www.nytimes.com Open in urlscan Pro
151.101.129.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=
Effective URL:
https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3RED...
Submission: On February 21 via api (February 21st 2023, 6:30:28 pm UTC) from US — Scanned from DE

Summary HTTP 137 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 17 domains to perform 137 HTTP transactions. The main IP is 151.101.129.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3324.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
14	52.54.49.121 52.54.49.121	14618 (AMAZON-AES) (AMAZON-AES)
9	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
15	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	18.66.97.95 18.66.97.95	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	52.3.42.214 52.3.42.214	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.20.6 172.217.20.6	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:d200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e0:... 2606:4700:e0::ac40:6509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	35.169.218.52 35.169.218.52	14618 (AMAZON-AES) (AMAZON-AES)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:592::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:991::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2606:4700:20:... 2606:4700:20::681a:6e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
137	27

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.alertmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.54.49.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-49-121.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.dev.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-95.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.42.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-42-214.compute-1.amazonaws.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.20.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6509 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.218.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-218-52.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:592::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:6e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 3324 a.et.nytimes.com — Cisco Umbrella Rank: 6077 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7543 als-svc.nytimes.com — Cisco Umbrella Rank: 9584 myaccount.nytimes.com — Cisco Umbrella Rank: 11056 dd.nytimes.com — Cisco Umbrella Rank: 9788 meter-svc.nytimes.com — Cisco Umbrella Rank: 10706 a.nytimes.com — Cisco Umbrella Rank: 7153 purr.nytimes.com — Cisco Umbrella Rank: 7444 mwcm.nytimes.com — Cisco Umbrella Rank: 10611 csp.dev.nytimes.com — Cisco Umbrella Rank: 42473	2 MB
29	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9002 static01.nyt.com — Cisco Umbrella Rank: 5790 a1.nyt.com — Cisco Umbrella Rank: 7507 mwcm.nyt.com — Cisco Umbrella Rank: 17526 typeface.nyt.com — Cisco Umbrella Rank: 31643	3 MB
18	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 6544 iteratehq.com — Cisco Umbrella Rank: 6124	34 KB
11	googlesyndication.com 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	49 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 8564	168 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3059 collector.brandmetrics.com — Cisco Umbrella Rank: 3438	17 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1258 c.go-mpulse.net — Cisco Umbrella Rank: 625	51 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 6832	201 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	48 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 568	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1441	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9006	531 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	109 KB
1	alertmedia.com go.alertmedia.com	1 KB
0	akamaihd.net Failed trial-eum-clientnsv4-s.akamaihd.net Failed trial-eum-clienttons-s.akamaihd.net Failed
137	17

	Domain	Requested by
16	iteratehq.com	platform.iteratehq.com
14	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
12	samizdat-graphql.nytimes.com	www.nytimes.com
12	www.nytimes.com	go.alertmedia.com www.nytimes.com 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
10	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
8	static01.nyt.com	www.nytimes.com static01.nyt.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com www.googletagservices.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
4	mwcm.nyt.com	www.nytimes.com
4	tpc.googlesyndication.com	6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	dd.nytimes.com	go.alertmedia.com dd.nytimes.com myaccount.nytimes.com
3	csp.dev.nytimes.com	s.go-mpulse.net
2	platform.iteratehq.com	go.alertmedia.com platform.iteratehq.com
2	typeface.nyt.com	myaccount.nytimes.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.nytimes.com	www.nytimes.com dd.nytimes.com
2	6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	myaccount.nytimes.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	www.googletagservices.com	6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	go.alertmedia.com
1	static.chartbeat.com	go.alertmedia.com
1	mwcm.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	go.alertmedia.com
0	trial-eum-clienttons-s.akamaihd.net Failed	s.go-mpulse.net
0	trial-eum-clientnsv4-s.akamaihd.net Failed	s.go-mpulse.net
137	39

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
cn.nytimes.com
www.ntsb.gov
response.epa.gov
www.epa.gov
www.amwater.com
www.youtube.com
twitter.com
governor.ohio.gov
www.cnn.com
www.facebook.com
apnews.com
www.opb.org
filecache.mediaroom.com
www.wkbn.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
go.alertmedia.com Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
a.et.nytimes.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
als-svc.nytimes.com R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
meter-svc.nytimes.com R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
a.nytimes.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
purr.nytimes.com R3	`2022-12-24` - `2023-03-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.brandmetrics.com GTS CA 1P5	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Frame ID: DA5B40D84B9AF24DC47D20B11EAFB107
Requests: 82 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 8689914D612C0201B9610C2604471A12
Requests: 2 HTTP requests in this frame

Frame: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C80EE3D663B86B52E43724722E2E5A0C
Requests: 1 HTTP requests in this frame

Frame: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75DA5476AB30F8402E805FDAAFDC9F00
Requests: 7 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Frame ID: E46B9DE42374C8F672DC216D51842516
Requests: 2 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Frame ID: B7BCEF70D50A8E32DD9AC125819B0D37
Requests: 8 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: 6E25E8C9BB007708B9C01C6813A89573
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A1D3CDB866F56334A1BF1A2EDF46F8F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE6EAB2A76A614A541CA0DE42B093CBD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Train Derailment in East Palestine, Ohio: What We Know - The New York Times

Page URL History Show full URLs

https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFb... Page URL
https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDO... Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

137
Requests

99 %
HTTPS

58 %
IPv6

17
Domains

39
Subdomains

27
IPs

5
Countries

5056 kB
Transfer

11591 kB
Size

31
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/usa/20230215/ohio-train-derailment/
Title: 阅读简体中文版

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/usa/20230215/ohio-train-derailment/zh-hant/
Title: 閱讀繁體中文版

Search URL Search Domain Scan URL

URL: https://www.ntsb.gov/news/press-releases/Pages/NR20230214.aspx
Title: said

Search URL Search Domain Scan URL

URL: https://response.epa.gov/sites/15933/files/TRAIN%2032N%20-%20EAST%20PALESTINE%20-%20derail%20list%20Norfolk%20Southern%20document.pdf
Title: vinyl chloride

Search URL Search Domain Scan URL

URL: https://response.epa.gov/sites/15933/files/Norfolk%20Southern%20East%20Palestine%20Train%20Derailment%20General%20Notice%20Letter%202.10.2023.pdf
Title: said

Search URL Search Domain Scan URL

URL: https://response.epa.gov/site/site_profile.aspx?site_id=15933
Title: said

Search URL Search Domain Scan URL

URL: https://www.epa.gov/newsreleases/epa-orders-norfolk-southern-conduct-all-cleanup-actions-associated-east-palestine
Title: ordered

Search URL Search Domain Scan URL

URL: https://www.amwater.com/press-room/press-releases/west-virginia/west-virginia-american-water-monitoring-water-quality-on-ohio-river-implementing-business-continuity-plan-for-secondary-intake
Title: West Virginia subsidiary

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5HRSAqXUDcE
Title: said

Search URL Search Domain Scan URL

URL: https://twitter.com/GovernorShapiro/status/1626362051953147905
Title: said on Feb. 16

Search URL Search Domain Scan URL

URL: https://twitter.com/GovMikeDeWine/status/1625962388603404288?s=20
Title: said on Feb. 15

Search URL Search Domain Scan URL

URL: https://www.epa.gov/superfund/what-superfund
Title: Superfund site

Search URL Search Domain Scan URL

URL: https://governor.ohio.gov/media/news-and-media/east-palestine-update-evacuation-area-extended-controlled-release-of-rail-car-contents-planned-for-3-30-pm-02062023
Title: extended the evacuation order

Search URL Search Domain Scan URL

URL: https://governor.ohio.gov/media/news-and-media/east-palestine-update-residents-can-safely-return-home-02082023
Title: said

Search URL Search Domain Scan URL

URL: https://www.cnn.com/2023/02/11/health/ohio-train-derailment-white-noise/index.html
Title: CNN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/colcountysheriff
Title: criticism

Search URL Search Domain Scan URL

URL: https://apnews.com/article/legal-proceedings-pennsylvania-ohio-health-business-820cf081c0e068a47db2e141a3f988e6
Title: The Associated Press reported

Search URL Search Domain Scan URL

URL: https://twitter.com/JDVance1/status/1625223855202508803/photo/2
Title: on Feb. 13

Search URL Search Domain Scan URL

URL: https://www.opb.org/news/article/oil-train-safety-rule-rollback-by-trump/
Title: trains carrying hazardous materials

Search URL Search Domain Scan URL

URL: https://twitter.com/JenniferHomendy/status/1626379359375265792
Title: personal Twitter account

