms
179ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 6b68c45b476a63a4b350de9c265ccd6b028f7100d245da6e5f96261580bbc36e

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 08:35:02 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 2c379b382d213e1d-6774686253365f4d-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: b2df4994
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: f79e80ae33081053
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Fri, 11 Feb 2022 08:35:02 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644568503.788809,VS0,VE164
x-nyt-region: BY
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 2c379b382d213e1d-6774686253365f4d-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-0aca512b1f6ff9f3d6fe.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
15 KB 42ms
42ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-0aca512b1f6ff9f3d6fe.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e17919e8a49111b87e1c6cd882899c91d61d6ee5114c7b19cce0db412f96bc5c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 709042
x-guploader-uploadid: ADPycduGtdbsWKsV2AGbtwyTCIJT3mQefJwryX7IVC65ja8_EZjxPVwMq7V11DYoDvBwpji7ztMA3fauaJHOjffY0ss
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-03 03:37:40 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568503.763664,VS0,VE1
etag: "e4e464994e06176f291d228ccbd82979"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-0aca512b1f6ff9f3d6fe.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 16226
date: Fri, 11 Feb 2022 08:35:02 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14990
last-modified: Tue, 01 Feb 2022 15:32:52 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Vzeurw==, md5=5ORkmU4GF28pHSKMy9gpeQ==
x-goog-generation: 1643389437608740
expires: Fri, 03 Feb 2023 03:37:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 51109
accept-ranges: bytes

GET
H2 200 requestHandler Show response
www.nytimes.com/svc/community/V3/ 3 KB
3 KB 130ms
129ms Script
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html&cmd=GetCommentSummary&method=get&callback=jsonp_1644568502789_90795

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3d4c6c2ce2daec54b1cac1df20f3e5aff5e7f4d679b8fba50feec5a577f5c9d1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:02 GMT
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 0
x-cache: MISS
x-origin-time: 2022-02-11 08:35:02 UTC
x-served-by: cache-hhn4051-HHN
server: nginx
x-timer: S1644568503.794212,VS0,VE116
strict-transport-security: max-age=63072000; preload; includeSubdomains
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/svc/community/V3/requestHandler?callback=<esi:include%20src="/esi/jsonp-callback"/>&cmd=GetCommentSummary&method=get&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html
content-type: application/json
x-gdpr: 1
access-control-allow-credentials: true
x-nyt-route: community-svc-cacheable
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-nyt-edge-cache: MISS
x-nyt-app-webview: 0
x-cache-hits: 0

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 227ms
138ms Fetch
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:02 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 5aed320abe156710b367a28a14be44dd
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Fri, 11 Feb 2022 08:35:02 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 240ms
148ms XHR
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html&jkcb=1644568502799
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: bb05445939cf591d0cca9a36ae612856d0533e48d23e18b0bc4abc09b1e585a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:02 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 2c462edeb25c8c22f369a8dcb00426e1
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 1042
expires: Fri, 11 Feb 2022 08:35:02 GMT

GET
H2 200 clientSideCapsule-79e485ceec7cdfe371c5.js Show response
www.nytimes.com/vi-assets/static-assets/ 432 KB
108 KB 14ms
14ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-79e485ceec7cdfe371c5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f2ddb8ea968e8f1e19b013e4dfaa670fdee1bd4b47c9ab94f7e0957e22c45574

