www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nyti.ms/3gIwXyR
Effective URL:
https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Submission: On February 11 via api (February 11th 2022, 10:46:14 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 15 domains to perform 130 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2791.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
28	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
21	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
9	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	65.9.78.79 65.9.78.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:d800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	54.165.183.227 54.165.183.227	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4005:814::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
130	28

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com

nyti.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.78.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-79.ams1.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:d800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.183.227 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-183-227.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4005:814::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2791 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8038 a.et.nytimes.com — Cisco Umbrella Rank: 7547 als-svc.nytimes.com — Cisco Umbrella Rank: 9888 myaccount.nytimes.com — Cisco Umbrella Rank: 10383 dd.nytimes.com — Cisco Umbrella Rank: 9988 meter-svc.nytimes.com — Cisco Umbrella Rank: 9885 purr.nytimes.com — Cisco Umbrella Rank: 9713 a.nytimes.com — Cisco Umbrella Rank: 9275 mwcm.nytimes.com — Cisco Umbrella Rank: 10267	1 MB
18	google.com news.google.com — Cisco Umbrella Rank: 5027 adservice.google.com — Cisco Umbrella Rank: 59 play.google.com — Cisco Umbrella Rank: 32 www.google.com — Cisco Umbrella Rank: 2	69 KB
16	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9180 static01.nyt.com — Cisco Umbrella Rank: 6043 a1.nyt.com — Cisco Umbrella Rank: 8973	573 KB
15	googlesyndication.com 1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	149 KB
13	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 ad.doubleclick.net — Cisco Umbrella Rank: 167 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 11082	215 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	129 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7694 iteratehq.com — Cisco Umbrella Rank: 7120	274 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 8914	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 607	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	38 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9027	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	96 KB
1	nyti.ms 1 redirects nyti.ms — Cisco Umbrella Rank: 163278	291 B
130	15

	Domain	Requested by
19	a.et.nytimes.com	www.nytimes.com
13	www.nytimes.com	www.nytimes.com
10	g1.nyt.com	www.nytimes.com g1.nyt.com
9	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
8	pagead2.googlesyndication.com	tpc.googlesyndication.com www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
8	samizdat-graphql.nytimes.com	www.nytimes.com
7	play.google.com	www.gstatic.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
5	static01.nyt.com	www.nytimes.com
4	www.gstatic.com	news.google.com www.gstatic.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad.doubleclick.net	1 redirects www.nytimes.com
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	news.google.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	nyti.ms	1 redirects
130	36

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
www.whitehouse.gov
www.aljazeera.com
www.floridabulldog.org
www.law.cornell.edu
www.federalreserve.gov
home.treasury.gov
www.usaid.gov
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-01-18` - `2022-04-18`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2022-01-10` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Frame ID: 7FD38C329372EBB3DD85701D36A39A13
Requests: 86 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: DBF1E23729C49FFF92282F897C2ECD97
Requests: 3 HTTP requests in this frame

Frame: https://1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55EBF15D66D04E7F32471579D9F8EDBD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnAm7QhSHmIMKMZkx7aultj1dV7wf_hyKVn_8E_yFqQdhpL47gCQd8afkWWo9Qkqt0JMq1sTP1XArn0pDWQgRfpDlOFvkbm42Ma3iUsNqaTnbS4jZr2mo7CVI_CjK2FJefZxxUwcQ-Y609J9SanZ1aSkBvgqOKiKZc4DubmCVpUy2ITB-REJGPmSIoUyAqR8QvZmcbd-ItsZ27hUE4I8yGWG6wlJf1vgljhy_rlpUrucIsABTSO9MNv2tQTxmP-LeZWnMViIjFvTpf-fQen76Zn4CTBKG98qa9tnFnlG4dW7uY8kZBVWOVF11gPApASh40yVnVMHtRSdSY2U_jtH6y8-YW4P3ys1WpAe9X-g&sai=AMfl-YSQioJFq57DuDIzuwzD7jzGKKzTht8op901LktS2v6B0h6dk0puw2B_8xfEv8o5hvN585uVZGn2HvnWR2WpA-2lRITdQqdDASNeaFbMKtz3VUgvN3dzrHxnz4nxwMg&sig=Cg0ArKJSzDq84GSn8-TiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4EE2F0C405CC0163A5BEC4C82304AE4F
Requests: 10 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456838&publicationId=nytimes.com
Frame ID: 6A35E1BB9F7E0F344CAC7CDC05150986
Requests: 13 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html
Frame ID: C30F03D47C8D9227EB6143FD163C3F36
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 75A485A8BD5D876013BEB8C71C302228
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 999154D03A5B9702A38787A26D29BB34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE2D9CF908CF1DBD7E7BEE883A1FB163
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Biden Moves to Split $7 Billion in Frozen Afghan Funds - The New York Times

Page URL History Show full URLs

https://nyti.ms/3gIwXyR HTTP 301
https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

130
Requests

99 %
HTTPS

61 %
IPv6

15
Domains

36
Subdomains

28
IPs

3
Countries

2942 kB
Transfer

8638 kB
Size

31
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F02%252F11%252Fus%252Fpolitics%252Ftaliban-afghanistan-911-families-frozen-funds.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html%3Fsmid%3Dfb-share&name=Spurning%20Demand%20by%20the%20Taliban%2C%20Biden%20Moves%20to%20Split%20%247%20Billion%20in%20Frozen%20Afghan%20Funds&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Spurning%20Demand%20by%20the%20Taliban%2C%20Biden%20Moves%20to%20Split%20%247%20Billion%20in%20Frozen%20Afghan%20Funds%20https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html%3Fsmid%3Dtw-share&text=Spurning%20Demand%20by%20the%20Taliban%2C%20Biden%20Moves%20to%20Split%20%247%20Billion%20in%20Frozen%20Afghan%20Funds

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/briefing-room/presidential-actions/2022/02/11/executive-order-on-protecting-certain-property-of-da-afghanistan-bank-for-the-benefit-of-the-people-of-afghanistan/
Title: an executive order

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/briefing-room/statements-releases/2022/02/11/fact-sheet-executive-order-to-preserve-certain-afghanistan-central-bank-assets-for-the-people-of-afghanistan/
Title: said it would

Search URL Search Domain Scan URL

URL: https://www.aljazeera.com/economy/2021/8/23/taliban-appoints-central-bank-chief-as-prices-rise-cash-runs-out
Title: appointed their own official

Search URL Search Domain Scan URL

URL: https://www.floridabulldog.org/2021/09/9-11-plaintiffs-move-to-seize-7-billion-in-taliban-assets/
Title: serve the legal department of the Federal Reserve of New York with a “writ of execution”

Search URL Search Domain Scan URL

URL: https://www.law.cornell.edu/uscode/text/50/1702
Title: the International Emergency Economic Powers Act

Search URL Search Domain Scan URL

URL: https://www.federalreserve.gov/aboutthefed/section25b.htm
Title: a provision of the Federal Reserve Act

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/policy-issues/financial-sanctions/specially-designated-nationals-and-blocked-persons-list-sdn-human-readable-lists
Title: a list of people individually penalized as terrorists

Search URL Search Domain Scan URL

URL: https://www.usaid.gov/news-information/press-releases/jan-11-2022-usaid-announces-308-million-humanitarian-assistance-afghanistan
Title: ramped up total American aid to the country by $308 million

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html
Title: Share your thoughts.

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nyti.ms/3gIwXyR HTTP 301
https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CMr5zqnd-PUCFUaSewodoGQIBw;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 73

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request taliban-afghanistan-911-families-frozen-funds.html Show response
www.nytimes.com/2022/02/11/us/politics/
Redirect Chain

https://nyti.ms/3gIwXyR
https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

434 KB
86 KB

61ms
14ms

Document
text/html

151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

433aba2e879109c769525c373b6221be6a29e21acf0aac9aea1e5ec4afc32d4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-b3-traceid: ddaf3f32c2c244dcbb11cdea3ef42307
x-nyt-data-last-modified: Fri, 11 Feb 2022 22:35:22 GMT
last-modified: Fri, 11 Feb 2022 22:35:22 GMT
x-scoop-last-modified: 2022-02-11T16:51:32.668Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1644619117.686798,VS0,VE5
x-origin-time: 2022-02-11 22:38:36 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 11 Feb 2022 22:46:07 GMT
age: 284
x-served-by: cache-lga21980-LGA, cache-hhn4052-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1644619568.718385,VS0,VE7
vary: Accept-Encoding, Fastly-SSL
x-datadome: protected
x-nyt-app-webview: 0
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-nyt-edge-cache: HIT-HIT
content-length: 86516

Redirect headers

cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Fri, 11 Feb 2022 22:46:07 GMT
location: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
referrer-policy: unsafe-url
server: nginx
strict-transport-security: max-age=1209600
content-length: 184

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 39ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 10443801
x-guploader-uploadid: ADPycdvM_HxElX7psfISEsaNQfEgnO2Zgx5cmB4AGrFveWBc7tmn1KIO6XBFRxV4kkQJuoRY7wL5yZmwCuWxcKNne2c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:42:47 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1644619568.786500,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 40426

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 8ms
8ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 799367
x-guploader-uploadid: ADPycdt7N1u3TXrqEqolyEixVireAD33X11igF6PykHVhb86vjb0kSclk_bzlSAwLLP_w7shej3qkYHim6SoJWLiQ9M
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.754459,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 21444
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Wed, 02 Feb 2022 16:43:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1643067836219382
expires: Thu, 02 Feb 2023 16:43:20 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-9cd9aa2ae2d6a53c40af.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-9cd9aa2ae2d6a53c40af.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