Search URL Search Domain Scan URL

URL: http://filecache.mediaroom.com/mr5mr_norfolksouthern/178289/Shaw%20Open%20Letter.pdf
Title: a letter

Search URL Search Domain Scan URL

URL: https://www.wkbn.com/news/local-news/east-palestine-train-derailment/norfolk-southern-ceo-returns-to-east-palestine-for-updates-on-cleanup/
Title: In a visit on Feb. 18

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A= Page URL
https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg

137 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=
go.alertmedia.com/ 547 B
1 KB 337ms
198ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-QGgb5+NIrarSd97aaK3GMDfCocT69lc/PEVc6dmoYt0=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 79d18d763e529baa-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-QGgb5+NIrarSd97aaK3GMDfCocT69lc/PEVc6dmoYt0=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Tue, 21 Feb 2023 18:30:20 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: eed83f11b48d3e6f

GET
H2 200 Primary Request ohio-train-derailment.html Show response
www.nytimes.com/article/ 260 KB
79 KB 67ms
17ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg

Requested by

Host: go.alertmedia.com
URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5d329ba1259bdb36c7b894d95fc7f99b5c2ba0ba5471acc89ab45a681b2e14f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.alertmedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 384
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 78849
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 18:30:20 GMT
fastly-restarts: 1
last-modified: Tue, 21 Feb 2023 18:19:33 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/article/ohio-train-derailment.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: efe6c2159f1a4bb9a1b55598654ae30b
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-cloud-trace-context: 1ccce552a5275fad1bbf20d83f5f8187/6396261859553121530;o=1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1677003853.787600,VS0,VE11
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Tue, 21 Feb 2023 18:19:33 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2023-02-21 18:24:12 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2023-02-21T18:08:29.324Z
x-served-by: cache-lga13629-LGA, cache-hhn-etou8220069-HHN
x-timer: S1677004220.131877,VS0,VE10
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 28ms
8ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 14:25:21 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2865899
x-guploader-uploadid: ADPycdvrb9zV6p94Mo3BVmxUeiqfbMOIvlPiHyiXkQpFVbMHl9MKwt_xLt_ImkqpTKjjNB3qrV06KwfFTANSzYzN4BB9LALp9pfI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10710
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1677004220.193504,VS0,VE0
vary: Accept-Encoding
x-goog-generation: 1673991774978541
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9356

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 6537571
x-guploader-uploadid: ADPycdvJoIWHCbvFsiNl_VmRRVpqr1b_PHvgtyurv5PFsAj7uQfCkIWqTCrUrtbDhQ40SdI6XL6CB4qtzbGKkp1211dUYQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-08 02:30:49 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004220.173235,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1670358381775516
content-type: text/css; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9272
expires: Fri, 08 Dec 2023 02:30:49 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Thu, 08 Dec 2022 00:07:34 GMT
server: UploadServer
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 adslot-9349dd2c5537218e254e.js Show response
www.nytimes.com/vi-assets/static-assets/ 22 KB
9 KB 9ms
9ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

89c621cba92a10f0b3c8cd9cfeec1cc73e961d101f05b4507ca33cdeebc0c37e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2393697
x-guploader-uploadid: ADPycdueoQYOPqUw3NBc6i6vzawjrIvwzQYZvt6ONuA3XSA28NTdS0CqlOQPYLp2CUjQzPvNYYnDotxeVoBh-p7OreYgbhtEFmBf
x-goog-stored-content-encoding: identity
x-origin-time: 2023-01-25 01:35:23 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004220.186154,VS0,VE1
etag: "45251e92ac8641f6c1e329c20d675791"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1674035311415019
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10054
expires: Thu, 25 Jan 2024 01:35:23 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7770
last-modified: Wed, 18 Jan 2023 09:48:33 GMT
server: UploadServer
x-goog-hash: crc32c=C012dQ==, md5=RSUekqyGQfbB4ynCDWdXkQ==
x-gdpr: 1
x-goog-stored-content-length: 22178
accept-ranges: bytes

GET
H2 200 13xp-ohioexplainer2-cjfk-videoSixteenByNine3000.jpg
static01.nyt.com/images/2023/02/13/multimedia/00xp-ohioexplainer2-cjfk/ 1 MB
1 MB 99ms
63ms Image
image/jpeg 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/02/13/multimedia/00xp-ohioexplainer2-cjfk/13xp-ohioexplainer2-cjfk-videoSixteenByNine3000.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

92e09dd00b707b8b2e4e7162ac6e840c903702f7cea702231bf0ecc84d650e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 21:05:42 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 50082
x-guploader-uploadid: ADPycds0p8AmKsKObBAAJbUmSKfQcDYRG1SV-2VgXwITU_1ndZxZbMIdydKswdib1K0cwHNcRoTP8KIc1RmHhGq7LD-DgviOCs-x
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 1261652
x-served-by: cache-iad-kcgs7200112-IAD, cache-hhn-etou8220069-HHN
last-modified: Mon, 13 Feb 2023 21:05:31 GMT
server: UploadServer
x-timer: S1677004220.238382,VS0,VE48
etag: "a78ef2de7e15151bf3421b094cf6798a"
vary: Origin
x-goog-generation: 1676322331119651
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=ehNwxg==, md5=p47y3n4VFRvzQhsJTPZ5ig==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 1261652
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30, 1

GET
H2 200 author-christine-hauser-thumbLarge-v3.png
static01.nyt.com/images/2018/02/16/multimedia/author-christine-hauser/ 27 KB
28 KB 52ms
22ms Image
image/png 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/02/16/multimedia/author-christine-hauser/author-christine-hauser-thumbLarge-v3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a6dff68c963e39916368b1c90ab3d2baa2c359ccf58098f9d365b6944023a92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 30 Dec 2022 16:10:36 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 33461
x-guploader-uploadid: ADPycdt0mubLIcDfqD4t_3QMpIIaUokc3fKhr352Z2Db6ZdrIxLh9D5c8lp95sGrfMvdSOMS7wWOlfunYDDgniEIr53tV-g0ozkg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 28052
x-served-by: cache-iad-kjyo7100137-IAD, cache-hhn-etou8220069-HHN
last-modified: Thu, 15 Apr 2021 14:57:59 GMT
server: UploadServer
x-timer: S1677004220.239122,VS0,VE3
etag: "b7d3d435d39d180f877f8bdc519ca749"
vary: Origin
x-goog-generation: 1618498679207748
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=XVKe1Q==, md5=t9PUNdOdGA+Hf4vcUZynSQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 28052
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1193, 1

GET
H2 200 13xp-ohioexplainer1-hmpq-jumbo.jpg
static01.nyt.com/images/2023/02/13/multimedia/00xp-ohioexplainer1-hmpq/ 201 KB
202 KB 35ms
33ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/02/13/multimedia/00xp-ohioexplainer1-hmpq/13xp-ohioexplainer1-hmpq-jumbo.jpg?quality=75&auto=webp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

221beb25ee85f143a80f06c64b474f017ebadc5ef60f21136fc517844a1cf300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 21:05:59 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 77019
x-guploader-uploadid: ADPycdvizu4fsJ_W2clkZmCSK6VmqQbont3TijkmuBElMVmoP3yhDbTgejvQhDdZY-L5YO0vN7B4ocXvFD7g9J49l9iNRtG7NSuu
x-cache: HIT, HIT
fastly-io-info: ifsz=344730 idim=1024x683 ifmt=jpeg ofsz=205534 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 205534
x-served-by: cache-iad-kjyo7100028-IAD, cache-hhn-etou8220069-HHN
server: UploadServer
x-timer: S1677004220.238019,VS0,VE14
etag: "HZUSrRSDRWos9E8OmJ6XfYcxF0kDIIwmZlI7LRnORgQ"
vary: Accept
x-goog-generation: 1676322330740470
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=QpEKSg==, md5=/vTPxKPcb1NZ6bFArAs4sg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 344730
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 1

GET
H2 200 vendor-9a8ec86c8d6b28ea5127.js Show response
www.nytimes.com/vi-assets/static-assets/ 156 KB
44 KB 11ms
10ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-9a8ec86c8d6b28ea5127.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ad4390a257ac44e8d87c4b5a97ace91286b8ab39439a84374e59498d9379e56d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 612446
x-guploader-uploadid: ADPycds5OH4wjUaI2qkZHhX955Fbyi4xuO85GwGhBVk6uWD997QQ6Cl0jt4TkydpYqTjuKl6TRAKCND_l_hInSVi0VMrEA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-14 16:22:54 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004220.233231,VS0,VE1
etag: "fc21431a81a67734a123c7d82b53e9f6"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1676389788537072
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-9a8ec86c8d6b28ea5127.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 13475
expires: Wed, 14 Feb 2024 16:22:53 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 44131
last-modified: Tue, 14 Feb 2023 15:49:48 GMT
server: UploadServer
x-goog-hash: crc32c=OsjNpg==, md5=/CFDGoGmdzShI8fYK1Pp9g==
x-gdpr: 1
x-goog-stored-content-length: 159895
accept-ranges: bytes