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 146187
x-guploader-uploadid: ADPycdvvM7qkzcPSWkNf3JnOha96YeB7Q8y9yxoQxFjwtTYQvVA_0z0kclb1RvOfc068EEFC5pCKhE5SdF4PtQnh-A
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 15:58:35 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568503.852508,VS0,VE1
etag: "cc050f54d232d4e3be39fb987fd2c9ea"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-79e485ceec7cdfe371c5.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2724
date: Fri, 11 Feb 2022 08:35:02 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 108857
last-modified: Wed, 09 Feb 2022 15:46:09 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=OgGciQ==, md5=zAUPVNIy1OO+OfuYf9LJ6g==
x-goog-generation: 1644421569217991
expires: Thu, 09 Feb 2023 15:58:35 GMT
x-gdpr: 1
x-goog-stored-content-length: 442149
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 137ms
137ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 127ms
127ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 126ms
126ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 160ms
159ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 138ms
80ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 08:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 136ms
81ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 08:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 417 B
250 B 97ms
95ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3254826342298579&correlator=2782204054176311&output=ldjh&eid=31063377%2C31064838%2C31064538&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1501&cust_params=als_test_clientside%3Dweb_none_none_low_v3-1-21.441422221900562248_20220211083501%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644557908208%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dmonacolisao%26org%3Djusticedepartment%252Cbitfinex%26geo%3Dhongkong%26des%3Dvirtualcurrency%252Cbitcoincurrency%252Ccyberattacksandhackers%252Ccurrency%252Cmoneylaundering%252Crobberiesandthefts%26auth%3Dkatiebenner%26coll%3Dusnews%252Cuspolitics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008198127%26pt%3Dnt1%252Cnt10%252Cnt14%252Cnt15%252Cnt17%252Cnt18%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt8%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_ibm%252Cneg_ms_safe%252Cneg_orep%252Cneg_mtb%252Cneg_chanel%252Cgv_crime%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cggl_wrk_collab%252Cgs_economy%252Cneg_bofa%252Cacc_cc%252Cneg_google%252Cgs_law_misc%252Cgs_economy_misc%252Cgs_law%252Cneg_debeer%252Cneg_hearts%252Cgs_tech_computing%252Cgs_shopping_misc%252Cgs_tech%252Cgs_science_misc%252Cgs_t%26is_viral%3Dlow%26tt%3D5%26mt%3DMT10%252CMT7%26abra_dfp%3Ddfp_prebid_0521_0_control%252Cdfp_disp_incr_1_test%252Cdfp_als_home_1_als%252Cdfp_adslot4v2_1_external%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_als_1_als%26sov%3D3%26page_view_id%3D4cLGZltQlXbp3-Ulun9NjMCQ%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DcrFeB7JeKSwTrzSJ94wNHX%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26typ_materials%3D%2523news%2523&cookie=ID%3Df928f67a0b571ec4-228617aa3dcd0004%3AT%3D1644568501%3AS%3DALNI_MYu92iqZB29Bn5mTuJmctfdDqWr6w&bc=31&abxe=1&dt=1644568503358&lmt=1644567947&dlt=1644568501285&idt=505&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1723209830&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1170823198.1644568502&ga_sid=1644568502&ga_hid=1474008248&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4375b90b47176a5ea4df51816692a033a241cdcc1298c72af3f4bc1066a7f4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 08dc-justice-2-jumbo.jpg
static01.nyt.com/images/2022/02/08/us/politics/08dc-justice-2/ 37 KB
37 KB 60ms
54ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/02/08/us/politics/08dc-justice-2/08dc-justice-2-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fa16048a1437655665e53a4b77d6b726798d71de48e360e7cc368c6a20fbbad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 204922
x-guploader-uploadid: ADPycduxrm8z03QOM7R6bmA95hpVqACisf9M0Mu2y0PF0hX2ujdoZAgCv3MIEcmJ5pgXg2EYytGEinMIimkDCYRM2PbIFPHqoA
x-cache: HIT, HIT
fastly-io-info: ifsz=122111 idim=1024x683 ifmt=jpeg ofsz=37614 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 37614
x-served-by: cache-iad-kcgs7200120-IAD, cache-hhn4051-HHN
server: UploadServer
x-timer: S1644568503.413509,VS0,VE1
etag: "wjEj40ODkmkuJuFxsSMtRj5pBM2LJ0l819n6d6cWIzo"
vary: Accept
x-goog-hash: crc32c=7UcUAA==, md5=RBizKir+s//B9HTTZoVD7w==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 08 Feb 2022 23:39:41 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 742A 0
22 B 77ms
76ms Other
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-0Ox/dgV4FSDVlZbrzc1s8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-0Ox/dgV4FSDVlZbrzc1s8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456824&publicationId=nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:03 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-0Ox/dgV4FSDVlZbrzc1s8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-0Ox/dgV4FSDVlZbrzc1s8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 132ms
131ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 151ms
150ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 145ms
143ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 742A 21 KB
6 KB 44ms
41ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456824&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 09:12:50 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/am=DQAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 742A 162 KB
57 KB 128ms
37ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/am=DQAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5M1XUIy70Q3X8slwSe-MSCpLEB2Q/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456824&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e03b3eb5c148f0b6b52ff9a3778dfb86196bee81d48842c65a50a529cf7e06e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 20:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58028
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 01:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 20:10:04 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
563 B 119ms
49ms XHR
application/json 143.204.215.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-54.fra53.r.cloudfront.net
Software: DataDome /
Resource Hash: 79a3da80036d9c9d839deba1c8de367ce680485c8405899568075a36d275b964

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:03 GMT
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: WLdmdacn0jiWgBjFyCodT_k4Ewq6WIwiGZg8Nb5aiMGOP20cL22GuQ==
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3609
date: Fri, 11 Feb 2022 07:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 09:34:54 GMT

GET
H3

200

activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus... Show response
5290727.fls.doubleclick.net/ Frame 85B4
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fw...

1 KB
582 B

93ms
49ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

8aa7abb30ea1a313776a78c068f9d524ede0d29ea9e88580265d4f08ae7387ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 08:35:03 GMT
expires: Fri, 11 Feb 2022 08:35:03 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 08:35:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 149ms
55ms Script
application/x-javascript 2600:9000:2057:3e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: email.kharon.com
URL: https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 07:03:41 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 5482
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: rils97w5Jr-zb0vh72eJUH3t6Vl3FFUQvY9kEGkXE7VK2W0aPbZLvA==
expires: Fri, 11 Feb 2022 09:03:41 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
628 B 84ms
43ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: email.kharon.com
URL: https://email.kharon.com/e3t/Btc/5D+113/cQDY704/VWL8Lf9dWDkPW1bc6Sn1SNsCYW8cYYgJ4FnFP_MBB8Vw3q3pBV1-WJV7CgF8mW4qkVHm7yDvt9W6_99fX3vBTwlN11ynh8pzNXFW6dP7955t87d-V5G-4q4hr0KvW1YgKsx4SQ-GZW1WNVjm15sjtpW175T-55JfZ11W3YLjqL3C3r26W7srdRL3mkt2kW8NDtW38ZG6FBW3jSs8F5mJCKSW6K6CMP5PnxBvW1z_SMf7JHtJsW4MMJql50QRRcW4s9q3h4kpckWW1mgwcX2_bfRKW62VBp52_JhW-N73FzZNdDm35W62tKSP4yp34gW2ZSlrl2m6j9-W6D9z205Gk4nHW6GG2Cg5r6mB4VzcT7t4VQXWSV7L1b118ZhbbW2j1NXR4425dqW1cSlZg2-CJ4BW7SZCnQ1xngW5W1FRL-h70b2FzW6k9Njt21v2MX34G71
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Fri, 11 Feb 2022 08:35:03 GMT
content-encoding: gzip
content-type: application/javascript
age: 16586
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4051-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1644568504.821286,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 918