51b78847fc20f97854556c421abeefae11b13e7627270e2c6ca78cfef3a90075

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 628192
x-guploader-uploadid: ADPycds74h-eb3hVAituRVSB68QOrIuLRCoV-sZYppX_Yohb1MIWQwexvK55lCyhBelrLqC-jXS6LKhecitp6rW1jcyvC0WukA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:15 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.768514,VS0,VE1
etag: "3eb9e94bc6201c263e6f1ad4947a291c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9cd9aa2ae2d6a53c40af.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 23186
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7237
last-modified: Fri, 04 Feb 2022 16:09:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=W68SaQ==, md5=PrnpS8YgHCY+bxrUlHopHA==
x-goog-generation: 1643990978080103
expires: Sat, 04 Feb 2023 16:16:14 GMT
x-gdpr: 1
x-goog-stored-content-length: 20494
accept-ranges: bytes

GET
H2 200 merlin_195888156_69a23240-6ea0-47a3-806d-37b621aa2b8e-jumbo.jpg
static01.nyt.com/images/2022/02/10/us/politics/10dc-afghan-2ADD/ 91 KB
91 KB 32ms
10ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/02/10/us/politics/10dc-afghan-2ADD/merlin_195888156_69a23240-6ea0-47a3-806d-37b621aa2b8e-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ca3df2ff476381690c2649e56db76122e4f0369d358eaede8d9f6ba39fe922b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 53043
x-guploader-uploadid: ADPycdvXeOcgJT-2QRyj42Fr_e68Z7s_WO6YhaVeAJwbon3l_bUbj9BkI27RXkyMzOBHOhL-JLMAX1XTMJ1KTAYQm-I
x-cache: HIT, HIT
fastly-io-info: ifsz=193992 idim=1024x683 ifmt=jpeg ofsz=92836 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 92836
x-served-by: cache-iad-kiad7000116-IAD, cache-hhn4052-HHN
server: UploadServer
x-timer: S1644619568.801952,VS0,VE1
etag: "C4SGbW4+VIcJdpSxIKHeAlEY08cYM92ayhTfYJ3MiuI"
vary: Accept
x-goog-hash: crc32c=WvAYrg==, md5=ryPuqGogBjLzW/Runvatzw==
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Feb 2022 08:02:04 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 author-charlie-savage-thumbLarge-v2.png
static01.nyt.com/images/2018/06/12/multimedia/author-charlie-savage/ 23 KB
24 KB 15ms
9ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2018/06/12/multimedia/author-charlie-savage/author-charlie-savage-thumbLarge-v2.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9184115457d6393be44476d37b60a5cb518326cd6ec79e24dcc93f16feffa32e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 579045
x-guploader-uploadid: ADPycdscU-oTH6NqtNV4LUYzjlAR-xW1CGGp1OKS29ygqlTLZbKIDYe3f_vft0OIbgEX-dZghkaiQOsImUdjkDp2gno
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 24027
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn4052-HHN
last-modified: Fri, 08 Feb 2019 17:19:27 GMT
server: UploadServer
x-timer: S1644619568.801851,VS0,VE1
etag: "037bc17e5ba0a28e7982807ea964f775"
vary: Origin
x-goog-hash: crc32c=cs4goQ==, md5=A3vBflugoo55goB+qWT3dQ==
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 05:55:22 GMT

GET
H2 200 vendor-6dabc659e9ccac9b6f00.js Show response
www.nytimes.com/vi-assets/static-assets/ 252 KB
77 KB 10ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 799369
x-guploader-uploadid: ADPycduDnWesx7bAVhCWI_idzqcyU7c5llKjbpYGYDtL0I5nFLtonuKjCtCRhu6Olj2WYxubDrVP2sl90vt6au4JYNU
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:18 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.818218,VS0,VE1
etag: "8fc82adba8f7a20303f839ab3c923991"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 30016
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 77827
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Aei76Q==, md5=j8gq26j3ogMD+DmrPJI5kQ==
x-goog-generation: 1643649050257546
expires: Thu, 02 Feb 2023 16:43:18 GMT
x-gdpr: 1
x-goog-stored-content-length: 258452
accept-ranges: bytes

GET
H2 200 story-d917cb6aca65ac6ceb40.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
297 KB 12ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8f896b2bcc9fbfa73d461c2acc7517e1c1f472ab09863784a5943e139aabb7fa

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 107862
x-guploader-uploadid: ADPycdtD6XzyawkDSrcn3eCl0qaKXJfyQbZ4pMZlzc0W5oaSH5K89TJHf_ir3Cm-dvmtODVGGGVlR-t2DAcxwur5p2Y
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-10 16:48:25 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.818490,VS0,VE1
etag: "6e40e1d5a63b60ce336038244d398685"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 27
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 303478
last-modified: Thu, 10 Feb 2022 16:26:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=cMOlbQ==, md5=bkDh1aY7YM4zYDgkTTmGhQ==
x-goog-generation: 1644510398081186
expires: Fri, 10 Feb 2023 16:48:25 GMT
x-gdpr: 1
x-goog-stored-content-length: 1142793
accept-ranges: bytes

GET
H2 200 liveblog-194687107a41dd42b81b.js Show response
www.nytimes.com/vi-assets/static-assets/ 1004 KB
262 KB 17ms
15ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/liveblog-194687107a41dd42b81b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

85a3d8bf0019b29606c7b02c8bfa77129687228e6941e982df35d46c579f42a8

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 169905
x-guploader-uploadid: ADPycdtYcdwAcmk48mS27SXlV0lj4WaPZpRqabyJt62fEy56F0acLMLFhVmOsbdrgwGP32JnXGXto9rv1GL4QcG3_wk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 23:35:32 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.818629,VS0,VE1
etag: "ab6afb04f75d2777221bb69e990286c6"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/liveblog-194687107a41dd42b81b.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 16
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 267522
last-modified: Wed, 09 Feb 2022 23:22:23 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=MmJGXg==, md5=q2r7BPddJ3ciG7aemQKGxg==
x-goog-generation: 1644448943549769
expires: Thu, 09 Feb 2023 23:34:22 GMT
x-gdpr: 1
x-goog-stored-content-length: 1028509
accept-ranges: bytes

GET
H2 200 main-c5ae748151e1a510711c.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
361 KB 16ms
15ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

adf2af53724fd422bf12f2c7793a5ecf4d2094a23a5ce34084f1a2af70c9a300

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 181222
x-guploader-uploadid: ADPycdvCm2ovyJHKEQtrI6khn_95ZJoYiM13h7ucI7aRgSm13Y7rRDlC0Ci5ZVWwgLKmUWgF5YO7TaIxNueIgRUhZSc
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 20:25:46 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.818717,VS0,VE1
etag: "b0791eb5affc086cfda65dd3904d59fb"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-c5ae748151e1a510711c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1153
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 368467
last-modified: Wed, 09 Feb 2022 20:23:36 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=quEuRA==, md5=sHketa/8CGz9pl3TkE1Z+w==
x-goog-generation: 1644438216282658
expires: Thu, 09 Feb 2023 20:25:45 GMT
x-gdpr: 1
x-goog-stored-content-length: 1268174
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 360 KB
96 KB 48ms
22ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a36e378e6e48f6527743e123bcf30060cbbef5bab0bf1b40c3b4372547193d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97871
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 80ms
16ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e15bb9ac92851b5059819f5dd67a1e74/3656467664718846261
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 22:46:07 GMT
age: 861
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: bd8377ff94fd9f94
x-served-by: cache-cdg20765-CDG
x-cache: HIT
x-cache-hits: 16
x-timer: S1644619568.876496,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 155ms
105ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
826 B 8ms
7ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 609c0dfa9bfdcd00-2c21d6be73cf6a7b-1
age: 7
x-cache: HIT
samizdat-x-instance: 074cdec2
x-samizdat-query-field-errors: 0
x-cache-hits: 1
x-samizdat-query-exe-id: ff6573d5c56ede75
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644619568.890884,VS0,VE1
x-nyt-region: BY
x-served-by: cache-hhn4052-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 609c0dfa9bfdcd00-2c21d6be73cf6a7b-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 143 KB
45 KB 51ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45355
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 18:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 23:27:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 76ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

b85a8522b694640eedc3984d83f84afb72c1cbc688c9602a4a676d05cbc854af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27260
x-xss-protection: 0
server: sffe
etag: "1129 / 807 of 1000 / last-modified: 1644581237"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Feb 2022 22:46:07 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
3 KB 299ms
249ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F91083103-7bc7-556e-afeb-4e893f88ade4&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 54340101600d59539c651598450bec2af3fe83fabb98dcb67976f492b6b5a45f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
2 KB 22ms
20ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 799370
x-guploader-uploadid: ADPycdtcWi95J9FFULKih-12kcMa009LHfRmLsgkwjO9nqGo0WhHgdDqzMXK8C2FRtvJqjeav_7wGzjTJOsaIejqORA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:17 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.831496,VS0,VE1
etag: "f5e6ba8f0613f5244e1e8ba2c4f8dd1a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
content-type: image/svg+xml
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 13019
date: Fri, 11 Feb 2022 22:46:07 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 645
last-modified: Wed, 02 Feb 2022 16:43:04 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=GTQy+Q==, md5=9ea6jwYT9SROHouixPjdGg==
x-goog-generation: 1643067836495501
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 1162
accept-ranges: bytes