GET
H2 200 story-e5b30a05501c3b3d9a03.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
375 KB 15ms
13ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-e5b30a05501c3b3d9a03.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d003abd556356a30c3b0e288ff8c1074053a22050bbdb4e9f3b2931c8a9dcef3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 10003
x-guploader-uploadid: ADPycdt25acA_j4tQmKDqkGvnPLV6HrkxIlxiBM6PrF-JjGS36xCWFHaLNrjv5s4WEB07JbqB-XaOmVT07tSeTxdJ1QNACg5VPTA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-21 15:44:07 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004220.235966,VS0,VE1
etag: "1e3b44c3f62594296a7dc6354c47764c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1676993833460723
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-e5b30a05501c3b3d9a03.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2
expires: Wed, 21 Feb 2024 15:43:36 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 383041
last-modified: Tue, 21 Feb 2023 15:37:13 GMT
server: UploadServer
x-goog-hash: crc32c=l8am7g==, md5=HjtEw/YllClqfcY1TEd2TA==
x-gdpr: 1
x-goog-stored-content-length: 1388620
accept-ranges: bytes

GET
H2 200 liveAsset-014df3669ca3e419e5bf.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
359 KB 27ms
26ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/liveAsset-014df3669ca3e419e5bf.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09320ebcab28b0a453f804508dfd345ba6a971f85665b34fd83878bcb5c4f16e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 10005
x-guploader-uploadid: ADPycdu8k7689pgqBr1Z_CRo_JeKIYlr3z_e5NrM8U5puaYvCrHoUmnsHs9FzrdeQ95ywEDEYmn8ZVEaaZ1QhRFLwB00xWK7LLCs
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-21 15:44:16 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004220.235921,VS0,VE11
etag: "fade7e394e52260910c96b2aa2218fad"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1676993833471142
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/liveAsset-014df3669ca3e419e5bf.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Wed, 21 Feb 2024 15:43:35 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 365989
last-modified: Tue, 21 Feb 2023 15:37:13 GMT
server: UploadServer
x-goog-hash: crc32c=z+c3rg==, md5=+t5+OU5SJgkQyWsqoiGPrQ==
x-gdpr: 1
x-goog-stored-content-length: 1329153
accept-ranges: bytes

GET
H2 200 main-a728333c94ea6f774da7.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
410 KB 82ms
81ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6d8746e48b67756bb47325d133dc76c6eb324eb6e1ea1e5b32b3a894536c1d70

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 9972
x-guploader-uploadid: ADPycdu4zBxKFIu10bdvKBIyOBiMEdDnSIO7BZM-qHWDYDLBZC9onsMy8qc0nmukOu0MdXmtQvFgHBMGPxDHoIKWb0yxNIUY8AlN
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-21 15:44:07 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004220.236975,VS0,VE55
etag: "508763374a2fb2d949ba11207a289fe6"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1676993997892043
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-a728333c94ea6f774da7.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Wed, 21 Feb 2024 15:44:07 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 418840
last-modified: Tue, 21 Feb 2023 15:39:58 GMT
server: UploadServer
x-goog-hash: crc32c=ezNFwQ==, md5=UIdjN0ovstlJuhEgeiif5g==
x-gdpr: 1
x-goog-stored-content-length: 1443556
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 398 KB
109 KB 49ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c0c530712be256a6d04b8d3221be5499cf530b7109362cfc2327a04b721a22f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110709
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 351ms
131ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
879 B 31ms
29ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 6686037aca2b12f7-4954c7bca62cbd1b-0
age: 49
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 84069d9f9d625b9d
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-country: DE
x-timer: S1677004220.281253,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: SN
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: HIT
x-cache-hits: 1
x-samizdat-query-sup-code
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: dbb39622
x-envoy-upstream-service-time: 18
content-length: 123
samizdat-x-kubernetes-namespace: default
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 6686037aca2b12f7-4954c7bca62cbd1b-0
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 41ms
9ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 46
cache-control: max-age=30
content-length: 0
date: Tue, 21 Feb 2023 18:30:20 GMT
samizdat-x-canary: false
samizdat-x-instance: 047bde83
samizdat-x-kubernetes-namespace: default
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 492fc761dd56f082-4ec28cb47a0c6bee-0
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: 492fc761dd56f082-4ec28cb47a0c6bee-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 128
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: SN
x-samizdat-query-exe-id: 890ea5fd3833278d
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220070-HHN
x-timer: S1677004220.248607,VS0,VE1

GET
H2 200 als Show response
als-svc.nytimes.com/ 1 KB
2 KB 332ms
124ms XHR
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Fc01baacf-5f9d-53c5-bf96-affd73b05e26&typ=&prop=nyt&plat=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

4a063a63035471eff910e678b0a10a54cd25c6cecb2f24242e30a9f3e38b4af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 google
x-envoy-decorator-operation: als-svc.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
content-length: 1173

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 32ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537077
x-guploader-uploadid: ADPycdsMdN37yQQezJJOD1uB6fmKjwjN14H7aMr_ryhOtzv6GQddjWR0pTfKNG6TDj22wYuu7tNzSXNM1AwDJLidQO74zw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004220.268078,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1651598151017654
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 43426

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 40ms
15ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537078
x-guploader-uploadid: ADPycdv-f7zYfkiMMiYxemmiEtaV7YJXrYdMlHcJ9f-XKye0eK12q3HpcBIj0xV7vNkf-onUCT2_SOBrr0L0ltNVAEkeug
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004220.268988,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1651598151054057
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 43128

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 33ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:32 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537048
x-guploader-uploadid: ADPycds2NoN0QRVxYL-bhByYIykKVIephky6bpv08JhR7a2qj2YHeYdNIRjMlYkro1ExwhkcWcpQ8qSdULIbRoItnLWqKA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1677004220.268451,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
x-goog-generation: 1651598149633653
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29076
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3321

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 37ms
13ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:32 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537046
x-guploader-uploadid: ADPycdvJSmS2IJH50NT7fAPxOpFqSNr2s46gPqF9Tz9mAYlKQCtNwxShfxDamhWgUFxK6igvfVbq0hrszpGbnSk7kMenQw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:50 GMT
server: UploadServer
x-timer: S1677004220.268617,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
x-goog-generation: 1651598150092466
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1476

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 71ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0a678593ec9fdda66464e23f2d5c626d20444e60ab310a366cc916609c101a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26513
x-xss-protection: 0
server: sffe
etag: "1489 / 197 of 1000 / last-modified: 1677003767"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Feb 2023 18:30:20 GMT

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 16ms
15ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537077
x-guploader-uploadid: ADPycdvdqkGZY3eQ_Akge0ajjL2M6unAf-MCqVeT657czXf0SUxX7KOfCRO6RPrc8aCpSxLEx7htGy46vkRBMhGireLtopnPt5i1
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004220.274771,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1651598151578179
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 42455

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 15ms
14ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537077
x-guploader-uploadid: ADPycdtsB59si_y4HnNZi6MJdR_uu7BfawbR13u72WHVorJhnphqBHvtyYwxaliswrLTaXXLbJOKPadNVHdJneUJpqqc0Ak5eoCb
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1677004220.274847,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
x-goog-generation: 1651598149661480
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28620
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 11ms
10ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:40:43 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536975
x-guploader-uploadid: ADPycdt6iGOPjA6Hrwf5J88wdeIPkPX86oE9hFzqtOwPnw3Jnen0_szki3D0q6TKJYqhYee9vDkAFxLXwAlnUvc-sLGd-A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1677004220.274241,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1651598149597753
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 18882

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 14ms
13ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:39:02 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6537078
x-guploader-uploadid: ADPycdsJbxGGTkKx_25_9GBm5CJ8gR1lUwkkwUCiKs-PAkGAAkgsn6JlJKypxzebu6m7psVu__l2zYfoZ6HYFy5Ib7iB
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004220.274224,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598150991608
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 38087

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 10ms
9ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:43:23 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536817
x-guploader-uploadid: ADPycdu6vaNg6LEho47ukCMgLAloWoz1cwWi7hKXAOPoYs1kQ3y6ur07OxKCc8PjdPwddhf5dfZVFZADKxlewB4HRa2vckuUcSza
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1677004220.311528,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
x-goog-generation: 1651598149856995
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 15821