POST
H2 200 track
a.et.nytimes.com/ 0
0 150ms
149ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 209ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1191566665
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 76 KB
16 KB 572ms
515ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&_hsmi=203593594&utm_campaign=Readbook&utm_content=203593594&utm_medium=email&utm_source=hs_email&plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1e7fdbae9fdd99e063a66a615c071474c9ad12bf92bf78f7ca2917c9165d4aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4051-HHN
expires: Fri, 11 Feb 2022 08:35:04 GMT
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_all_Monthly-Sale-dock","gateway":"MAG_web_nonsub_all_monthly-sale","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1644568504.932529,VS0,VE475
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: c41cac280d4d40596c7610e6dbbce6c4
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 35 KB
14 KB 51ms
48ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c219045d17f390c301834f8a5ac05a81188835e6875f0f9d87ae0aa78c31b319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:03 GMT
content-encoding: gzip
x-api-version: F-X
age: 562
x-cache: HIT
x-cache-hits: 7
content-length: 13794
x-served-by: cache-hhn4051-HHN
server: Google Frontend
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: cec85870aae8f7113291ada415e2f353
cache-control: public, max-age=600
x-datadome-timer: (null),VE152
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 09 Feb 2022 18:49:41 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 26ms
26ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: d37836898ea352f7423a406500df61f3/2017331185630035637
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:04 GMT
age: 62
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: 8cec5015afb63af8
x-served-by: cache-hhn4061-HHN
x-cache: HIT
x-cache-hits: 8
x-timer: S1644568504.060125,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 761 B
2 KB 33ms
31ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: d92c6d9bbe6822c3f6b21c2484af882177b58f6939d57b0dc6ac19ca3cf8a57e

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-nyt-meridiem: AM
x-b3-traceid: 1b18af06c8a5b0a4-464a0504f929ee50-1
age: 2990
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: a522a3c0ee5d2db2
samizdat-x-canary: false
x-graphiti-gateway: 5497761c
x-nyt-country: DE
x-timer: S1644568504.088287,VS0,VE0
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BY
x-cloud-trace-context: e63498642c462c77243cba675e4374ab/9669141368971802393;o=1
cache-control: max-age=30, public
x-cache-hits: 19
x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 08:35:04 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: HIT
samizdat-x-instance: 1d50023a
content-length: 761
last-modified: Wed, 22 Sep 2021 18:54:49 GMT
server: samizdat-graphql-d2257a7
x-served-by: cache-hhn4051-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 1b18af06c8a5b0a4-464a0504f929ee50-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
108ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 742A 15 KB
16 KB 83ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456824&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 249419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 11:18:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.iPC4kim6Pe0.L.B1... Frame 742A 37 KB
13 KB 65ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.iPC4kim6Pe0.L.B1.O/am=DQAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4lK5ncT0mXHTsTTuZzlVX2SEQEKw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/am=DQAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5M1XUIy70Q3X8slwSe-MSCpLEB2Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96fe8f8939ff46fd77bc08b13c83293c36606693332e0deef253a30fe9cd772a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 20:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13733
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 15:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 20:23:21 GMT

GET
H3 200 dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenste...
adservice.google.com/ddm/fls/z/ Frame 85B4 42 B
63 B 64ms
62ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNLP7Yuf9_UCFVmBhQodtlgLLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7966606821325;gtm=2wg290;auiddc=105613393.1644568504;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.iPC4kim6Pe0.L.B1... Frame 742A 104 KB
35 KB 65ms
43ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.iPC4kim6Pe0.L.B1.O/am=DQAQ/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4lK5ncT0mXHTsTTuZzlVX2SEQEKw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b235ca07b5dd9d24bf3bac988524d4c851491e0f49e805119b3e0e27e40ef119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 20:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36042
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 15:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 20:23:21 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 399ms
149ms Image
image/gif 54.80.60.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html&u=DKA3kCqXJC1C8iGik&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Katie%20Benner&n=1&f=00001&c=0&x=0&m=0&y=1634&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3319&_c=Readbook&_m=email&_x=hs_email&_y=203593594&t=Q4iBMCKAaogDdsouEDuxEIvC1-xso&V=129&i=Justice%20Dept.%20Seizes%20%243.6%20Billion%20in%20Bitcoin%20and%20Arrests%20Married%20Couple&tz=0&_acct=anon&sn=1&sv=D4idx7D508CfDTHK6xC3E18wDCHBG3&sd=1&im=06679ef3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.60.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-60-244.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:04 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 51ms
26ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1474008248&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html&dr=&ul=en-us&de=UTF-8&dt=Justice%20Dept.%20Seizes%20%243.6%20Billion%20in%20Bitcoin%20and%20Arrests%20Married%20Couple%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=677772812&gjid=1688293669&cid=1170823198.1644568502&tid=UA-58630905-2&_gid=1403864651.1644568504&_r=1&gtm=2wg290P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F08%2Fus%2Fpolitics%2Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email&cd3=%3Futm_campaign%3DReadbook%26utm_medium%3Demail%26_hsmi%3D203593594%26_hsenc%3Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%26utm_content%3D203593594%26utm_source%3Dhs_email&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000008198127&cd18=Katie%20Benner&cd19=Justice%20Dept.%20Seizes%20%243.6%20Billion%20in%20Bitcoin%20and%20Arrests%20Married%20Couple&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2022&cd27=2022-02-08-18&cd28=Tuesday&cd29=18&cd30=1644415539450&cd32=U.S.%20News%2CU.S.%20Politics&cd33=SECTION%2CSECTION&cd34=NEWS&cd36=08dc-justice&cd37=732&cd38=Washington&cd42=nyt-vi&cd43=Virtual%20Currency%2CBitcoin%20(Currency)%2CCyberattacks%20and%20Hackers%2CCurrency%2CMoney%20Laundering%2CRobberies%20and%20Thefts&cd44=Justice%20Department%2CBitfinex&cd45=Monaco%2C%20Lisa%20O&cd46=Hong%20Kong&cd48=February&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=crFeB7JeKSwTrzSJ94wNHX&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=crFeB7JeKSwTrzSJ94wNHX&z=916325257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame 785F 19 KB
9 KB 184ms
183ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

cc57d46a22dac1e66da3d9ff4c3880ab01437f269c161366d8300003679f0481

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 8681889004536906202
x-datadog-parent-id: 5117743723669455667
x-datadog-sampled: 1
x-datadog-sampling-priority: 1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
x-nyt-backend: lire-ui
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests
resp-details: [[it:lui]]
etag: W/"4cb5-Mt9zgCQKhT2Qi46kEthNcWOSPag"
content-encoding: gzip
x-cloud-trace-context: ef7dc33be520a5e240c1bf6ec9e94eb9
server: envoy
x-envoy-upstream-service-time: 46
x-datadome-timer: (null),VE146
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:04 GMT
via: 1.1 varnish
x-served-by: cache-hhn4051-HHN
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
x-api-version: F-X