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 36ms
9ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11055832
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644619568.857564,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8361

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 36ms
10ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1548145
x-guploader-uploadid: ADPycdvZ-dNoU8ZbbF5veh7_wpjYLjdrCt2r7UDuhUc0s4sCqc_Qxe5-FAkovtwyxARj1-Y8dpJzZu_PlzmY43RY5w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Wed, 25 Jan 2023 00:43:42 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644619568.857651,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8272

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 36ms
9ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8027506
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644619568.857729,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5675

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 35ms
9ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7425390
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1644619568.857806,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3562

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 49ms
22ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 686743
x-guploader-uploadid: ADPycdvfBqqMROzpVlne3PkDbgl-yXu2aizDnQdtARIqTfTTIhwveau54361BWjPTxco1mpMBkcC0nMbcaaTrySlx4M
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Sat, 04 Feb 2023 00:00:24 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644619568.857978,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7279

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 34ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2156789
x-guploader-uploadid: ADPycduqaMXBgRcn7MaFE0xauF1LRpBsw12QO0GlqFvN8l8TjEYXxEFWI2i9FV13QZWYXeF0729D8DVFmoxY7aqUiOCBWzXN7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:39:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644619568.857884,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3480

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 48ms
22ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1281206
x-guploader-uploadid: ADPycdt57UDj0w-D-m5qHPt3GAvcuR5pNF06eirUU2sMnIic4_mbMoEZ3BONMGV1y2hG0YQ1Sod3cCTngaDoga3NJpC7b9Vrvw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Sat, 28 Jan 2023 02:52:41 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644619568.858123,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5039

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 48ms
22ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8622506
x-guploader-uploadid: ADPycdsPgT4lcseauEpJLQy0Zsg30Moickqr1VqZgSIgCB1QoXGXeqKooxxgUjtaoY-NEecarL-ob9XvEbblsldRDB3zOZzgsw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Fri, 04 Nov 2022 03:37:39 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644619568.858144,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984460387
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7981

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame DBF1 393 B
706 B 15ms
7ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

94193096daf7c70d7589d5e6ec9720a2cc53fa953fcc0e51f441ae7d48ff835c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

x-powered-by: Express
x-datadog-trace-id: 4037008806992425249
x-datadog-parent-id: 4037008806992425249
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-nyt-backend: lire-ui
content-encoding: gzip
x-cloud-trace-context: 685539aec10cf2d16ac900fd57acf809
server: Google Frontend
cache-control: public, max-age=600
etag: W/"189-FZQuefnmRjgB45y+BAIEbCHSQlE"
content-type: text/html; charset=utf-8
x-datadome-timer: (null),VE18
accept-ranges: bytes
date: Fri, 11 Feb 2022 22:46:07 GMT
via: 1.1 varnish
age: 69
x-served-by: cache-hhn4052-HHN
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
x-api-version: F-X
content-length: 276

GET
H2 200 pubads_impl_2022021001.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
120 KB 8ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122668
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:35:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 11:50:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
371 B 32ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:46:07 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 22:59:07 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 13ms
7ms Other
image/svg+xml 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 23:06:04 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame DBF1 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: gzip
x-api-version: F-X
age: 69
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 1252
x-served-by: cache-hhn4052-HHN
expires: Fri, 11 Feb 2022 10:50:53 GMT
server: envoy
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 48b4bee36e6608ba88b4a4ff1a1ff2cb
cache-control: public, max-age=600
x-datadome-timer: (null),VE383
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 1

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame DBF1 410 KB
139 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=e0b3e20
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:07 GMT
content-encoding: gzip
x-api-version: F-X
age: 68
x-cache: HIT
x-cache-hits: 1
content-length: 141763
x-served-by: cache-hhn4052-HHN
server: Google Frontend
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 443f0d6830ec80b540ab9900512a7b64
cache-control: public, max-age=600
x-datadome-timer: (null),VE159
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 09 Feb 2022 18:45:36 GMT

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js Show response
www.nytimes.com/vi-assets/static-assets/ 46 KB
16 KB 10ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4680da4b91fb39d747e566e471e11aaec1119bc6885b51ae8e4617387f08af7b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 628171
x-guploader-uploadid: ADPycdsK1WQUDy5ebEZtwlD0t4tsFZsUMvs1f-sHsS620M55dTgIFvc4JC2Sv7Tep6xoQQkR5ORBDhjny4vdTdMCuXiFuILAjg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:36 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.084453,VS0,VE1
etag: "22fb86dadd1d1e60c94bffe9c522a94a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 22115
date: Fri, 11 Feb 2022 22:46:08 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14705
last-modified: Fri, 04 Feb 2022 16:09:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=dcN4NQ==, md5=IvuG2t0dHmDJS//pxSKpSg==
x-goog-generation: 1643990980186724
expires: Sat, 04 Feb 2023 16:16:36 GMT
x-gdpr: 1
x-goog-stored-content-length: 47594
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 10ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 799371
x-guploader-uploadid: ADPycdsLPGEWnRwNr1RiN9NUWeMzwvEOD0zG30LcMJm-vufKKjQNiwlXZR6NpX1hDJ9yunqgzOTS5YOPz1M_MDbBj5M
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:18 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.084609,VS0,VE1
etag: "46159ad0cb7de89c83fc59e9dc0d61f9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 23709
date: Fri, 11 Feb 2022 22:46:08 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13291
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=goxv5A==, md5=RhWa0Mt96JyD/Fnp3A1h+Q==
x-goog-generation: 1643599221364533
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 68853
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
5 KB 10ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 799372
x-guploader-uploadid: ADPycdsnWTc16IfNcbCOV9edN4UxAYEIRRoeRaL74NBUuuv3s7pwCV0ffyg_XDjcAQK8SYGXP-6s8ma4IDmPLEQBA_k
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:17 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619568.084703,VS0,VE1
etag: "e4469edf0dfca6f7845a13a7b325dd05"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 24648
date: Fri, 11 Feb 2022 22:46:08 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5012
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=uxXxow==, md5=5Eae3w38pveEWhOnsyXdBQ==
x-goog-generation: 1643756617957502
expires: Thu, 02 Feb 2023 16:43:16 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
57 B 100ms
100ms Fetch
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 148ms
148ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 234 KB
43 KB 111ms
15ms Script
text/javascript 65.9.78.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-79.ams1.r.cloudfront.net

Software

Apache /

Resource Hash

392c6aafee7e281e0a53cb50a51d3e36947bb6ffe267894ccab29cb191398668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:08:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2259
x-cache: Hit from cloudfront
content-length: 43241
access-control-allow-origin: *
last-modified: Fri, 11 Feb 2022 09:29:28 GMT
server: Apache
etag: "3a691-5d7bab413e379-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfec.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: rwcUZcc7sQ6zI58NVeRxIIsu4FEdeN-naI1zPblicZeC2Rz0a52HPw==
expires: Fri, 11 Feb 2022 23:08:29 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 60 KB
23 KB 8ms
8ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1610
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23078
x-xss-protection: 0
server: cafe
etag: 14764030400761178073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:19:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 78ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 144ms
144ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118158768529839&correlator=328590666551520&output=ldjh&eid=31064848%2C31064538%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D450&cust_params=als_test_clientside%3Dweb_none_none_high_v3-1-21.441422221900562248_20220211224608%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644606351322%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26per%3Dbidenjosephrjr%26org%3Dtaliban%252Cdaafghanistanbank%26geo%3Dafghanistan%26des%3Dassetsfrozen%252Cbankingandfinancialinstitution%252Chumanitarianaid%252Cseptember112001%252Cterrorism%252Cpoliticsandgovernment%252Ceconomicconditionsandtrends%252Cunitedstatesinternationalrelat%26auth%3Dcharliesavage%26coll%3Dworldnews%252Casiapacific%252Cbusiness%252Cusnews%252Cuspolitics%26artlen%3Dlong%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008198386%26pt%3Dnt1%252Cnt13%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cpt17%252Cpt20%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_citi_aa%252Cneg_ibm%252Cneg_chanel%252Cneg_capitalone%252Cneg_ms_safe%252Cneg_hearts%252Cneg_orep%252Cneg_rolex%252Cneg_mtb%252Cneg_cathay%252Cneg_bp%252Cneg_mktg_safe_q4_2019%252Cgs_law_misc%252Cgs_law%252Cneg_sabic%252Cneg_aramco%252Cneg_cme%252Cgv_terrorism%252Cgs_finance_banking%252Cgs_finance%252Cgs_economy%252Cgs_politics_misc%252Cgs_tech_cameras%252Cgs_t%26is_viral%3Dhigh%26tt%3D4%26mt%3DMT3%252CMT7%26abra_dfp%3Ddfp_disp_incr_1_test%252Cdfp_prebid_0521_5_mnet_in_prebid%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%26sov%3D1%26page_view_id%3DMvmz8hG4tmpFoTDTxSUu9Qgw%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D17p0Oa79c2RpU8BuYpWmHV&cookie_enabled=1&bc=31&abxe=1&dt=1644619568196&lmt=1644618922&dlt=1644619567734&idt=437&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=76&adks=1133286891&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&rumc=118158768529839&rume=1&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=1345357856.1644619568&ga_sid=1644619568&ga_hid=1172615334&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e46cc156de5b091b0b4ae2d7be6a1bc06b5d8e7017ad56ebb08cbc601f503c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10720
x-xss-protection: 0
google-lineitem-id: 5901499407
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379352426
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55EB 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 11 Feb 2022 22:46:08 GMT
expires: Sat, 11 Feb 2023 22:46:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 16ms
16ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e15bb9ac92851b5059819f5dd67a1e74/3656467664718846261
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 22:46:08 GMT
age: 862
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: afec39ffae11bd4e
x-served-by: cache-cdg20765-CDG
x-cache: HIT
x-cache-hits: 17
x-timer: S1644619569.578378,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 16ms
16ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e15bb9ac92851b5059819f5dd67a1e74/3656467664718846261
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 22:46:08 GMT
age: 862
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: a9de3083609b182f
x-served-by: cache-cdg20765-CDG
x-cache: HIT
x-cache-hits: 18
x-timer: S1644619569.593463,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 16ms
16ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e15bb9ac92851b5059819f5dd67a1e74/3656467664718846261
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 11 Feb 2022 22:46:08 GMT
age: 862
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: a7832d3ab002ce7d
x-served-by: cache-cdg20765-CDG
x-cache: HIT
x-cache-hits: 19
x-timer: S1644619569.623828,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 105 B
470 B 135ms
135ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 22:46:08 GMT
via: 1.1 google, 1.1 varnish
x-nyt-meridiem: PM
x-b3-traceid: 6d9c41de8da04c689567bfe861f3983c-7bb563ef33fe4fb0-1
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
x-cache: MISS
x-cloud-trace-context: 5725ea55ca39a2ba6cdc8d60385506d5/5856871734928541293;o=1
samizdat-x-instance: 9460aa6e
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: c290a2c1ea1ff25d
content-length: 105
samizdat-x-canary: false
x-graphiti-gateway: 5497761c
last-modified: Fri, 11 Feb 2022 22:46:07 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644619569.591360,VS0,VE128
x-nyt-continent: EU
x-served-by: cache-hhn4052-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 6d9c41de8da04c689567bfe861f3983c-7bb563ef33fe4fb0-1
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 642 B
1 KB 252ms
200ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&pageviewID=Mvmz8hG4tmpFoTDTxSUu9Qgw
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: b93348a5701fff98f2e322ad770d952784130c04d2c0bd00b76858bb0f81c12c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 642