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 8689 332 B
1 KB 16ms
9ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

c8ce109d1227c0fb3255dc7a84628ec77a9c948f5c378d076918832171cf6696

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 392
cache-control: public, max-age=600
content-encoding: gzip
content-length: 256
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 18:30:20 GMT
etag: W/"14c-nW8dhjlw6lOlYOfXD3/paqhpeRg"
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 8
x-cloud-trace-context: 6acfb8c23c1746fd47682f634c694ba2
x-content-type-options: nosniff
x-datadog-parent-id: 5425399221630462752
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 5042484470399783912
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 46
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-hhn-etou8220069-HHN

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 8689 470 KB
156 KB 12ms
11ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=9d27970

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f2859c18a274d988c4e21803e47de7c41f66060fc060b66822e165b44f82492c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 20:43:13 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
x-api-version: F-X
age: 373
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 7
content-length: 159618
x-served-by: cache-hhn-etou8220069-HHN
server: envoy
x-nyt-backend: lire-ui
etag: "6mHQVA"
content-type: application/javascript
x-cloud-trace-context: 81aae6a2c2e84846dd8eebe4a366fd5d
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-1657d1b4cf43caad696c.js Show response
www.nytimes.com/vi-assets/static-assets/ 45 KB
15 KB 16ms
15ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-1657d1b4cf43caad696c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4486a33a70b0ab6227074c97c026bc4c4ad732d4290f349c1eedd4d4d5e311d9

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1209460
x-guploader-uploadid: ADPycdtteX8lGsJ9znpSmH87zkYWG4t9XQglu4oJHQQFmVLowzTeg_GlJ1oX7Nj4_DGR9aXFs8dw3gqScTP9wcvpzRWFROnd_mnJ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-07 18:32:40 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004221.614136,VS0,VE1
etag: "7e7fc7fe697ec0607a67b72edb800ade"
vary: X-Goog-Allowed-Resources, Accept-Encoding, Fastly-SSL
x-goog-generation: 1675793953332801
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-1657d1b4cf43caad696c.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9674
expires: Wed, 07 Feb 2024 18:32:40 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14101
last-modified: Tue, 07 Feb 2023 18:19:13 GMT
server: UploadServer
x-goog-hash: crc32c=SIPyDg==, md5=fn/H/ml+wGB6Z7cu24AK3g==
x-gdpr: 1
x-goog-stored-content-length: 45586
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~4be5fe75-74559deba87fc6f256a9.js Show response
www.nytimes.com/vi-assets/static-assets/ 66 KB
13 KB 17ms
16ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~4be5fe75-74559deba87fc6f256a9.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0108016187bc37c00a33d4b6c863f01266d2b5b10d946db26e0c759e8826cf8f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 526371
x-guploader-uploadid: ADPycduxx5KTc2fedlcB8aR2GDMK7wbI3OwhJhOqdKYJyPohLGlqAFmsDqIrxYHedqpfgpSco6RXfTpFBNLh55T0kVyMUQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-15 16:17:50 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004221.616275,VS0,VE1
etag: "89f015aa8c877310de9518a1e121aa07"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1676477412838018
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~4be5fe75-74559deba87fc6f256a9.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10206
expires: Thu, 15 Feb 2024 16:17:29 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13123
last-modified: Wed, 15 Feb 2023 16:10:12 GMT
server: UploadServer
x-goog-hash: crc32c=XMdi1g==, md5=ifAVqoyHcxDelRih4SGqBw==
x-gdpr: 1
x-goog-stored-content-length: 67804
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 18ms
17ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29cd49f61d6124f05a6cd8d781742624ea2205be8dcee00249e588e2a02737e2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 6536975
x-guploader-uploadid: ADPycdsXuCunCN1xqp0CKdu6tXvVcvLZXeChagrs2B_vOU6dy2nWikDmhN9dlKdzLhfW-Zt6npwtjhkouFdaNx9FGSYHC6VvZxA6
x-goog-stored-content-encoding: identity
x-origin-time: 2022-12-08 02:40:44 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004221.617633,VS0,VE1
etag: "1cc0a195edd4322de916042d2d3ce9a5"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1669851759141967
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10603
expires: Fri, 08 Dec 2023 02:40:44 GMT
date: Tue, 21 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 4953
last-modified: Thu, 08 Dec 2022 00:07:35 GMT
server: UploadServer
x-goog-hash: crc32c=VL7/VQ==, md5=HMChle3UMi3pFgQtLTzppQ==
x-gdpr: 1
x-goog-stored-content-length: 21765
accept-ranges: bytes

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Feb 2024 17:21:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
347 B 60ms
41ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b8ecfd11e8086450c73ba71ec182da2ef46cb8602cfdaccf9640efe20fdcb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 322
x-xss-protection: 0
expires: Tue, 21 Feb 2023 18:30:20 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 261 KB
54 KB 121ms
9ms Script
text/javascript 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: go.alertmedia.com
URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-95.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

320665fed3de0e7308cf1fdae387d8ab8df4ba3e3f08862c562c2c92654612a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront), 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
date: Tue, 21 Feb 2023 17:55:00 GMT
x-amz-cf-pop: FRA60-P2, FRA56-P2
age: 2120
x-cache: Hit from cloudfront
content-length: 55097
last-modified: Fri, 17 Feb 2023 13:54:04 GMT
server: Apache
etag: "41481-5f4e5a57473d5-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: wXYT7upi4FxZvqLwEH5kC2PqN6rqxg7zI-AgZy_UkPERmNkiMe5P-w==
expires: Tue, 21 Feb 2023 18:55:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 59ms
20ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 115ms
43ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 187ms
187ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2837103150259578&correlator=265802761652092&eid=31072019&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=4096615031&sfv=1-0-40&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D678&cust_params=als_test_clientside%3Dweb_none_low_20230221183020%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dtrue%26vp%3Dlarge%26als_test%3D1677000174175%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26org%3Dnorfolksoutherncorporation%252Cenvironmentalprotectionagency%252Cnationaltransportationsafetybo%26geo%3Deastpalestineohio%26des%3Dhazardousandtoxicsubstances%252Crailroadaccidentsandsafety%252Cchemicals%252Cpollution%252Cevacuationsandevacuees%26auth%3Dchristinehauser%26coll%3Dusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008768644%26pt%3Dnt10%252Cnt12%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt17%252Cpt20%252Cpt21%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_chanel%252Cneg_chan2%252Cneg_ibm%252Cneg_mastercard%252Cneg_bp%252Cneg_bofa%252Cpolitics_sentiment%252Cneg_debeer%252Cneg_google%252Cneg_ms_safe%252Cneg_mtb%252Cneg_orep%252Cneg_racism%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_death_injury%252Cgs_science%252Cgb_death_injury_newsent%252Cgs_science_environ%252Cgs_health_misc%252Cgs_health%252Cgs_politics%252Cgb_death_injury_edu%252Cgs_politics_misc%252Cgs_science_misc%252Cgs_t%26is_viral%3Dmedium%26tt%3D24%252C43%252C48%26mt%3DMT10%252CMT2%252CMT6%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_1022_1_updates%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3Dn-hlNBjSkuG4ojvUtzOii-_6%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DVFebMiHvJqYgnQD7xwVMA6&sc=1&cookie_enabled=1&abxe=1&dt=1677004220864&lmt=1677003573&dlt=1677004220151&idt=658&adxs=0&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&ref=https%3A%2F%2Fgo.alertmedia.com%2F&frm=20&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1632022799.1677004221&ga_sid=1677004221&ga_hid=752532962&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