GET
H2 200 vendors~emailsignup~newsletter~newsletters~recirculation-83dfd15888a0cadc0368.js Show response
www.nytimes.com/vi-assets/static-assets/ 64 KB
16 KB 20ms
20ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-83dfd15888a0cadc0368.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d2a8d17cbbd4685b0cf37c003b8f2476c709550b586af187fdd92f6603468a59

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 146188
x-guploader-uploadid: ADPycdssdUBHzsjbYNZ0mfAcW60KmYrLEVBBQH04zyqNpSufO8UcYtRTGGa3RKHc-87ZsXBX1QEkAhIKZF5eejbgLMM
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 15:58:36 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568504.226271,VS0,VE1
etag: "b7de554b66391d048711154a52d6b089"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-83dfd15888a0cadc0368.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3257
date: Fri, 11 Feb 2022 08:35:04 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15579
last-modified: Wed, 09 Feb 2022 15:46:12 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=HSNpqw==, md5=t95VS2Y5HQSHERVKUtawiQ==
x-goog-generation: 1644421572327396
expires: Thu, 09 Feb 2023 15:58:35 GMT
x-gdpr: 1
x-goog-stored-content-length: 65193
accept-ranges: bytes

GET
H2 200 emailsignup-02108f4e2d4b5aeecf6a.js Show response
www.nytimes.com/vi-assets/static-assets/ 1018 B
1 KB 20ms
20ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/emailsignup-02108f4e2d4b5aeecf6a.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bd92a1b5cc6459dab6c46c368f7edc30ab3f797be9d92b9deb158ef1c44ec401

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 748290
x-guploader-uploadid: ADPycduvvjbQjyC72e01kKn3c_f4LcH59YKMWzApa15i-O5LHkfi5aObCiUIz2d40B7vtPDuubBhA-OaOI7QZe6LDCs
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:44:37 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644568504.227468,VS0,VE1
etag: "e166739368a59468fb7fcc7bf93194de"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/emailsignup-02108f4e2d4b5aeecf6a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9186
date: Fri, 11 Feb 2022 08:35:04 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 567
last-modified: Tue, 01 Feb 2022 15:32:51 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=uip/Yg==, md5=4WZzk2illGj7f8x7+TGU3g==
x-goog-generation: 1643389437615352
expires: Thu, 02 Feb 2023 16:43:34 GMT
x-gdpr: 1
x-goog-stored-content-length: 1018
accept-ranges: bytes

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 742A 423 B
319 B 61ms
61ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=-7859812880691062895&bl=boq_subscribewithgoogleclientserver_20220209.10_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=30905&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

858c6197fb6ca62213483f43417c8fe769483de3a152879bdc2d093e80b6d12b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 136ms
135ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: 99101d382fc66fd2d2c929301c95a0dd/8537597993377437575
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 08:35:04 GMT
age: 0
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: bb631780f247b96f
x-served-by: cache-hhn4061-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1644568504.287468,VS0,VE103
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 166 B
778 B 89ms
88ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-83dfd15888a0cadc0368.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 9d8f66c9a96e5d8647470da2b8c34337355168669d1ca1be32a375d862e64d8e

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
Content-Type: text/plain;charset=UTF-8

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 7a91ce833720661b-ec489a4f7ce5844-1
age: 52
x-cache: HIT
samizdat-x-instance: 1f2d4961
x-samizdat-query-field-errors: 0
x-cache-hits: 2
x-samizdat-query-exe-id: 6443c5e3b6b51fa5
content-length: 136
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644568504.423294,VS0,VE1
x-nyt-region: BY
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 7a91ce833720661b-ec489a4f7ce5844-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H3 200 log Show response
play.google.com/ Frame 742A 131 B
155 B 142ms
72ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 08:35:04 GMT

POST
H3 200 log Show response
play.google.com/ Frame 742A 131 B
155 B 138ms
70ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 08:35:04 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 118ms
47ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 11 Feb 2022 08:35:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 08:35:04 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 116ms
48ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 11 Feb 2022 08:35:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 08:35:04 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 742A 131 B
155 B 133ms
65ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 08:35:04 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 109ms
49ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 11 Feb 2022 08:35:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 08:35:04 GMT
cache-control: private

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 785F 410 KB
139 KB 50ms
46ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=e0b3e20
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
x-api-version: F-X
age: 538
x-cache: HIT
x-cache-hits: 17
content-length: 141763
x-served-by: cache-hhn4051-HHN
server: Google Frontend
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 443f0d6830ec80b540ab9900512a7b64
cache-control: public, max-age=600
x-datadome-timer: (null),VE159
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 09 Feb 2022 18:45:36 GMT

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame 785F 205 KB
49 KB 219ms
63ms Script
application/javascript 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: br
last-modified: Mon, 17 Jan 2022 19:36:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame 785F 0
0 153ms
149ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame 785F 226 KB
42 KB 51ms
48ms Script
text/javascript 143.204.215.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-54.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