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
723 B 112ms
112ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 39a88e6cd23ea517-3da03f5baa5afb79-1
age: 0
x-cache: MISS
samizdat-x-instance: 1d50023a
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 703ae22077249e3a
content-length: 77
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644619569.606346,VS0,VE101
x-nyt-region: BY
x-served-by: cache-hhn4052-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 39a88e6cd23ea517-3da03f5baa5afb79-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 187ms
186ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 5e951e48cc94173cb64339113acf7321fdb588b4612331331d8b4b4a2a3c3937

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 330e58fc3a0402e3-8c6757fbbaa4716-0
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 24dcfc59
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 8539a9ab0ff62a48
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Fri, 11 Feb 2022 22:46:08 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644619569.637585,VS0,VE164
x-nyt-region: BY
x-served-by: cache-hhn4052-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 330e58fc3a0402e3-8c6757fbbaa4716-0
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-0aca512b1f6ff9f3d6fe.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
15 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-0aca512b1f6ff9f3d6fe.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e17919e8a49111b87e1c6cd882899c91d61d6ee5114c7b19cce0db412f96bc5c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 760107
x-guploader-uploadid: ADPycduGtdbsWKsV2AGbtwyTCIJT3mQefJwryX7IVC65ja8_EZjxPVwMq7V11DYoDvBwpji7ztMA3fauaJHOjffY0ss
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-03 03:37:40 UTC
x-served-by: cache-hhn4052-HHN
x-timer: S1644619569.628500,VS0,VE1
etag: "e4e464994e06176f291d228ccbd82979"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-0aca512b1f6ff9f3d6fe.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18225
date: Fri, 11 Feb 2022 22:46:08 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14990
last-modified: Tue, 01 Feb 2022 15:32:52 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Vzeurw==, md5=5ORkmU4GF28pHSKMy9gpeQ==
x-goog-generation: 1643389437608740
expires: Fri, 03 Feb 2023 03:37:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 51109
accept-ranges: bytes

GET
H2 200 requestHandler Show response
www.nytimes.com/svc/community/V3/ 3 KB
4 KB 9ms
8ms Script
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&cmd=GetCommentSummary&method=get&callback=jsonp_1644619568670_33602

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a5af7e69064d38b2be97be641c0b6ae821fe033159762177ddd5c8fc1592295c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 53
x-cache: HIT
x-origin-time: 2022-02-11 22:45:15 UTC
x-served-by: cache-hhn4052-HHN
server: nginx
x-timer: S1644619569.672943,VS0,VE1
strict-transport-security: max-age=63072000; preload; includeSubdomains
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/svc/community/V3/requestHandler?callback=<esi:include%20src="/esi/jsonp-callback"/>&cmd=GetCommentSummary&method=get&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html
content-type: application/json
x-gdpr: 1
access-control-allow-credentials: true
x-nyt-route: community-svc-cacheable
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-nyt-edge-cache: HIT
x-nyt-app-webview: 0
x-cache-hits: 1

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 167ms
116ms Fetch
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 43acb959aed2c680111096c5fbc13a4f
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Fri, 11 Feb 2022 22:46:08 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 165ms
128ms XHR
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&jkcb=1644619568672
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9a8008be9b34ef86bbdc2f284257d8f27688416c07647a13b1c8813eddd1957b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: e06e1c7dc38198f6a7a4529f8bd5b373
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 1131
expires: Fri, 11 Feb 2022 22:46:08 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
112ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 417 B
251 B 45ms
44ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118158768529839&correlator=328590666551520&output=ldjh&eid=31064848%2C31064538%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D934&cust_params=als_test_clientside%3Dweb_none_none_high_v3-1-21.441422221900562248_20220211224608%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644606351322%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26per%3Dbidenjosephrjr%26org%3Dtaliban%252Cdaafghanistanbank%26geo%3Dafghanistan%26des%3Dassetsfrozen%252Cbankingandfinancialinstitution%252Chumanitarianaid%252Cseptember112001%252Cterrorism%252Cpoliticsandgovernment%252Ceconomicconditionsandtrends%252Cunitedstatesinternationalrelat%26auth%3Dcharliesavage%26coll%3Dworldnews%252Casiapacific%252Cbusiness%252Cusnews%252Cuspolitics%26artlen%3Dlong%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008198386%26pt%3Dnt1%252Cnt13%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cpt17%252Cpt20%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_citi_aa%252Cneg_ibm%252Cneg_chanel%252Cneg_capitalone%252Cneg_ms_safe%252Cneg_hearts%252Cneg_orep%252Cneg_rolex%252Cneg_mtb%252Cneg_cathay%252Cneg_bp%252Cneg_mktg_safe_q4_2019%252Cgs_law_misc%252Cgs_law%252Cneg_sabic%252Cneg_aramco%252Cneg_cme%252Cgv_terrorism%252Cgs_finance_banking%252Cgs_finance%252Cgs_economy%252Cgs_politics_misc%252Cgs_tech_cameras%252Cgs_t%26is_viral%3Dhigh%26tt%3D4%26mt%3DMT3%252CMT7%26abra_dfp%3Ddfp_disp_incr_1_test%252Cdfp_prebid_0521_5_mnet_in_prebid%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%26sov%3D1%26page_view_id%3DMvmz8hG4tmpFoTDTxSUu9Qgw%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D17p0Oa79c2RpU8BuYpWmHV%26bt%3D%26typ_materials%3D%2523news%2523&cookie_enabled=1&bc=31&abxe=1&dt=1644619568920&lmt=1644618922&dlt=1644619567734&idt=437&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1723209830&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&rumc=118158768529839&rume=1&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&ga_vid=1345357856.1644619568&ga_sid=1644619568&ga_hid=1172615334&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

33df2a051de6d231b8c623a1ae6dade1834dd8729784b7ea1ea8230e8ca450e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 00dc-dabank-top-jumbo.jpg
static01.nyt.com/images/2022/02/09/multimedia/00dc-dabank-top/ 72 KB
72 KB 8ms
8ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/02/09/multimedia/00dc-dabank-top/00dc-dabank-top-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5111f851dba7d41bc1aecaee24753d66a368f9457851ec1dff850ee7adeeb601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 53047
x-guploader-uploadid: ADPycdsi9_vESaVb8jiePg1tAq-b4sRkcc7rHTC3qM4ovzCys-_gJEYxUdDrVlEzIgqA35T7XTWm-xqSXXO-G6mF1YA
x-cache: HIT, HIT
fastly-io-info: ifsz=153841 idim=1024x683 ifmt=jpeg ofsz=73416 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 73416
x-served-by: cache-iad-kcgs7200063-IAD, cache-hhn4052-HHN
server: UploadServer
x-timer: S1644619569.931842,VS0,VE1
etag: "kUs0CSsXjYqxTsmuHkMb2yuPO4YAtrgUBlV93zUOsaE"
vary: Accept
x-goog-hash: crc32c=Vw8XRg==, md5=YWNiaN4Nxdosprhf0cfHmA==
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Feb 2022 08:02:01 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EE2 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnAm7QhSHmIMKMZkx7aultj1dV7wf_hyKVn_8E_yFqQdhpL47gCQd8afkWWo9Qkqt0JMq1sTP1XArn0pDWQgRfpDlOFvkbm42Ma3iUsNqaTnbS4jZr2mo7CVI_CjK2FJefZxxUwcQ-Y609J9SanZ1aSkBvgqOKiKZc4DubmCVpUy2ITB-REJGPmSIoUyAqR8QvZmcbd-ItsZ27hUE4I8yGWG6wlJf1vgljhy_rlpUrucIsABTSO9MNv2tQTxmP-LeZWnMViIjFvTpf-fQen76Zn4CTBKG98qa9tnFnlG4dW7uY8kZBVWOVF11gPApASh40yVnVMHtRSdSY2U_jtH6y8-YW4P3ys1WpAe9X-g&sai=AMfl-YSQioJFq57DuDIzuwzD7jzGKKzTht8op901LktS2v6B0h6dk0puw2B_8xfEv8o5hvN585uVZGn2HvnWR2WpA-2lRITdQqdDASNeaFbMKtz3VUgvN3dzrHxnz4nxwMg&sig=Cg0ArKJSzDq84GSn8-TiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 22:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 22:46:08 GMT

GET
H3

200

B27144004.327228120;dc_pre=CMr5zqnd-PUCFUaSewodoGQIBw;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame 4EE2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CMr5zqnd-PUCFUaSewodoGQIBw;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_r...