419e3a7710475352406223fcbbf2490b0b2cba5c595450171493813eddeb2f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10904
x-xss-protection: 0
google-lineitem-id: 6181152954
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138417413275
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C80E 6 KB
3 KB 70ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:30:20 GMT
expires: Wed, 21 Feb 2024 18:30:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
8ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Tue, 21 Feb 2023 18:30:21 GMT
samizdat-x-canary: false
samizdat-x-instance: 5fd6d244
samizdat-x-kubernetes-namespace: default
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: SN
x-samizdat-query-exe-id: 89f2270d2eab3c4a
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220070-HHN
x-timer: S1677004221.232917,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Tue, 21 Feb 2023 18:30:21 GMT
samizdat-x-canary: false
samizdat-x-instance: 5fd6d244
samizdat-x-kubernetes-namespace: default
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-cache: HIT
x-cache-hits: 2
x-datadog-trace-id: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: SN
x-samizdat-query-exe-id: b70dd68a9f78cd35
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220070-HHN
x-timer: S1677004221.269992,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
8ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Tue, 21 Feb 2023 18:30:21 GMT
samizdat-x-canary: false
samizdat-x-instance: 5fd6d244
samizdat-x-kubernetes-namespace: default
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-cache: HIT
x-cache-hits: 3
x-datadog-trace-id: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: SN
x-samizdat-query-exe-id: abebc6ee269cd777
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220070-HHN
x-timer: S1677004221.304084,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 11ms
10ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 1
cache-control: max-age=30
content-length: 0
date: Tue, 21 Feb 2023 18:30:21 GMT
samizdat-x-canary: false
samizdat-x-instance: 5fd6d244
samizdat-x-kubernetes-namespace: default
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-cache: HIT
x-cache-hits: 4
x-datadog-trace-id: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: SN
x-samizdat-query-exe-id: a2380dee800f9786
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220070-HHN
x-timer: S1677004221.366361,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
907 B 123ms
123ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 2abc96f1eeb8ba3-5beab32c13a7e8d-1
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: ad751fe54e88dba0
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-country: DE
x-timer: S1677004221.247312,VS0,VE110
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: SN
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Tue, 21 Feb 2023 18:30:21 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: dbb39622
x-envoy-upstream-service-time: 19
samizdat-x-kubernetes-namespace: default
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 2abc96f1eeb8ba3-5beab32c13a7e8d-1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 14 KB
3 KB 290ms
290ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bb0bda7259459c31d3fc9bdbd21e7385c1a10fcb8087a32829b858f182c67291

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 3a352fdf112ed6d7-32255fc2006707d2-0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: ceb6a299e4d7d014
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-country: DE
x-timer: S1677004221.296155,VS0,VE265
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: SN
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Tue, 21 Feb 2023 18:30:21 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 437ae3fa
x-envoy-upstream-service-time: 171
samizdat-x-kubernetes-namespace: default
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 3a352fdf112ed6d7-32255fc2006707d2-0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 532 B
1 KB 464ms
236ms XHR
application/json 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&referer=https%3A%2F%2Fgo.alertmedia.com%2F&pageviewID=n-hlNBjSkuG4ojvUtzOii-_6

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-42-214.compute-1.amazonaws.com

Software

envoy /

Resource Hash

c6cd522742d93f1f1d555e18fc9b22b8d9cdab7ad6a37dbd9784cd1f39db9e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:21 GMT
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 133
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
content-length: 532

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
893 B 125ms
124ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 1199edbd7c297de5-97e0a7a6c937368-0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 352bdd3e47a785b5
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-country: DE
x-timer: S1677004221.313624,VS0,VE114
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: SN
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Tue, 21 Feb 2023 18:30:21 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 6d71c5b1
x-envoy-upstream-service-time: 19
content-length: 77
samizdat-x-kubernetes-namespace: default
server: envoy
access-control-allow-credentials: true
x-datadog-trace-id: 1199edbd7c297de5-97e0a7a6c937368-0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 456ms
456ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a8dac7a116eb73925ab69ec9366bd93b9babc4e68b3425ea183cd54eedc93167

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 329239d86a1f1a0a-46d72ee1c5ddf38c-1
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 22554a5b2c7c5c97
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-country: DE
x-timer: S1677004221.379030,VS0,VE444
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: SN
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Tue, 21 Feb 2023 18:30:21 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: b39998b4
x-envoy-upstream-service-time: 77
last-modified: Tue, 21 Feb 2023 18:30:21 GMT
server: envoy
samizdat-x-kubernetes-namespace: default
access-control-allow-credentials: true
x-datadog-trace-id: 329239d86a1f1a0a-46d72ee1c5ddf38c-1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 comments-b5ea19c47a3d4820e5c5.js Show response
www.nytimes.com/vi-assets/static-assets/ 38 KB
12 KB 15ms
15ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-b5ea19c47a3d4820e5c5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

674f87febbb98c6127476c45292fa00ab22cee295e3a193219c58652d350d139

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 598072
x-guploader-uploadid: ADPycdvTLXtrSHW_f8OQHpCC8Lbn79ndmLQWTaBBivOwHRAFzVk_jfpFS_vbSMQL3HnWlZwHj9JUIgk4-hrfDQ3GSq-zGmMg1rM_
x-goog-stored-content-encoding: identity
x-origin-time: 2023-02-14 20:23:28 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004221.376620,VS0,VE1
etag: "256ea20a37e2cb79bce09f212ff25265"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1676405605155978
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-b5ea19c47a3d4820e5c5.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11051
expires: Wed, 14 Feb 2024 20:22:29 GMT
date: Tue, 21 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 11417
last-modified: Tue, 14 Feb 2023 20:13:25 GMT
server: UploadServer
x-goog-hash: crc32c=rWiPzw==, md5=JW6iCjfiy3m84J8hL/JSZQ==
x-gdpr: 1
x-goog-stored-content-length: 39085
accept-ranges: bytes

GET
H2 200 vhs.min.js Show response
static01.nyt.com/video-static/vhs3/ 503 KB
115 KB 18ms
18ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs.min.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4a90a3424a65a9eb2d592941bd4257ca6d5e193a3e64438b42ca46016ce32a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Wed, 22 Feb 2023 21:04:38 GMT
date: Tue, 21 Feb 2023 18:30:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 509143
x-guploader-uploadid: ADPycdtiLjWAERzy9ZAjEqNiYfBLqdmrkxfi0_vjEKHT_YSnH6uCcvm6wSTLpVGGF-RlZAySb_qjit00LFlIOuUHXZMdYIn8bpHo
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 116791
x-served-by: cache-iad-kiad7000153-IAD, cache-hhn-etou8220069-HHN
last-modified: Wed, 15 Feb 2023 21:04:32 GMT
server: UploadServer
x-timer: S1677004221.404571,VS0,VE0
etag: "9c42bab1d366f2d16b80b7e5e0798455"
vary: Accept-Encoding
x-goog-generation: 1676495072689735
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=0k3JQQ==, md5=nEK6sdNm8tFrgLfl4HmEVQ==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 515463
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36, 206

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 347ms
137ms XHR
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&caller_id=nyt-vi&jkcb=1677004221401&referrer=https%3A%2F%2Fgo.alertmedia.com%2F&sourceApp=nyt-vi

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

3ec38c80170899bf399c9301086ce2d8829b607d04204c200e900083dc74441b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:21 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 1edeba3b0f20473c308503951082cb7d
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 39
access-control-allow-headers: Content-Type, x-requested-by

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 335ms
122ms Fetch
text/html 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v1/purr-cache

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:21 GMT
via: 1.1 google
x-envoy-decorator-operation: purr.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 282ae1cd171038ce2d9225ebe80a9a31
access-control-allow-credentials: true
x-envoy-upstream-service-time: 24
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 530 B
291 B 45ms
45ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2837103150259578&correlator=265802761652092&eid=31072019&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&ifi=2&adks=2436954947&sfv=1-0-40&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1242&cust_params=als_test_clientside%3Dweb_none_low_20230221183020%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dtrue%26vp%3Dlarge%26als_test%3D1677000174175%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26org%3Dnorfolksoutherncorporation%252Cenvironmentalprotectionagency%252Cnationaltransportationsafetybo%26geo%3Deastpalestineohio%26des%3Dhazardousandtoxicsubstances%252Crailroadaccidentsandsafety%252Cchemicals%252Cpollution%252Cevacuationsandevacuees%26auth%3Dchristinehauser%26coll%3Dusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008768644%26pt%3Dnt10%252Cnt12%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt17%252Cpt20%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_capitalone%252Cneg_chanel%252Cneg_chan2%252Cneg_ibm%252Cneg_mastercard%252Cneg_bp%252Cneg_bofa%252Cpolitics_sentiment%252Cneg_debeer%252Cneg_google%252Cneg_ms_safe%252Cneg_mtb%252Cneg_orep%252Cneg_racism%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_death_injury%252Cgs_science%252Cgb_death_injury_news-ent%252Cgs_science_environ%252Cgs_health_misc%252Cgs_health%252Cgs_politics%252Cgb_death_injury_edu%252Cgs_politics_misc%252Cgs_science_misc%252Cgs_t%26is_viral%3Dlow%26tt%3D24%252C43%252C48%26mt%3DMT10%252CMT2%252CMT6%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_1022_1_updates%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3Dn-hlNBjSkuG4ojvUtzOii-_6%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DVFebMiHvJqYgnQD7xwVMA6%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1677004221908&lmt=1677003573&dlt=1677004220151&idt=658&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&ref=https%3A%2F%2Fgo.alertmedia.com%2F&frm=20&vis=1&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1632022799.1677004221&ga_sid=1677004221&ga_hid=752532962&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4de433a239ffe8f8504099ef8ea7b8dbea3fc313641b183f0bbd1a3420fd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75DA 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:30:20 GMT
expires: Wed, 21 Feb 2024 18:30:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
dd.nytimes.com/js/ 235 B
621 B 28ms
12ms XHR
application/json 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-95.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