516400b3ca3a3a66efd43cac6c3565bd27abe9e4ab2055f76500c106b04cfc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "387f8-5d7819c610724-gzip"
age: 1595
x-cache: Hit from cloudfront
content-length: 42289
access-control-allow-origin: *
last-modified: Tue, 08 Feb 2022 13:22:37 GMT
server: Apache
date: Fri, 11 Feb 2022 08:08:30 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: pJqsnlB1UGzdVWGOCVKtZGFTy3lbamIO1QUpVJlXLaVww1b9OtM35g==
expires: Fri, 11 Feb 2022 09:08:29 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.iPC4kim6Pe0.L.B1... Frame 742A 17 KB
7 KB 60ms
56ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.oggRWVM2kpw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.iPC4kim6Pe0.L.B1.O/am=DQAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4lK5ncT0mXHTsTTuZzlVX2SEQEKw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130889e683e0ee3368abe694003d87fa57cea5381ac8526aba8cbf34ddc21740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 20:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7236
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 15:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 20:23:21 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 183ms
179ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 174ms
166ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 log Show response
play.google.com/ Frame 742A 131 B
155 B 77ms
74ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 08:35:04 GMT

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
26 KB 54ms
48ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
date: Fri, 11 Feb 2022 08:35:04 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 12212469
x-guploader-uploadid: ADPycdtpTwngcckBPmLoV9cyLEieZ80u7t1Z7KUkF0fidQNaVXPEVQWwEqTEX1aibD_hveAklZ8FM2CjjXgO9D_bvWY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Fri, 23 Sep 2022 00:13:55 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644568505.681436,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984530255
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 25680
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2298

POST
H2 200 track
a.et.nytimes.com/ Frame 785F 0
0 108ms
108ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame 785F 977 B
1 KB 224ms
147ms Fetch
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fmultiproduct%252Flp8KQUS.html%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2022%25252F02%25252F08%25252Fus%25252Fpolitics%25252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%25253Futm_campaign%25253DReadbook%252526utm_medium%25253Demail%252526_hsmi%25253D203593594%252526_hsenc%25253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%252526utm_content%25253D203593594%252526utm_source%25253Dhs_email%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-949557
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ae93dccc9522592c5fb53683f1da83bbfcd3c5d915078345bae21f18050f2791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:04 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 4d5a0b8bcee91c051a9c240a05196c3f
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 505
expires: Fri, 11 Feb 2022 08:35:04 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame 785F 231 B
564 B 25ms
25ms XHR
application/json 143.204.215.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-54.fra53.r.cloudfront.net
Software: DataDome /
Resource Hash: 870acf38851bcdfe66ad71d263e8b013e7b534924aa75436eaa854c9cfa94b4b

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:04 GMT
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: 1A0onCkNhGyAJybOtfbVLxlTKkHpeZHMBht_YOAynEzOLlQgHadYtQ==
expires: 0

GET
H2 200 .status
a.et.nytimes.com// 0
0 114ms
111ms Fetch
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 382ms
62ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beac94fa29b979bd2237de159d37659f88113cfbf80096360fb1f2088303aadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 08:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9953
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 785F 29 KB
29 KB 38ms
17ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Fri, 11 Feb 2022 08:35:04 GMT
via: 1.1 varnish
content-type: font/woff
age: 581973
x-guploader-uploadid: ADPycdt18lCObOou-TLOZjuUjsp3dem2lzQMGjxH0sethw_hdbDX-wkHLLnhVIR48pvzO62VVOHQC2W3pzCqgG45Rg4
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Sat, 04 Feb 2023 14:55:30 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1644568505.887614,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717313763
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 1876

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 785F 29 KB
29 KB 31ms
15ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Fri, 11 Feb 2022 08:35:04 GMT
via: 1.1 varnish
content-type: font/woff
age: 6087709
x-guploader-uploadid: ADPycdvbQVaRZZ18szgiON5NbttDp6-0w99NA78hxkMg56w3OIZNvNn6nEDo70bpi2jCJMonuo3nX_s_q3dKvrtKTw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn4037-HHN
accept-ranges: bytes
expires: Fri, 02 Dec 2022 21:33:15 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1644568505.887513,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717322939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 1774

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 275ms
54ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MH0K5F54VK7S8JYR
x-amz-id-2: UO4POah7qMZoo33clke6tAoy9lz8/Z726RQIFwVNVI0uXOOPks8jkTUXuxqmh21RAmbeXuZMmfU=
last-modified: Tue, 21 Dec 2021 18:11:17 GMT
server: cloudflare
etag: W/"851a8e8d3ce808a979323f763dc260b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKjHMi03ncyri7tkn9EAW5yaWxRe7i%2B3%2FACd4PCb2urggZ%2F3DvN325ad7Ab1T%2BGap%2BgLASYTGB7AYFniF0Neg7YG2BHVC%2FC5oBEUzzbq%2Be%2BFH2iW3W6D542BDUZpG7MZqBBGv7bQ6RRrf6iiLEZH4%2B0s%2FLYx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6dbc3de55ee483a0-MXP

POST
H2 200 track
a.et.nytimes.com/ Frame 785F 0
0 112ms
111ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 785F 6 KB
2 KB 216ms
54ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5481895&v=1.720.0&sl=0&si=5a445941-a625-491b-857b-3adfa2bb459e-r74t6g&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c1bca54c0fddc9d8352bf0246f0dc186375c7453ae528cbafa1a7ddcd90c09cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 08:35:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1565

POST
H2 200 track
a.et.nytimes.com/ Frame 785F 0
0 121ms
120ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F08%252Fus%252Fpolitics%252Filya-lichtenstein-heather-morgan-bitcoin-laundering.html%253Futm_campaign%253DReadbook%2526utm_medium%253Demail%2526_hsmi%253D203593594%2526_hsenc%253Dp2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA%2526utm_content%253D203593594%2526utm_source%253Dhs_email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 08:35:05 GMT