13 KB
10 KB

51ms
36ms

Script
text/javascript

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CMr5zqnd-PUCFUaSewodoGQIBw;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

8b8939a6b84bd6a50161b75cc8cfe071ad29187ddc03f4738a5ca7912ab13c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9882
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_pre=CMr5zqnd-PUCFUaSewodoGQIBw;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EE2 124 KB
38 KB 66ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 22:46:09 GMT

GET
H2 200 1930789213581013484
tpc.googlesyndication.com/simgad/ Frame 4EE2 73 KB
74 KB 43ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1930789213581013484?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6031c5d0ea02c8d8e39781fe0659f55a3414203fa9bbc671e4349d5607f5684d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 01:04:44 GMT
x-content-type-options: nosniff
age: 250885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74847
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 17:37:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 01:04:44 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 108ms
108ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 6A35 24 KB
8 KB 78ms
77ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=456838&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99514e25ab6b5306ba58bf43ac4eda3482b20c7b7c14bae686d46252a4b3e99d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vpWhmvBnN/sMJuzF4hi6pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-vpWhmvBnN/sMJuzF4hi6pw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Feb 2022 22:46:09 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-security-policy: script-src 'report-sample' 'nonce-vpWhmvBnN/sMJuzF4hi6pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-vpWhmvBnN/sMJuzF4hi6pw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
564 B 56ms
28ms XHR
application/json 65.9.78.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-79.ams1.r.cloudfront.net
Software: DataDome /
Resource Hash: d6155801090b63abef3da53856914e7b2825c5345c91f372b331e8b870124c9d

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: nxo3602pLULipIwfUzvm4uREcmOKSONQxRtr-DZGUcIPLTCsGFVx3g==
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4275
date: Fri, 11 Feb 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 23:34:54 GMT

GET
H3

200

activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fu... Show response
5290727.fls.doubleclick.net/ Frame C30F
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2F...

600 B
415 B

31ms
31ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

40b25d197fa0ff3f2f2c321ca5cf97d9b09d83138b574f6f20eb5b33e8c86218

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 22:46:09 GMT
expires: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 22:46:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 85ms
15ms Script
application/x-javascript 2600:9000:2104:d800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 21:04:00 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 6129
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 cfe504a64f6a3eed0237f039e09f6184.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: A3obl_YLWW9Aslk9tRPMby_2dp1rjR3AI3cfPU8RlOOLkwsWerlnFw==
expires: Fri, 11 Feb 2022 23:04:00 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
651 B 18ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
content-type: application/javascript
age: 67652
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1644619569.189990,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 4045

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
111ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 112ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=510793006
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 76 KB
16 KB 1010ms
1000ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 39e1f9eb6a8b97a1d6c380532b1db412d0c0033ca598a2f3943e0f0f9c32f196

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:10 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4052-HHN
expires: Fri, 11 Feb 2022 22:46:10 GMT
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_all_Monthly-Sale-dock","gateway":"MAG_web_nonsub_all_monthly-sale","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1644619569.199185,VS0,VE990
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 897f76fe8a167244e7ec2cb1e0fd5e68
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date: Fri, 11 Feb 2022 22:46:09 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1548196
x-guploader-uploadid: ADPycdsyItafITt899tjoGrTFci3zTjcHcB19oKXcyINFZsQppgsy_DGPeJLRkooqvpLmJ5ou3aeXTJTS7ni6bbrEmA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20212
x-served-by: cache-hhn4065-HHN
accept-ranges: bytes
expires: Wed, 25 Jan 2023 00:42:52 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644619569.246881,VS0,VE0
etag: "abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984010934
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20212
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5196

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 6A35 0
24 B 31ms
30ms Other
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-danEPbO9ieTTPeG5+F9bJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-danEPbO9ieTTPeG5+F9bJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456838&publicationId=nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-danEPbO9ieTTPeG5+F9bJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-danEPbO9ieTTPeG5+F9bJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4EE2 41 KB
15 KB 100ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27144004.327228120;dc_trk_aid=519534157;dc_trk_cid=165518416;ord=1994989670;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 10:06:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EE2 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtcNp1833Fk3pYwlAHDFnMjokm8HkmX_AXBIu5Fhy6JXEqBMiIt0uUTogQcgTQr6aJtnPpmjlzQoTWxz4CuSyLg4kwJ1PpcF4tP8EHo4PD03dfs5S2hvGTZZOxG-5M-kYa-msyn3ydICt_fFie8ejFIH_FtFV7NlD1Is8Qy-IXoTSrH7vg128i_rje-_sQHsz5ijAZyVbUdfy-EBsVH0Nl82seJIBRNiTBY5_yqXiBdhra0w8S_pg0X7aPHLyh_UdScFwlwkH9_PL7_ncQdmKjFNDgZ1-DgSNrpcXzb2B26pJE3JinIL7_QbHqHgkN4sJodTo&sai=AMfl-YT2v-I9MXRY8Vlzi_fyCPNBa1pEF8uFU54oomEEraDTVCbuJPGo6H2a4rg5ErUzKibm4wnX5KDxUJvHY4Q9QgtF74nN3J7Oukm6amDDMa8Q2Cyiivr5yxVuKl1fq6k&sig=Cg0ArKJSzCht5PGRt3cUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 22:46:09 GMT

GET
DATA 200
OK truncated
/ Frame 4EE2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0421eef6822a157138a2085b8b550571cd7d3f6e12a802c80727430a0af24bdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 6A35 21 KB
6 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456838&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 22:59:07 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 6A35 162 KB
57 KB 72ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6LBehlpRpJcrpNoiPKbBsre1-RZA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456838&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e876fe3f68a6232e713b43dc97f51f2de9b821691321bd05cf1759164a069b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58029
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:34:44 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 310ms
101ms Image
image/gif 54.165.183.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&u=D0cnu_CwPGy3BDBr9C&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Charlie%20Savage&n=1&f=00001&c=0&x=0&m=0&y=1735&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1938&t=dgA25nut81_rGn0B_YxwJDX1dJE&V=129&i=Spurning%20Demand%20by%20the%20Taliban%2C%20Biden%20Moves%20to%20Split%20%247%20Billion%20in%20Frozen%20Afghan%20Funds&tz=0&_acct=anon&sn=1&sv=Bw8oZgCl7O0yC_HP5kk3a3jDqMYSJ&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.183.227 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-183-227.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1172615334&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&dr=&ul=en-us&de=UTF-8&dt=Biden%20Moves%20to%20Split%20%247%20Billion%20in%20Frozen%20Afghan%20Funds%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=2101766842&gjid=1636304303&cid=1345357856.1644619568&tid=UA-58630905-2&_gid=1171827810.1644619569&_r=1&gtm=2wg290P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html&cd3=&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000008198386&cd18=Charlie%20Savage&cd19=Spurning%20Demand%20by%20the%20Taliban%2C%20Biden%20Moves%20to%20Split%20%247%20Billion%20in%20Frozen%20Afghan%20Funds&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2022&cd27=2022-02-11-03&cd28=Friday&cd29=03&cd30=1644598292668&cd32=World%20News%2CAsia%20Pacific%2CBusiness%2CU.S.%20News%2CU.S.%20Politics&cd33=SECTION%2CSECTION%2CSECTION%2CSECTION%2CSECTION&cd34=NEWS&cd36=10dc-afghan&cd37=1904&cd38=Washington&cd42=nyt-vi&cd43=Assets%2C%20Frozen%2CBanking%20and%20Financial%20Institutions%2CHumanitarian%20Aid%2CSeptember%2011%20(2001)%2CTerrorism%2CPolitics%20and%20Government%2CEconomic%20Conditions%20and%20Trends%2CUnited%20States%20International%20Relations&cd44=Taliban%2CDa%20Afghanistan%20Bank&cd45=Biden%2C%20Joseph%20R%20Jr&cd46=Afghanistan&cd48=February&cd49=heave_over_1600&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=17p0Oa79c2RpU8BuYpWmHV&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=17p0Oa79c2RpU8BuYpWmHV&z=1680620441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A35 15 KB
16 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456838&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 279568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 17:06:41 GMT