7d96d8edfb2ae63f0b3d1ddc3f1af921bae0e9d2416bd61047298f20fbff8e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 18:30:22 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
x-amz-cf-id: twT6i9Bp9VGSv8vrXlbsh7b29EQevdh-2TiTrbmCsSyEzvURoUKeZQ==
expires: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 11ms
11ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 2
cache-control: max-age=30
content-length: 0
date: Tue, 21 Feb 2023 18:30:22 GMT
samizdat-x-canary: false
samizdat-x-instance: 5fd6d244
samizdat-x-kubernetes-namespace: default
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-cache: HIT
x-cache-hits: 5
x-datadog-trace-id: ec665d52a230f8e-b9dcb1c6031f8e1-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: SN
x-samizdat-query-exe-id: a5c7cb2d43b33ae0
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn-etou8220070-HHN
x-timer: S1677004222.247415,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 1 KB
1 KB 19ms
18ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6ec3ae424ac39223857fe857a25ecac5260c47918d63d753bc3c03be6feebc81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 6d66c5c2c0f3417-1fc740f1d11ce7c8-0
age: 1727
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 8517f120e06d5fdb
samizdat-x-canary: false
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-country: DE
x-timer: S1677004222.267027,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: SN
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: HIT
x-cache-hits: 9
x-samizdat-query-sup-code
date: Tue, 21 Feb 2023 18:30:22 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: 5fd6d244
x-envoy-upstream-service-time: 18
content-length: 666
last-modified: Tue, 21 Feb 2023 18:00:07 GMT
server: envoy
samizdat-x-kubernetes-namespace: default
access-control-allow-credentials: true
x-datadog-trace-id: 6d66c5c2c0f3417-1fc740f1d11ce7c8-0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 37 KB
15 KB 12ms
12ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/liveAsset-014df3669ca3e419e5bf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9b1c1e318ca29b1805e42e7b40baa4fe51a633d941429b9954553ea2aea86b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 20:48:25 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 520
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 23
content-length: 14548
x-served-by: cache-hhn-etou8220069-HHN
x-nyt-backend: lire-ui
server: envoy
etag: "6mHQVA"
content-type: application/javascript
x-cloud-trace-context: 03cadfb6a6a7a2ebfe2f1bf45be12822
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 61 KB
14 KB 498ms
491ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nytimes.com/capi/metered_assets/?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&plat=web&mc=0&gr=METER_LIMIT&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator&areas=gateway

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1635094857036b73eb9d7c8c382e8d24de5731dee0053c84fb343af9282d12a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache: MISS
x-envoy-upstream-service-time: 375
x-served-by: cache-hhn-etou8220069-HHN
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale_1","gateway":"MAG_web_nonsub_all_monthly-sale_1","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1677004222.372880,VS0,VE482
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-country, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: cf83480e31473cb5cd7118c508ab3df6
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 88ms
22ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Feb 2023 17:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Feb 2023 19:12:06 GMT

GET
H2

200

activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-tr... Show response
5290727.fls.doubleclick.net/ Frame E46B
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2...

801 B
496 B

65ms
64ms

Document
text/html

172.217.20.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f6.1e100.net

Software

cafe /

Resource Hash

28e2b7960711621979738bb45c41f9869fe60877bc4b3d73a3082a304f69dea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:30:22 GMT
expires: Tue, 21 Feb 2023 18:30:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:30:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 43ms
7ms Script
application/x-javascript 2600:9000:223c:d200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: go.alertmedia.com
URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 02:57:12 GMT
content-encoding: gzip
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 55990
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: u62Aq-f169Ubate9Aqjc9jMigwtqJT4EcT6oWcBNQEc-BfwCy6WXmQ==
expires: Wed, 22 Feb 2023 02:57:12 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
739 B 14ms
7ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: go.alertmedia.com
URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 09 Dec 2022 02:14:50 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 63539
x-guploader-uploadid: ADPycdsNm9UAys459iwgE_D3VLqHsTWrnRfxBu0TH80omNfdLhxH7-Jv9kSsEmrq6DqzZWE14u0pcOHdWhqzo_v0iM-_iVyE2dLo
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1677004222.420129,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1680

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
3 KB 54ms
21ms Script
text/javascript 2606:4700:e0::ac40:6509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3128ea436a6cf8295a2c73c934b9d60053e42ec5dc3529f0113f26c6ca8c1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2757
cf-polished: origSize=4684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj: minify
last-modified: Tue, 21 Feb 2023 17:44:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUYf5YinapiyOVfreBeLdexXoZMsunotcqWrGiAnL720wloB8FRWVEa%2FJozDM8hCiIHMrZUWQAYuGVu5wOOwd4v9R6zgZlR4e0%2FCGP5k1PZR58BYdtpTQtyLuGZBk%2F5WotJZ0%2Byga2VJy5vpV4god3HCsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79d18d8649ee2bd1-FRA

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 106ms
35ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=155577523
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Feb 2023 18:30:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 75DA 24 KB
7 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
URL: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 262327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 18 Feb 2024 17:38:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75DA 156 KB
48 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
URL: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 18:30:22 GMT

GET
H2 200 vhs-plugin-cover-vi-cb257bc040e9e6c17927.min.js Show response
static01.nyt.com/video-static/vhs3/ 50 KB
12 KB 10ms
10ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs-plugin-cover-vi-cb257bc040e9e6c17927.min.js

Requested by

Host: static01.nyt.com
URL: https://static01.nyt.com/video-static/vhs3/vhs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0d7ccee7c64ea7c455ea02283deaa6a1d0b862d4494cc0e8a5e7f8c4de932943

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Wed, 22 Feb 2023 21:04:38 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 508849
x-guploader-uploadid: ADPycdv2wjkNXYycEERi99Yv4fkyBNQSmpiooolxcK0FdlMtPf7lsKouxxfc9sz-B21sSz3aXSPxGIPeNUK2PLqdea5ZTlIH8Gdx
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 12019
x-served-by: cache-iad-kjyo7100142-IAD, cache-hhn-etou8220069-HHN
last-modified: Wed, 15 Feb 2023 21:04:32 GMT
server: UploadServer
x-timer: S1677004223.546452,VS0,VE0
etag: "6193b23f49e49ff96ab0979fc5aca664"
vary: Accept-Encoding
x-goog-generation: 1676495072666257
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=fw+YVw==, md5=YZOyP0nkn/lqsJefxaymZA==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 51629
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26, 119

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61987b71501afac79b03e8baa611020d395a37e824fd2360e7831443a305e71d

Request headers

Referer
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 vhs-hlsjs-2a131733baaaf90604d3.min.js Show response
static01.nyt.com/video-static/vhs3/ 226 KB
68 KB 8ms
7ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs-hlsjs-2a131733baaaf90604d3.min.js

Requested by

Host: static01.nyt.com
URL: https://static01.nyt.com/video-static/vhs3/vhs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

370620b4736e7bdbf7dae225a556bb908e2b7b50a5c1d7c48006bf2bf42045ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Wed, 22 Feb 2023 21:04:39 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 508848
x-guploader-uploadid: ADPycdshNngDCbmUvavjD8-e79pCM7H0BYFvg5AcsAipiu7bxkUYCLZTd1r87J6ADyiTr11TcmWfVm5UH81N16VL81sKxg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 69375
x-served-by: cache-iad-kcgs7200104-IAD, cache-hhn-etou8220069-HHN
last-modified: Wed, 15 Feb 2023 21:04:32 GMT
server: UploadServer
x-timer: S1677004223.576028,VS0,VE0
etag: "35f27e1241c1e234b7c2f84bbafbf0ae"
vary: Accept-Encoding
x-goog-generation: 1676495072607116
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=aTRfjg==, md5=NfJ+EkHB4jS3wvhLuvvwrg==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 231118
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44, 54