GET
H3 200 sdk-prod-1d3c7a55760b4dff36c9.js Show response
platform.iteratehq.com/ 895 KB
260 KB 163ms
120ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4458053
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MH0H2YENBQ2K3K7Y
x-amz-id-2: TRSQgTSrdZBWIPio1/ZQ+BuO0PYkbG3hv7BKs2wb52hrGUobRPJF9DgNW3aeedzUUJ5CCyweK+I=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"1e60912655a5240d8ec79d1ef3a8098e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uP%2F4INZ%2F7TKDErU6rjKO5V1OztZ9H0nrh79MubL3EjVSKUUS7CBEUDLQoXExXr2hwUWx4mWmvN6dNArc8xtXwpuU6m5GYmqpeoRgWfS%2BVQKa8%2FG2AvOBSx3UnnKcew9eXB6KfsMGrFLlSQ0gfaIHQR8UPKBx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6dbc3de61aa059ef-MXP

GET
H3 200 style-2bdbffb0210cc2e386f1.css
platform.iteratehq.com/ 130 KB
12 KB 105ms
63ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1191857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0YMXT7WWEMYNMMX4
x-amz-id-2: ri93IscdBGQdLvL5d0uj7IKq/5YSWyL6lQKpq5AAzfNkuEOcIh7ffHaBMfpyuDXGDk1BvDDLTWE=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"4737fd744e2551cae9a2bc8884efd7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BwHuM%2B54AZ6F0xbhU%2FTfrl77J9P6b5XpIi3olFeyGSnM0j8RWoXWsAFHq7kT4MT4CBobom%2F8q9tHTFYHz5X%2BGF9F1lUxnJfQJtfUrMW%2FEgsiN2nUc%2BEtf%2Bp0pPbJLy228qz0mFXshzovgcNamQVPaaGK7A8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6dbc3de61aa959ef-MXP

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35DA 13 KB
5 KB 108ms
56ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 08:11:40 GMT
expires: Sat, 11 Feb 2023 08:11:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D2A7 783 B
1 KB 254ms
132ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c7ef33d85d07841d9815004ea610caba2042eae623923ae7055bea414c48650

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O8OcgCZ84iSuWwNdz9cXyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 08:35:05 GMT
date: Fri, 11 Feb 2022 08:35:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-O8OcgCZ84iSuWwNdz9cXyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET getdns.txt
trial-eum-clientnsv4-s.akamaihd.net/eum/ Frame 785F 0
0

GET getdns.txt
trial-eum-clienttons-s.akamaihd.net/eum/ Frame 785F 0
0

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 35DA 35 KB
13 KB 136ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 04:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 04:35:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D2A7 0
0 106ms
105ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020901&jk=3254826342298579&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 35DA 0
9 B 66ms
65ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DVOUjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:35:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 239ms
171ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b13e8dede8341c2b79de97907feaceb4eeeb7746437c77cdba425a545febe2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Fri, 11 Feb 2022 08:35:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjG8OJ8ANjdX6AAkheSrzMpKzkrUzkbPDjqdgzxpy9crYn0XGR8t4tmtbclIETtFacrQdnjyRFytleo72SJRTbmMv1jUIpkttRwvrKI7eZTV1miLXz15IZjY%2BA7Jv3zCwkpIeHKm1MNzP7uh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6dbc3deeff6e5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 550ms
163ms Preflight 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Feb 2022 08:35:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPmGiBz7gJc7d4G8azyx%2FZmC%2FSYcR%2BTwUxM1Yo5rgaxG7KbqVq%2Bv%2FAWEtj6cwKKkgFWGS1X8DTJtyi96FDsU6dO68x89xX7qDFbpss6r%2B2A6RPQOFKuLtdQPofOn9EG7t70gZv7lkUPL2xrP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6dbc3ded8a0883b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
85ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020901&jk=3254826342298579&bg=!TU6lTgrNAAbAtJCDwLQ7ACkAdvg8WjwrGX-0o1gcZg2pobM8epwFb-0BpLSydho8l1NW6LZm9YtoqwIAAACDUgAAAAJoAQeZAssibZr9mY9CBYXHQbGSlgU3vkAjXtZN6ucyuHUxAgyo__eFghejEIJ74ZkPbgSmvmpDSDw6uL1y4ap5tGiE-2P26Wwoy_vaBUnIyagtiQ5arvnfkbRwSg5AtKSsuzPuQwXviGb6Gc86iLudEAdVFy8P2uhBUe3li_iJu-7-fzcDy6Efoe0kxIuj6SOQK5O4zkEfmzHnybsflmBaIJCU1H3flhqp2ci9hlPOc3oQN9zXdJSfFiOro4tlGGTJ4tmIuDolZ653bOwrpQlG410MxV_uxJRoVv9w-M_oi7gMCjL4R2yBTZP30B0NmwNUCwBDQvKtgsURvjCo1H6pl6QM5SvGaQT9b7V6ovbBzwYyzYWQkFsjvxwRjQipY7GZIc-MmHVBJNsGqeg7huD99ugvt3UfhLTNfV0AhG_SHWmNlmHPIIBWxqySNQDMLaGx0n10AENdNFUCvp7r0AJprEDnw9yQuJkQRCRu4VVmr_joHUKaW0lAn3krUDgNvrFpf_xsf152vd3rnrkDv0w-De01ELrQq8GBZtrA1WsxFj0GkvjsM9gY1cyqGEgbC48eGZhvKxkm2qiuqjx7e8B7iL2cuA0lz_eWYkSZ6rt_WbAghQ1WGIKG85s-RJFvskHr6JVqxfp3EJv4H3Yof-vATuXOTzl411UMhFUYcxWBteJyBuefkFQjXYbL3x7Av3MLFOsFkmHN6GnxwosGDj9o0R_W9-2zpTI52sMnAAucB85C3Zft1lJK5egF76aNt-FDEC-OOM27wiEypT5enHtya00HGNdtpQdUTmhR_qiQwJFWtfrnlL8U4XDh5Rs489n_7mBfv08YLnvjahNhmwsqb3taVw1WaxsdUEeJua9XTYbtOnA55TEKoUWdTxp02dhp28kIX0_4lZd8bYupY-IPomcL0ioUjMuK7wUY4yJEm1u3zbpP0pJ5qp5IM_Fub0gb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 08:35:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 110ms
109ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html?utm_campaign=Readbook&utm_medium=email&_hsmi=203593594&_hsenc=p2ANqtz-9Q4rZ2pvGX0ziNZz0yWW0HEFVBuqNZ5nLwmNfaQVEMaQp3FfYL_UsX4OsGpWzJcIssT5zIIUfpagNEvWkjlToZtn-CqA&utm_content=203593594&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trial-eum-clientnsv4-s.akamaihd.net
URL: https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pf2w5q88e