GET
H3 200 dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghani...
adservice.google.com/ddm/fls/z/ Frame C30F 42 B
63 B 65ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CID92Knd-PUCFV9CHQkdj_cFrg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=6786743380667;gtm=2wg290;auiddc=1596037928.1644619569;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F02%2F11%2Fus%2Fpolitics%2Ftaliban-afghanistan-911-families-frozen-funds.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 75A4 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 10:06:25 GMT
expires: Fri, 10 Feb 2023 10:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 131984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1... Frame 6A35 37 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1.O/am=GAAg/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4xQe5psekVy0lHpNDkAjkWP8QpVg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6LBehlpRpJcrpNoiPKbBsre1-RZA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c5b42f5de966f4b7f36b27553ff14509dcfe996fd80069c52cd8e80e56edbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:38 GMT

GET
H3 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1... Frame 6A35 104 KB
35 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1.O/am=GAAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4xQe5psekVy0lHpNDkAjkWP8QpVg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec3c7d2337cca3c67a003cbc8ba3969b01659289f531874b4a5792b279a9b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36025
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:38 GMT

GET
H2 200 PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js Show response
pagead2.googlesyndication.com/bg/ Frame 75A4 35 KB
14 KB 56ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 20:27:55 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4EE2 60 KB
23 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1611
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23078
x-xss-protection: 0
server: cafe
etag: 14764030400761178073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:19:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4EE2 0
327 B 862ms
287ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kzj011ei&chm=1&c=118158768529839&ctx=2&qqid=CL6Knqnd-PUCFVrRuwgdk4YPGg&met.4=fb.2~lb.aw~ol.ee~idt.-95~dt.-la&met.3=735.b4_1~740.b6~374.d8~734.dq~113.ex_3~112.ex_4&met.1=1.kzj010zm~14.0~15.0~16.0~17.0~18.0~19.0~20.ed~21.ed~22.6q~23.6q&met.7=CCIQBBgBIAMoAzAwOC1oBHAveKwCsAEBuAED~CBsQChgBIAQoZDCZATiVAVBkWHNgZGhzcJcBeMZPgAGaTYgBzGeQAQSYAUSwAQG4AQM~CCoQChgBIAQoBDBOOEo~CBcQBhgBIAQoBDA7ODdABUgSUBJYKGAYaChwL3iLywSAAd_IBIgB38gEsAEBuAED~CCcQChgBIO0CKO0CMNMDOGZQ7QJYyANg7QJoyQNw0AN4k3mAAed2iAGKxQKwAQG4AQM~CCIQBBgBIIcDKIcDMLMDOCxohwNwsgN4rAKwAQG4AQM~CCcQBRgBINoDKNoDMOMDOAlo2wNw4gN490OAActBiAHqsgGwAQG4AQM~CCgQChgBIIsEKIsEMJQEOAloiwRwkgR40rYBgAGmtAGIAd3eA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 6A35 422 B
320 B 48ms
48ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-5112445862777963669&bl=boq_subscribewithgoogleclientserver_20220210.11_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=81970&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afae62a1b2289b9f6f16e848e6a29c876c7c0b9bcc30656268718cdef14258e6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1... Frame 6A35 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1.O/am=GAAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4xQe5psekVy0lHpNDkAjkWP8QpVg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550d600e503aeee5863408aaf3c4495dee30466665e9789b91d3a020d0ffca68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7250
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:39 GMT

POST
H2 200 log Show response
play.google.com/ Frame 6A35 131 B
672 B 67ms
17ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:46:09 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6A35 131 B
155 B 31ms
16ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
14ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 11 Feb 2022 22:46:09 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6A35 131 B
155 B 31ms
17ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
14ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 11 Feb 2022 22:46:09 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6A35 131 B
155 B 32ms
18ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:46:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
15ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 11 Feb 2022 22:46:09 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75A4 0
20 B 58ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3l3CMecGYt65Bcu6gAev-ZnwBgAAAAA4AeAEAg&bg=!FRalFlLNAAbAtJCDwLQ7ACkAdvg8WjLsElyDQovbJpFYYS87qzHFGPxJfvdX54LeSLFgEZfMQCs0GAIAAABoUgAAAANoAQeZAvQmiRt1LE-NLexAWJe4vSlrzhf8k_Qfm4iFjvFejlj4MNUirK0oS0Sm4pFkGzI34sDr8QFitrJ6WZhz4HOWaY2y34m--SEH5kTnYtIWP-7ae5Xf1t2ruVOf9AgUDT8DcHo-lBFNRGGqaQ0tKG8so93_Q2-xyJxantCm08mHGOQ9wNLcAA6gCy4NmFkw2180vUVGyo-wkE6P1PK90DpNebraUOzcKOUxDye1FvQMWoy5tJmVuSsjbQCFk_W1nl9O2b3iiDr4gyS_CcgON8WclFY0UBqfuDsJoCoRoQSaWDSV-3Ai3r86COfhmQLWmgIHSZ_gxS2tjV2d2_QF86-ruSmVCzSMaSIe-dGsUzmJWRKm1lQDnVteH4djKUNfCXa3FaPURvOEI1JmYILhC_4KngLKVQZQM0Fmd83lBGHW60XmviDQjwXqH0qI_xhzHff8o20jE5mmfuI2zS_bD9u88Wu6VqqWY6H0zIrTEqZ5Lx0GwmHnRbmZbmTu6wF1AeJVw4w0qdfcZB1kuixjLqzywWchkW2obPP2s-7BDLMeBrbDDGFkYyCNmOgYnth_mBmPaxPH44sQZWeQOYRyjb28-inwtLkclcD9xkzLE_ISAvKDkuM-f4zL9Y5h2N9_VqM_bNjHtfcMo1IFZw9Hzl_F51G1z4-5b-zHynYQE7gH81wWRYq6PYJrOM46KCLxicoJLnQmpgX-oMH4OZ0BqhbajNWJXEW0zvbAamTvof2OWa7DxMyBM-LdY21ZNnCifEW1M9qaIAKk4sFS2IZGYCi5exkGLtEPO-xWznA4cOmuEPurE4RpXXdQfvqqTb8xgf0kYYvT1HBoZzES1EYuML8AV_wJPYcyJUkc3e3TbuiMFl6rBIV3qmsrr_4J_yiXfyoqTEnpbNHD8IJJef0WbZ8X6CIljKoHTRbsQc7ChWwhke3gLekRVxBCooY87Xt-YVFEBKZXPOPhxZchhVnVf_XFA4tGuSquoqMypQ5kpwuwJq4_zn6cYS4

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 104ms
104ms Fetch
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 35ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da924926c6b96f328d80b076983423bb87b85f8db3b00856cf79cce5dda9297a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10016
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 90ms
32ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BVAQCHKJ51PKJHCD
x-amz-id-2: d8qzTFKidJP+Al1zIGUrsYQ711SBlxkGydHv82GMB8eaQ5FRRNksZEWmNeBZ9Yyqh9uq2q4JsAA=
last-modified: Tue, 21 Dec 2021 18:11:17 GMT
server: cloudflare
etag: W/"851a8e8d3ce808a979323f763dc260b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90d5%2BwqK8s82Ac1FWJ0Ck97%2FDvCbnY%2BVZP%2F%2BOox1A0Ij4vF%2F3k%2B%2Bj%2BK%2Bruu5SvyxMPrm%2F5rrG59Q0LsS%2BbdWH8o8Y6flVdB4i5ekj6pngURZuTMkKe2mJUxvrr44aePRWNu%2BQB1eJP5gK2n7dYMg3PT88L7x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6dc11c96fb5bd608-MXP

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.nytimes.com&doc=complete&pg_h=1382&pg_w=1600&pg_hs=1382&c=8&aa_c=0&av_h=230&av_w=1600&av_a=368000&s=958&all_s=958&b=-11037.563&all_b=-11037.563&d=1.331&all_d=1.331&ard=1.331&all_ard=1.331&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 22:46:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9991 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 21:41:25 GMT
expires: Sat, 11 Feb 2023 21:41:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 3884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE2D 783 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1989dd8f87832de5a19c672c9c9d4f8ea37d35b59080a3d0487f6ed35a117cfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jv2XKJLYO2wlB0oeEaCkiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 22:46:09 GMT
date: Fri, 11 Feb 2022 22:46:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Jv2XKJLYO2wlB0oeEaCkiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sdk-prod-1d3c7a55760b4dff36c9.js Show response
platform.iteratehq.com/ 895 KB
260 KB 41ms
29ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4509291
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F8GCS1G01DQCBN5C
x-amz-id-2: 5Zz3+rWvRU6iIyAoyC2zBOA+kYX/ZJiMfT2VK8cKiETcdQxntSVLO0JR5QEVgyhqlLZr/T8SOWQ=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"1e60912655a5240d8ec79d1ef3a8098e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yoa6juAuvm92ZH9%2F7hI4VCMyGromE%2BWwyyN%2FkAf58TiftOtmuy9nP4E1Vw7DwZk0faBsIb6I%2BZMO0q0maqKYL2IIeaJgsUJeGRmdlX%2BFqN9Pzj6cxllTzsYqhk%2BYy0L5mz9UkOzhK0evUZoGm1nXJLLXqm9m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6dc11c9749b16910-FRA