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 75DA 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgSDR4AGRThGFaCq4z9jByyKa7v5Lnra0_doODfjbT8dg7IypeM2j6HjED0Okmm5UWjvt9StcyooP9oDUTHrxmdoPbE26Ut3L_Tm8t6ii6FHrKi1rSuJFsre8F50xY1Wd_154coBGT-rSWSXcP9lg4vSVM6SbUNozDEcm2iCFxJSvIf6rtn9yfKXAejqf_Pag77LBl-QL4O2faIIP1jWqWTqBLhoPWY-J8464yitUcawFFPfm-HZMUFZsaENttUBotuiio7tNjS6cKXFa3hK1-lqtfurh2ezqPPvTnWy2aTwqWIZWCt28fB10He4BEmwtsXNX17-ks8LUM0FfGNCcHm6eN9vl0o3vhILY7&sai=AMfl-YSMBpOJBi6-6Zg6nHSD2hew-ck8Z2JVRRs02t8LskAkk6ih0c_SUAh59sCQnNA_X8iK2-faPu2iM9__Tri8dr98JXl9gm7MLPz6Aq0iRTHj5YNCG54E8lKan5_PMHqS4Au94C0GrsrMVu0Mu1bd&sig=Cg0ArKJSzMuqLunAOi-REAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
URL: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 flex Show response
www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/ Frame B7BC 4 KB
2 KB 19ms
19ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Requested by

Host: 6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
URL: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

837c46a211e63b71476737cae813c22a71d995b58b1fbd6d6b677236ce44b2b7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
age: 1627
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1145
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html;charset=UTF-8
date: Tue, 21 Feb 2023 18:30:22 GMT
expires: 0
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
pragma: no-cache
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding,x-nyt-country, x-nyt-continent, X-NYT-Currency, Fastly-SSL
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 35
x-gdpr: 1
x-magnolia-vary: x-nyt-country, x-nyt-continent, X-NYT-Currency
x-nyt-app-webview: 0
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-route: mwcm-banner-ads
x-origin-time: 2023-02-21 18:03:15 UTC
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1677004223.603115,VS0,VE8

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 44 KB
14 KB 19ms
17ms Script
text/javascript 2606:4700:e0::ac40:6509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362f9aaae9dd7b210345b50db9f4de54e0467c20afdfb35073dbd12d4d86c167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2757
cf-polished: origSize=45937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj: minify
last-modified: Tue, 21 Feb 2023 17:44:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRijS5QB1u6WMmM2RGWopQ3uqRrXH7F%2Flf%2FOfQ6WLqOkig%2Bh9OjPCT3N3EiKHx7jnqvljES3WSicOXg8fh737J2%2BzpaL7V95cag4llrSlvp0fqYRm84S4bRBm1kcmE1C7UpfJIQChcV%2BcT5G%2Fy5Xkm5qzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79d18d875bec2bd1-FRA

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame 6E25 19 KB
9 KB 436ms
435ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

3270e56ef7c74cc9fb2e0ba9ea907b8913a0b46d781ed18b20013711f4d9a609

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 18:30:23 GMT
etag: W/"4cee-nh0VhEyhEPaQ3qMMkQFDnWslsXc"
expires: 0
pragma: no-cache
resp-details: [[it:lui]]
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 0926b5989b2663a66c57ab7d7d74b04d
x-content-type-options: nosniff
x-datadog-parent-id: 2384207816124970635
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 3474593093357946759
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 26
x-nyt-backend: lire-ui
x-nyt-edge-cache: MISS
x-powered-by: Express
x-served-by: cache-hhn-etou8220069-HHN

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 986ms
98ms Image
image/gif 35.169.218.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Farticle%2Fohio-train-derailment.html&u=DJl5CIOms0uBFeVKt&d=nytimes.com&g=16698&g0=us&g1=Christine%20Hauser&n=1&f=00001&c=0&x=0&m=0&y=1578&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fgo.alertmedia.com%2F&PA=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&b=2555&t=C8z31ii-II0D26SakB12eh5CxD6Bd&V=139&i=After%20the%20Ohio%20Train%20Derailment%3A%20Evacuations%2C%20Toxic%20Chemicals%20and%20Water%20Worries&tz=0&_acct=anon&sn=1&sv=-PaBpCjlNFy7h3QNCo_jk3BP9nK2&sr=https%3A%2F%2Fgo.alertmedia.com%2F&sd=1&im=06679ef3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.218.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-218-52.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Feb 2023 18:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 42ms
41ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=752532962&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html&dr=https%3A%2F%2Fgo.alertmedia.com%2F&ul=en-us&de=UTF-8&dt=Train%20Derailment%20in%20East%20Palestine%2C%20Ohio%3A%20What%20We%20Know%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACgBM~&jid=1351584307&gjid=1681420477&cid=1632022799.1677004221&tid=UA-58630905-2&_gid=1715668600.1677004223&_r=1&_slc=1&gtm=45He32f0n71P528B3&cg1=us&cg2=null&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html&cd2=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&cd3=%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&cd4=U.S.&cd9=9&cd10=go.alertmedia.com&cd13=go.alertmedia.com&cd14=null&cd15=earned&cd16=referring_links&cd17=100000008768644&cd18=Christine%20Hauser&cd19=After%20the%20Ohio%20Train%20Derailment%3A%20Evacuations%2C%20Toxic%20Chemicals%20and%20Water%20Worries&cd20=&cd21=Article&cd23=U.S.&cd26=2023&cd27=2023-02-13-16&cd28=Monday&cd29=16&cd30=1677002909324&cd32=U.S.%20News&cd33=SECTION&cd34=NEWS&cd36=13xp-ohioexplainer&cd37=1278&cd38=Express&cd42=nyt-vi&cd43=Hazardous%20and%20Toxic%20Substances%2CRailroad%20Accidents%20and%20Safety%2CChemicals%2CPollution%2CEvacuations%20and%20Evacuees&cd44=Norfolk%20Southern%20Corporation%2CEnvironmental%20Protection%20Agency%2CNational%20Transportation%20Safety%20Board&cd46=East%20Palestine%20(Ohio)&cd48=February&cd49=long_1200_1600&cd51=nyt-vi&cd52=&cd53=Express&cd54=null&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=VFebMiHvJqYgnQD7xwVMA6&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=VFebMiHvJqYgnQD7xwVMA6&z=2042722240

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 75DA 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ_Pj9adUTfNVMPMPmU5YzQ0JT9aPwhaNKAKYmemDTxxTKq-HXX-q_t8i2j7Zap1VBQ94UKQEzJijaN4OemaeZyIvV5tNxD172HrLEyWY8NR7MLddFzCWhALybd7bh4IgmxFjBWtfH7vwMtQm_izz5m7BV5_f7i82wyQcI0aq-YYnOGuqbPm7lCSTWPDYKTx20T6fYNZW-vH0BQlO_X1ed0S0LmtPT4oznX0N_6v_RSWhLQ7phBOGO0KPXrSalgQhNVCTJ4jl64BnMKLAqCAPSCUBkUJWepk3qIHe-SU5PbYO7uhKipsDNq2dyb7wvTD9--g&sai=AMfl-YTEqvV4qkH-SNSeNKTqT-FkwDD9zrH3Jx7sF9bC6HXsOXzZDE5yqkGywgMEblg96IsWGlW2-55Pt-CDmdrgGg_eKsoVJ9oChkNZFkoyq5X7vHmn0b9Lz4jI4wOKhMgCGY3K3f_Xik_Pl1Fwc7Or&sig=Cg0ArKJSzLEb3d5myRN6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Feb 2023 18:30:22 GMT

GET
DATA 200
OK truncated
/ Frame 75DA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e0d8d6ed7a960fe4c6563417af06dc7881227fdafa24f1889541ac78811a5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok...
adservice.google.com/ddm/fls/z/ Frame E46B 42 B
262 B 58ms
57ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKjq4Mefp_0CFRCIsgodBzoBNw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8115610044390;gtm=45He32f0;auiddc=927718023.1677004222;u17=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Farticle%2Fohio-train-derailment.html%3Fmkt_tok%3DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main_flex.css
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/ Frame B7BC 344 KB
42 KB 15ms
8ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3fdb813192098028336976db08f3065344ea01a1d5df815c29bc1476d4f3912

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
age: 65264
x-cache: HIT
x-envoy-upstream-service-time: 10
content-length: 43178
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Wed, 28 Sep 2022 19:05:59 GMT
server: envoy
x-timer: S1677004223.736561,VS0,VE1
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 205

GET
H2 200 970x250_2X_.gif
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame B7BC 243 KB
244 KB 47ms
41ms Image
image/gif 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/970x250_2X_.gif

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f745cef00cf29b0b9806d20bdc65ae6c07696c7daa7984f37dcf21b3e64ac9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 102812
x-cache: HIT
x-envoy-upstream-service-time: 5
content-length: 249151
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Wed, 28 Sep 2022 19:05:24 GMT
server: envoy
x-timer: S1677004223.736607,VS0,VE33
content-type: image/gif;charset=UTF-8
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 300x250_2X.gif
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame B7BC 189 KB
190 KB 101ms
101ms Image
image/gif 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/300x250_2X.gif