Domain: trial-eum-clienttons-s.akamaihd.net
URL: https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pf2w5q88e

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.email.kharon.com/	1969-12-31 23:59:59	Name: __cfruid Value: 7fa0d9e56eeb48e9b5fd7a3aee014def400a9855-1644568500
.nytimes.com/	1970-01-20 09:35:04	Name: nyt-a Value: crFeB7JeKSwTrzSJ94wNHX
.nytimes.com/	1970-01-20 00:49:50	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 09:35:04	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 00:49:50	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 00:49:50	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 9f5716ef58b940e2ad815e748d314ed5
.et.nytimes.com/	1970-01-20 00:49:30	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 09:35:04	Name: sessionIndex Value: 1\|1644568501633\|crFeB7JeKSwTrzSJ94wNHX\|1644568501633
.google.com/	1970-01-20 05:12:59	Name: NID Value: 511=FxjzbRscR6RID-_FEvtShjMuWK9Y-fXG-eBP4MQff2QOKLWN5igEmzdG3KS0hbimKcJ1hEdateEBHUFbFdVWTft6ORMJd5mOyEuwmvdvW3esobqzRntmvWrId351Pd2BExOef-YZf1Ml2hfFe6CbV8cIht7lF0cCIOpIrZ1R67s
.nytimes.com/	1970-01-20 10:18:58	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-20 00:50:24	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 00:50:24	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 09:35:04	Name: nyt-jkidd Value: uid=0&lastRequest=1644568502953&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1644568502953&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 09:35:04	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-21 20:38:54	Name: nyt-m Value: 24136986DC10B0C133B786B2B1496DAB&imu=i.1&iru=i.1&uuid=s.3bbb6c5d-1763-4609-a4c4-77a3c738f812&vr=l.4.0.0.0.0&ier=i.0&iub=i.0&e=i.1646125200&rc=i.1&pr=l.4.0.0.0.0&fv=i.0&igd=i.0&v=i.0&g=i.0&er=i.1644568503&vp=i.0&igf=i.0&ird=i.0&ira=i.0&ft=i.0&cav=i.1&prt=i.0&iue=i.0&ifv=i.0&imv=i.0&iir=i.0&n=i.2&iga=i.0&t=i.0&igu=i.1&ica=i.0&s=s.core
.doubleclick.net/	1970-01-20 10:11:04	Name: IDE Value: AHWqTUkz9l4YIwbbKeUzIYInfgBy_WaVsBcmQnsvT9iBJRSqUEXRa3GMUE1eUtGMXYA
.nytimes.com/	1970-01-20 10:11:04	Name: __gads Value: ID=f928f67a0b571ec4:T=1644568501:S=ALNI_MY0aHPRbyfppiUarLus46qhVBTj1g
.nytimes.com/	1970-01-20 02:59:04	Name: _gcl_au Value: 1.1.105613393.1644568504
www.nytimes.com/	1970-01-20 10:18:16	Name: _cb_ls Value: 1
www.nytimes.com/	1970-01-20 10:18:16	Name: _cb Value: DKA3kCqXJC1C8iGik
www.nytimes.com/	1970-01-20 10:18:16	Name: _chartbeat2 Value: .1644568504127.1644568504127.1.D4idx7D508CfDTHK6xC3E18wDCHBG3.1
www.nytimes.com/	1970-01-20 00:49:30	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 18:20:40	Name: walley Value: GA1.2.1170823198.1644568502
.nytimes.com/	1970-01-20 00:50:54	Name: walley_gid Value: GA1.2.1403864651.1644568504
.nytimes.com/	1970-01-20 00:49:28	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 00:58:31	Name: nyt-cmots Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2NDQ1Njg1MDQsInNjIjoxNjQ0NTY4NTA0LCJjYSI6MTY0NDU2ODUwNH19fX0=
.et.nytimes.com/	1970-01-20 00:50:54	Name: et-ppvid Value: https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html=4cLGZltQlXbp3-Ulun9NjMCQ
.nytimes.com/	1970-01-20 09:35:04	Name: datadome Value: N6U5IplSLYK0gfDmKq8BvSMwnZh6RW15vaxl.ZekykoTsPRh2IQ0Kic4BhlvOD.MuVaa3aLDy5zj7Y7FMebYP2PvjLXUpgssh386M8RSaV9oWL2Vxn99mN4tLTEWimh
.nytimes.com/	1970-01-20 00:59:33	Name: RT Value: "z=1&dm=nytimes.com&si=803e8761-75dc-4137-abbd-3275b28dcede&ss=kzi5mj68&sl=1&tt=hf&bcn=%2F%2F02179910.akstat.io%2F&ld=ta"
.nytimes.com/	1970-01-23 16:25:28	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MjA2MWZiYTBjMWEyNzAwMDEzNmM1MzMiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQ0NTY4NTA2fQ.YBJz-Y-OKJbMOvYwzHjFL6x2-TihdW23ZolFdlu6lI0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'conversion-measurement'.
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://02179910.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pf2w5q88e' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pf2w5q88e' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b98659c89a34969592256cd3241bfb4.safeframe.googlesyndication.com
5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c.go-mpulse.net
dd.nytimes.com
email.kharon.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
142.250.184.226
142.250.185.230
143.204.215.54
151.101.129.164
151.101.193.164
2600:9000:2057:3e00:18:1fcd:34f:cdc1
2606:2c40::c73c:671d
2606:4700:3032::ac43:c7c7
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:811::2013
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a02:26f0:1700:38a::11a6
2a02:26f0:7100:59a::11a6
2a06:98c1:3121::7
3.33.220.150
35.241.35.241
35.244.188.62
54.80.60.244