GET
H3 200 style-2bdbffb0210cc2e386f1.css
platform.iteratehq.com/ 130 KB
12 KB 29ms
18ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1525281
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RJF4SBDZ510QF9WH
x-amz-id-2: eS+CIllTC0BpoPFQQfFpvwPVIpoTKwkBfaP6/OLfRarNQ1MUdVKzVSYfEBqKuLhKA2r9uomFr4M=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"4737fd744e2551cae9a2bc8884efd7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx9LpucufzsD0hUaqAA7qUA21UHIXRj35S7pcR2YSTAY9KYhequ%2B6Kbwpwa5GDk%2FBmKXfUBgwN%2B6sYeNmZMMJ7QC7FtxoCL%2FaT%2BWTDFn2tkjng5oJuwetAE85%2B2YraDHw8SCE5L8jOX%2Bop0yBgSLKesrtYU8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6dc11c9749b06910-FRA

GET
H3 200 O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9991 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:51:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:51:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE2D 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=118158768529839&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 158ms
131ms Fetch
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c6f0bdd4ea7de77116e9b4852f43545447344e7c35b107caeeaafc1ebed1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Fri, 11 Feb 2022 22:46:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAJltR%2BOULcEDMg0rOleGC2HIx9VIUWCkUhjedqjMt0mmM4fSyadL8GISuxg%2BOTzuUdVt6MVxKJD5FlEMLhN%2FMD%2BmWJxn34zkfSHsWh5vduhkMvt1NBio7tTLWop9%2FOEI4GCmjNbMTCzFTb%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6dc11c995d356940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 179ms
130ms Preflight 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Feb 2022 22:46:10 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FOHd5XPY6lI2URuaL%2B3fUgChTsM%2FdO2y2yZmBimk6urLsBN5ob4hhAAYSjsvwyEGdzHDasNx%2BGVZIR3nxgLQHjag85pOv9T0TnC%2FHk8y0it49wLVLkOSBTEX%2BQP32VXzGbWYGw%2FZSqnxA6j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6dc11c986e570f62-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9991 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gAtFKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 merlin_195888156_69a23240-6ea0-47a3-806d-37b621aa2b8e-jumbo.jpg
static01.nyt.com/images/2022/02/10/us/politics/10dc-afghan-2ADD/ 91 KB
91 KB 8ms
7ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/02/10/us/politics/10dc-afghan-2ADD/merlin_195888156_69a23240-6ea0-47a3-806d-37b621aa2b8e-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ca3df2ff476381690c2649e56db76122e4f0369d358eaede8d9f6ba39fe922b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 53045
x-guploader-uploadid: ADPycdvXeOcgJT-2QRyj42Fr_e68Z7s_WO6YhaVeAJwbon3l_bUbj9BkI27RXkyMzOBHOhL-JLMAX1XTMJ1KTAYQm-I
x-cache: HIT, HIT
fastly-io-info: ifsz=193992 idim=1024x683 ifmt=jpeg ofsz=92836 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 92836
x-served-by: cache-iad-kiad7000116-IAD, cache-hhn4052-HHN
server: UploadServer
x-timer: S1644619570.226195,VS0,VE0
etag: "C4SGbW4+VIcJdpSxIKHeAlEY08cYM92ayhTfYJ3MiuI"
vary: Accept
x-goog-hash: crc32c=WvAYrg==, md5=ryPuqGogBjLzW/Runvatzw==
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Feb 2022 08:02:04 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 00dc-dabank-top-jumbo.jpg
static01.nyt.com/images/2022/02/09/multimedia/00dc-dabank-top/ 72 KB
72 KB 9ms
9ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/02/09/multimedia/00dc-dabank-top/00dc-dabank-top-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5111f851dba7d41bc1aecaee24753d66a368f9457851ec1dff850ee7adeeb601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:46:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 53048
x-guploader-uploadid: ADPycdsi9_vESaVb8jiePg1tAq-b4sRkcc7rHTC3qM4ovzCys-_gJEYxUdDrVlEzIgqA35T7XTWm-xqSXXO-G6mF1YA
x-cache: HIT, HIT
fastly-io-info: ifsz=153841 idim=1024x683 ifmt=jpeg ofsz=73416 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 73416
x-served-by: cache-iad-kcgs7200063-IAD, cache-hhn4052-HHN
server: UploadServer
x-timer: S1644619570.226436,VS0,VE0
etag: "kUs0CSsXjYqxTsmuHkMb2yuPO4YAtrgUBlV93zUOsaE"
vary: Accept
x-goog-hash: crc32c=Vw8XRg==, md5=YWNiaN4Nxdosprhf0cfHmA==
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Feb 2022 08:02:01 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
109ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EE2 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCuUQzwlNQBsEB6zpPb6fbHsZFMc5fHGH-F_TlH-J3y4iLogyegle7OXGwWOcPUx86VIkt2nLx-iyaf-C2NhRejQ1T3gCgli8eNPAjqZmZVYqwI2WU&sig=Cg0ArKJSzKg-fJU622JtEAE&id=lidar2&mcvt=1000&p=76,315,326,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1133286891&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644619568962&rpt=389&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=118158768529839&bg=!RUalRgLNAAbAtJCDwLQ7ACkAdvg8WkMPTmKehUHUlleb5_X72zlbrnaHE5ReRpDiSzkOsnBwZumAagIAAACgUgAAAAJoAQcKAMjsBfm-QoQDJ7IE4iF2tjGaJ29pMSwSJkKTMDcL_vlCGmK4GwBk6lBKNd2QFSRdbunva_5uqUVVGgRzz2m6_q6AU6RHhNLZqNO9qV_T4tSrPHaq0EiZyPZwm3MGvkiYTWWBViqW_InEVU44OQD-oVwvMyETkLGb8hKME4TTk8r8rZ_q5ygkN1iRYn6_7jw_gQBYPZ7wae6RMLcbZE7-D-5T4-xMrLpZ3M4rn-H8gYWm7fqKtnnxpwwY9nfJGXUlD55nUoWOyuH16JkCyAlDIcPADOU_b5uPzfEBVirEIVyU7G7-N8X0jnkZdj1mfnzywVuTg9QXtwgK0tDwYIeMmVrYqw1m_lnqM1NwdIYrtQG6hBCKJsZQitav9Qx51e73qIptQS7qB5iUiyizSBVmyVFMui61Zn0dX5ADQ1X7rL-81CisRgOTPA_rm3JYzkv7nSEDvmZbLL3Rf5qFoHvatEgQzl72vcxGamwDQJwHmdMAzMfKMuQuTZZ5fhejgKPHtrQCG7wJ8TJDuF4PPVD8TnCZDec_aHpz12cBKo1hUFL2G2vF-N3YO0iUjRqK9FGYP_a2qxJKKXhRCCLxc5h_kk7GH6VRiB55OrJzWDQVS0HdVC6s_ieln54zuJTIbV1uGg7q-BJcVTqLytqXDHKf-bxNaPDM83Nkunf2iIbOrWCDgXPQvWRztfglIh1SHm5WpsDyuFqFDTMs6IfhXFlD-EGkDvPSn9sRCF0Nv9xnxDYquQjGYsLHqjqqik3cCamK36n1yeQL506OxyK9xLdyScYMcgT5WE40wogCjxr0kunka6j57HDz2kughU9phk_t81Ia4ISF0PtgDPc6-rVzGlK0yxsKugSEYHDgovxdp2uRJlUzG8p4dZAetNgVZ3shSDGpW3oqFhBIdVFZkAzkE5x3u20m4_rmvjafsU4_4J8bSl4ztSMEq6MB7vFdbkK2U50hM8pRGXQHWA9YcGmwg6tVbJSwgyYX3WYdfD6Kc4oKBjoaV2KUvwMYklL2gvsplR_QxrxdUXdMWGLxZEEYgzmPR7wjqoYoNMKPjMFPmdWrEWNwraS7t15Vpl1eOe4cxHvzKQ7Hovi6_4ExIqAB7a-vj-03iNl8TGOZsi-RGDW66_kKDBPuurCuXIz2UjKEWtmSOYFiFkub4TJihrL_MySEKStddTHlDcaO93cmRLqVI5b9IQq9N_FrCA7e5bMIchadFA8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 571ms
286ms Ping
image/gif 2404:6800:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kzj0110t&c=118158768529839&e=31064848%2C31064538%2C31061691%2C31061692&ctx=1&met.9=1.em~13.kc~2.kh~9.0~3_1.l9~7_1.0~9.0~3_2.15b~7_2.0~4_1.168~5_1.16e~4_2.18a~5_2.18b~6_1.1kt&met.10=1_1.IIAGEAAIABiAmHUoAQ~1_2.INYLEAAIABiAmHUoAA~1_4.INYLEAAIgOUIGICYdSgA~1_7.ILoOEAAIgLUYGICYdSgA~1_10.ILoOEAAIgLUYGICYdSgA~1_9.ILoOEAAIgLUYGICYdSgA~1_5.ILoOEAAIgLUYGICYdSgA~1_6.ILoOEAAIgLUYGICYdSgA~1_8.ILoOEAAIgLUYGICYdSgA&met.3=112.17m_1~113.1qs_3&met.1=1.kzj00zt7~6.6i~7.6j~8.7c~9.7c~10.7t~11.7j~12.7t~13.87~14.8h~15.8b~16.d1~17.i6~18.i6~19.1qj~20.1qj~21.1qn~22.cy~23.cy&qqid.1=CL6Knqnd-PUCFVrRuwgdk4YPGg&qqid.2=CLuWyqnd-PUCFbHnuwgdIbwLMg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:814::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:46:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
109ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nyti.ms/	1970-01-20 05:09:31	Name: _bit Value: m1bmK7-9daf9746d6f350d6d3-002
.nytimes.com/	1970-01-20 09:35:55	Name: nyt-a Value: 17p0Oa79c2RpU8BuYpWmHV
.nytimes.com/	1970-01-20 00:50:41	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 09:35:55	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 00:50:41	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 00:50:41	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: be495d39e0094652925ab7bf7669cf55
.et.nytimes.com/	1970-01-20 00:50:21	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 09:35:55	Name: sessionIndex Value: 1\|1644619567902\|17p0Oa79c2RpU8BuYpWmHV\|1644619567902
.et.nytimes.com/	1970-01-20 00:51:45	Name: et-ppvid Value: https://www.nytimes.com/2022/02/11/us/politics/taliban-afghanistan-911-families-frozen-funds.html=Mvmz8hG4tmpFoTDTxSUu9Qgw
.google.com/	1970-01-20 05:13:50	Name: NID Value: 511=dOWJCU9KYMryv3Nk8CY48_sSw6f1S0VBaFf5RgkMBceoJ3pjVpXZ6nEbR5ys3ggyl-sKrjgS3ol9TJRNwBq5tKzoCyNoFox8Gd33NJwiODUpjIe5QOmJ21L89f7nNtDc5amVUFKGrA1ZxDKgNUm4NQWdQlkWTkt4rU4bOPuJ35k
.nytimes.com/	1970-01-21 20:39:45	Name: nyt-m Value: F9614415C31FB7753054833392903ECA&iir=i.0&ft=i.0&fv=i.0&igu=i.1&rc=i.1&cav=i.1&uuid=s.51c47b9a-cdd5-479b-b017-8272e760c1c8&e=i.1646125200&v=i.0&g=i.0&igd=i.0&igf=i.0&iub=i.0&ird=i.0&t=i.0&prt=i.0&s=s.core&pr=l.4.0.0.0.0&ier=i.0&vr=l.4.0.0.0.0&iga=i.0&iru=i.1&ica=i.0&imv=i.0&n=i.2&er=i.1644619568&vp=i.0&ifv=i.0&ira=i.0&imu=i.1&iue=i.0
.a.nytimes.com/	1970-01-20 09:35:55	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 00:50:23	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 00:50:23	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 09:35:55	Name: nyt-jkidd Value: uid=0&lastRequest=1644619568768&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1644619568768&isNew=1&pageIndex=1
.nytimes.com/	1970-01-20 10:19:49	Name: purr-cache Value: <K0<r<C_<G_<S0
.doubleclick.net/	1970-01-20 10:11:55	Name: IDE Value: AHWqTUlqMOTIpczuUYTmKY2mz64QJQ3uf0_OzjJgNJoDp8_RXKqw8a5b0lKRTQ5gzHA
.nytimes.com/	1970-01-20 10:11:55	Name: __gads Value: ID=48bebe13bb65b840:T=1644619568:S=ALNI_MayumM7OOP9gwgdZR1xdkQcpsG_Vw
.nytimes.com/	1970-01-20 02:59:55	Name: _gcl_au Value: 1.1.1596037928.1644619569
.nytimes.com/	1970-01-20 09:35:55	Name: datadome Value: 7CVr8gDbFopRECkVTs8QjasO9NLDiuqXy9qn0klg~6c~W3HyYsJtrc-V5r4Ceouk~Oh8nApoZ-d0CEq6HktmeNYTAbfZdAbiGAUfypeQC5hpIFgMngph30vVe.3Hr-F
www.nytimes.com/	1970-01-20 10:19:07	Name: _cb_ls Value: 1
www.nytimes.com/	1970-01-20 10:19:07	Name: _cb Value: D0cnu_CwPGy3BDBr9C
www.nytimes.com/	1970-01-20 10:19:07	Name: _chartbeat2 Value: .1644619569367.1644619569367.1.Bw8oZgCl7O0yC_HP5kk3a3jDqMYSJ.1
www.nytimes.com/	1970-01-20 00:50:21	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 18:21:31	Name: walley Value: GA1.2.1345357856.1644619568
.nytimes.com/	1970-01-20 00:51:45	Name: walley_gid Value: GA1.2.1171827810.1644619569
.nytimes.com/	1970-01-20 00:50:19	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 00:59:22	Name: nyt-cmots Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2NDQ2MTk1NzAsInNjIjoxNjQ0NjE5NTcwLCJjYSI6MTY0NDYxOTU3MH19fX0=
.nytimes.com/	1970-01-23 16:26:19	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MjA2ZTczMjM0ZDYzMjAwMDEyY2U0YjQiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQ0NjE5NTcwfQ.4F6CaZ5XpDwyi4rpVHJ39FTdd6GdbiZs62rNeDY76Ks