0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0c7ef33d85d07841d9815004ea610caba2042eae623923ae7055bea414c48650
0f3358b5032a29237d557fcaefc991ee448decb8873e26b8df2e55aae273363a
130889e683e0ee3368abe694003d87fa57cea5381ac8526aba8cbf34ddc21740
14cbe8919167b2ca004646388716d3499ad0732a848013a2fa7c9cec50e3f8fd
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
1616c4a39098915f70c25b9407fb7f212ddc34e3452987cdaf3cb278d3ce1bb1
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1e7fdbae9fdd99e063a66a615c071474c9ad12bf92bf78f7ca2917c9165d4aed
2238f023c46645d49418f2b51d416eb40ea37a673e605a8d81dac4bf6cd3bc98
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
3211d4dfedcc03a35db563674340c2eaf577749103b651cc90c7ac52eb28541f
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3d4c6c2ce2daec54b1cac1df20f3e5aff5e7f4d679b8fba50feec5a577f5c9d1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22
4375b90b47176a5ea4df51816692a033a241cdcc1298c72af3f4bc1066a7f4ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4680da4b91fb39d747e566e471e11aaec1119bc6885b51ae8e4617387f08af7b
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
516400b3ca3a3a66efd43cac6c3565bd27abe9e4ab2055f76500c106b04cfc2e
51b78847fc20f97854556c421abeefae11b13e7627270e2c6ca78cfef3a90075
53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a4a82eb5dae72f85ec771893734dd11a5276a6f840b56f977b7459ea857cc8
59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54
6b68c45b476a63a4b350de9c265ccd6b028f7100d245da6e5f96261580bbc36e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
79a3da80036d9c9d839deba1c8de367ce680485c8405899568075a36d275b964
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7fa16048a1437655665e53a4b77d6b726798d71de48e360e7cc368c6a20fbbad
858c6197fb6ca62213483f43417c8fe769483de3a152879bdc2d093e80b6d12b
870acf38851bcdfe66ad71d263e8b013e7b534924aa75436eaa854c9cfa94b4b
8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8aa7abb30ea1a313776a78c068f9d524ede0d29ea9e88580265d4f08ae7387ad
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2a77bb30f058f34029ac9b27035c4356b3c8e0cda720132922976d281628b2
8f896b2bcc9fbfa73d461c2acc7517e1c1f472ab09863784a5943e139aabb7fa
94193096daf7c70d7589d5e6ec9720a2cc53fa953fcc0e51f441ae7d48ff835c
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
96fe8f8939ff46fd77bc08b13c83293c36606693332e0deef253a30fe9cd772a
9d8f66c9a96e5d8647470da2b8c34337355168669d1ca1be32a375d862e64d8e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
adf2af53724fd422bf12f2c7793a5ecf4d2094a23a5ce34084f1a2af70c9a300
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
ae93dccc9522592c5fb53683f1da83bbfcd3c5d915078345bae21f18050f2791
b13e8dede8341c2b79de97907feaceb4eeeb7746437c77cdba425a545febe2fc
b235ca07b5dd9d24bf3bac988524d4c851491e0f49e805119b3e0e27e40ef119
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b54aaadb0c8fe79a3322fe3629118551d2cae1add87a6c49b253bc7c916be068
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
bb05445939cf591d0cca9a36ae612856d0533e48d23e18b0bc4abc09b1e585a3
bd92a1b5cc6459dab6c46c368f7edc30ab3f797be9d92b9deb158ef1c44ec401
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
beac94fa29b979bd2237de159d37659f88113cfbf80096360fb1f2088303aadd
c1bca54c0fddc9d8352bf0246f0dc186375c7453ae528cbafa1a7ddcd90c09cb
c219045d17f390c301834f8a5ac05a81188835e6875f0f9d87ae0aa78c31b319
cc57d46a22dac1e66da3d9ff4c3880ab01437f269c161366d8300003679f0481
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2a8d17cbbd4685b0cf37c003b8f2476c709550b586af187fdd92f6603468a59
d92c6d9bbe6822c3f6b21c2484af882177b58f6939d57b0dc6ac19ca3cf8a57e
d99f5154d86578caaf220fa71ff64eb43cbd5af78beb6a24cc3215f8f64779bf
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
e03b3eb5c148f0b6b52ff9a3778dfb86196bee81d48842c65a50a529cf7e06e4
e164ebf119ead586d81312109338af5fb35cb5b5a8eed418739edd2a5c40e18d
e17919e8a49111b87e1c6cd882899c91d61d6ee5114c7b19cce0db412f96bc5c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ddb8ea968e8f1e19b013e4dfaa670fdee1bd4b47c9ab94f7e0957e22c45574
f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda
f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

www.nytimes.com Open in urlscan Pro 151.101.129.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

99 %HTTPS

67 %IPv6

16 Domains

38 Subdomains

28 IPs

2 Countries

2949 kBTransfer

9443 kBSize

32 Cookies

17 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.129.164 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

99 %
HTTPS

67 %
IPv6

16
Domains

38
Subdomains

28
IPs

2
Countries

2949 kB
Transfer

9443 kB
Size

32
Cookies

140 HTTP transactions
0 data transactions