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'conversion-measurement'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bbe8fa6ee664187c9df1cb2d4dbebfe.safeframe.googlesyndication.com
5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
als-svc.nytimes.com
csi.gstatic.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
nyti.ms
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
142.250.184.226
142.250.185.166
15.197.193.217
151.101.1.164
151.101.129.164
151.101.193.164
2404:6800:4005:814::2003
2600:9000:2104:d800:18:1fcd:34f:cdc1
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:811::2013
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a06:98c1:3121::7
35.241.35.241
35.244.188.62
54.165.183.227
65.9.78.79
67.199.248.12
0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6
0421eef6822a157138a2085b8b550571cd7d3f6e12a802c80727430a0af24bdf
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1989dd8f87832de5a19c672c9c9d4f8ea37d35b59080a3d0487f6ed35a117cfe
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1ec3c7d2337cca3c67a003cbc8ba3969b01659289f531874b4a5792b279a9b65
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
33df2a051de6d231b8c623a1ae6dade1834dd8729784b7ea1ea8230e8ca450e0
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
392c6aafee7e281e0a53cb50a51d3e36947bb6ffe267894ccab29cb191398668
39e1f9eb6a8b97a1d6c380532b1db412d0c0033ca598a2f3943e0f0f9c32f196
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3ca3df2ff476381690c2649e56db76122e4f0369d358eaede8d9f6ba39fe922b
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22
40b25d197fa0ff3f2f2c321ca5cf97d9b09d83138b574f6f20eb5b33e8c86218
433aba2e879109c769525c373b6221be6a29e21acf0aac9aea1e5ec4afc32d4b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4680da4b91fb39d747e566e471e11aaec1119bc6885b51ae8e4617387f08af7b
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5111f851dba7d41bc1aecaee24753d66a368f9457851ec1dff850ee7adeeb601
51b78847fc20f97854556c421abeefae11b13e7627270e2c6ca78cfef3a90075
53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea
54340101600d59539c651598450bec2af3fe83fabb98dcb67976f492b6b5a45f
550d600e503aeee5863408aaf3c4495dee30466665e9789b91d3a020d0ffca68
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87
5e951e48cc94173cb64339113acf7321fdb588b4612331331d8b4b4a2a3c3937
6031c5d0ea02c8d8e39781fe0659f55a3414203fa9bbc671e4349d5607f5684d
6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33
6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
83c6f0bdd4ea7de77116e9b4852f43545447344e7c35b107caeeaafc1ebed1b8
85a3d8bf0019b29606c7b02c8bfa77129687228e6941e982df35d46c579f42a8
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b8939a6b84bd6a50161b75cc8cfe071ad29187ddc03f4738a5ca7912ab13c9f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f896b2bcc9fbfa73d461c2acc7517e1c1f472ab09863784a5943e139aabb7fa
9184115457d6393be44476d37b60a5cb518326cd6ec79e24dcc93f16feffa32e
94193096daf7c70d7589d5e6ec9720a2cc53fa953fcc0e51f441ae7d48ff835c
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
99514e25ab6b5306ba58bf43ac4eda3482b20c7b7c14bae686d46252a4b3e99d
9a36e378e6e48f6527743e123bcf30060cbbef5bab0bf1b40c3b4372547193d4
9a8008be9b34ef86bbdc2f284257d8f27688416c07647a13b1c8813eddd1957b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af7e69064d38b2be97be641c0b6ae821fe033159762177ddd5c8fc1592295c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
adf2af53724fd422bf12f2c7793a5ecf4d2094a23a5ce34084f1a2af70c9a300
afae62a1b2289b9f6f16e848e6a29c876c7c0b9bcc30656268718cdef14258e6
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b85a8522b694640eedc3984d83f84afb72c1cbc688c9602a4a676d05cbc854af
b93348a5701fff98f2e322ad770d952784130c04d2c0bd00b76858bb0f81c12c
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c1c5b42f5de966f4b7f36b27553ff14509dcfe996fd80069c52cd8e80e56edbb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6155801090b63abef3da53856914e7b2825c5345c91f372b331e8b870124c9d
da924926c6b96f328d80b076983423bb87b85f8db3b00856cf79cce5dda9297a
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
e17919e8a49111b87e1c6cd882899c91d61d6ee5114c7b19cce0db412f96bc5c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e46cc156de5b091b0b4ae2d7be6a1bc06b5d8e7017ad56ebb08cbc601f503c77
e876fe3f68a6232e713b43dc97f51f2de9b821691321bd05cf1759164a069b34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda
f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

99 %HTTPS

61 %IPv6

15 Domains

36 Subdomains

28 IPs

3 Countries

2942 kBTransfer

8638 kBSize

31 Cookies

25 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

99 %
HTTPS

61 %
IPv6

15
Domains

36
Subdomains

28
IPs

3
Countries

2942 kB
Transfer

8638 kB
Size

31
Cookies

130 HTTP transactions
1 data transactions