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5b1e6e8a48f4f9f2b5c1651045906dfb671cf15e8a9571b94d223dbc00109874

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 56331
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 193787
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Wed, 28 Sep 2022 19:05:23 GMT
server: envoy
x-timer: S1677004223.762656,VS0,VE93
content-type: image/gif;charset=UTF-8
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 NYTAllAccess_Black.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame B7BC 14 KB
6 KB 20ms
20ms Image
image/svg+xml 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/NYTAllAccess_Black.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1f4a49e702d0d77e1694817dd9cf1ba8569a9e2506ff6f3e6eaab2be2b14b46d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:22 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
content-encoding: gzip
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
age: 150022
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 6269
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Wed, 28 Sep 2022 19:05:24 GMT
server: envoy
x-timer: S1677004223.832004,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 439

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:44:25 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536757
x-guploader-uploadid: ADPycduLkeFxjqskElbpeRIyjnwFoSr4y_dZQYs9o7qaF8_uUlOa-GTPWoWXQzVFfGBdPs5ADBgbakr7iAGr2uFRCwuCCzcvqmpw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004223.741148,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1651598151037520
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 492

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
143 B 735ms
22ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=6690452
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date: Tue, 21 Feb 2023 18:30:23 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 cheltenham-normal-300.woff2
g1.nyt.com/fonts/family/cheltenham/ Frame B7BC 27 KB
27 KB 8ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff2

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:42:05 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536898
x-guploader-uploadid: ADPycdt86aqn8PEZa8LKlO5FS16F5E1-eI5p4uw0BAZ0VNRvnuHXWsElCb1_o1FRO4WdwfSJiPThFVekpuYr8M80sysR6w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1677004223.832405,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1651598149673512
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 franklin-normal-300.woff2
g1.nyt.com/fonts/family/franklin/ Frame B7BC 20 KB
20 KB 9ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.woff2

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:42:05 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536897
x-guploader-uploadid: ADPycdvSDLf8e-REI7S-y0Bfr1kVd2t0xDRRYh4LqybxXbCYn-_IXRYVzdbc2M39OXdy8c2HmCQp12mLLXW6hfJtGVDgw2Lh9t16
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004223.832924,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598151029342
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 franklin-normal-700.woff2
g1.nyt.com/fonts/family/franklin/ Frame B7BC 20 KB
20 KB 8ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff2

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:42:05 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536897
x-guploader-uploadid: ADPycdutLS6hlvaSij6XjUu6fIF3VqYzc3cjEsg7IB1ZNA7-wE6UcMjCOWKlHY-Plr3969xDb3LSsnSs70k7bpD2ReHZTw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1677004223.832935,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1651598151071151
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 25

GET
H2 200 vhs-plugin-nyt-analytics-4df308f908d7fd313c6b.min.js Show response
static01.nyt.com/video-static/vhs3/ 26 KB
6 KB 9ms
9ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs-plugin-nyt-analytics-4df308f908d7fd313c6b.min.js

Requested by

Host: static01.nyt.com
URL: https://static01.nyt.com/video-static/vhs3/vhs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b95ba7f8bc8db2c75cc980ff92ab77708e8b4c06edf022e8f578ca3d8e11417f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Wed, 22 Feb 2023 21:04:38 GMT
date: Tue, 21 Feb 2023 18:30:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 508849
x-guploader-uploadid: ADPycdsuSRC5ndL9qGet5V_g9j1ZDG3jLk9ypFIaV575q6XxA-_vvTAmTmxeQktL1SEyR2b3bDLTIfPKSrPITyqtzhA-p_LBpsTv
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 5721
x-served-by: cache-iad-kjyo7100176-IAD, cache-hhn-etou8220069-HHN
last-modified: Wed, 15 Feb 2023 21:04:32 GMT
server: UploadServer
x-timer: S1677004223.837792,VS0,VE0
etag: "62531a18e85de720ca91aee44ff4378f"
vary: Accept-Encoding
x-goog-generation: 1676495072664690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=CnQyTg==, md5=YlMaGOhd5yDKka7kT/Q3jw==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 26888
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 407, 111

POST
H2 200 track
a.et.nytimes.com/ 0
0 234ms
234ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 225ms
224ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 6E25 470 KB
156 KB 10ms
10ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=9d27970

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f2859c18a274d988c4e21803e47de7c41f66060fc060b66822e165b44f82492c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 20:43:13 GMT
date: Tue, 21 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
x-api-version: F-X
age: 376
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 7
content-length: 159618
x-served-by: cache-hhn-etou8220069-HHN
server: envoy
x-nyt-backend: lire-ui
etag: "6mHQVA"
content-type: application/javascript
x-cloud-trace-context: 81aae6a2c2e84846dd8eebe4a366fd5d
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame 6E25 205 KB
49 KB 69ms
15ms Script
application/javascript 2a02:26f0:3500:592::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:23 GMT
content-encoding: br
last-modified: Fri, 03 Feb 2023 22:02:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame 6E25 0
0 136ms
136ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame 6E25 261 KB
54 KB 11ms
11ms Script
text/javascript 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-95.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

320665fed3de0e7308cf1fdae387d8ab8df4ba3e3f08862c562c2c92654612a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront), 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
date: Tue, 21 Feb 2023 17:55:00 GMT
x-amz-cf-pop: FRA60-P2, FRA56-P2
age: 2123
x-cache: Hit from cloudfront
content-length: 55097
last-modified: Fri, 17 Feb 2023 13:54:04 GMT
server: Apache
etag: "41481-5f4e5a57473d5-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: S1WeXiTHUoBHDzuByQWWNRJFvw1TVYdZNTMMZZlFIeVrIDLQ4P4Kkg==
expires: Tue, 21 Feb 2023 18:55:00 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame 6E25 0
0 133ms
133ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame 6E25 1 KB
1 KB 416ms
213ms Fetch
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252Farticle%25252Fohio-train-derailment.html%25253Fmkt_tok%25253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-430913

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

1282bf458f0f71ef47407d56b0b5e229799f608f427edd10f0f4f7197a3a99fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:23 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 3f7b77907e2a5d058b00c0a99ddb9b28
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 111
access-control-allow-headers: Content-Type, x-requested-by

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame 6E25 241 B
625 B 12ms
11ms XHR
application/json 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-95.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

ad63466fa7eb66de30b2cb6c2a86723546a1bb369c8620ca869c3297ffa02f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 18:30:23 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 241
x-amz-cf-id: WJ26V5Pisf2EkXsVteZtX0hgLD3cHH3G_sJvcsjNIRD5C_vlVecW2w==
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 132ms
132ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 6E25 29 KB
29 KB 35ms
21ms Font
font/woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:54:00 GMT
date: Tue, 21 Feb 2023 18:30:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536182
x-guploader-uploadid: ADPycdtQbj6ewMK02wTCmhdmtPDPE66Y8zTMj7YzNQUFw2mTGSmIxpeAYJG6FCgIk-ra7vE65SAZ1AECO5_P03wDX-Q4SA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1677004224.758166,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
x-goog-generation: 1605538717313763
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29324
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 63

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 6E25 29 KB
29 KB 29ms
18ms Font
font/woff 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 02:54:00 GMT
date: Tue, 21 Feb 2023 18:30:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6536181
x-guploader-uploadid: ADPycdvNd9RXunXZckfpTvUn0GufSxlYL433u-ahw2963bu-wKRs4XGx04WEfw3Qf8s1HWCu_qZXl-sd-28gvRLpW_gFEQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1677004224.756276,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
x-goog-generation: 1605538717322939
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29504
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 12

POST
H2 200 track
a.et.nytimes.com/ Frame 6E25 0
0 138ms
136ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 .status
a.et.nytimes.com// 0
0 130ms
130ms Fetch
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 93ms
54ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae7ad8d75bd447c7def5f2954ca9583163cdb884bea925592b568a9f0f6b4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11115
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 48ms
21ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: go.alertmedia.com
URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6425b050a77eda6dabcd8da83e17c5425cd69cdcdc2e18277278d644416d973

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:23 GMT
x-amz-version-id: 9cKulCFM3AlmyVMJqGEndcCV0ZchtEPY
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 626XZ029TG4W3Y0Q
age: 348
x-amz-id-2: +NGPlmBwYhRzKSKUEShEmu93AtwKx3tpHK1DHdhm6aSs/8qfWb6WDE++CajYkwePk+HbJDuXBBM=
last-modified: Tue, 21 Feb 2023 17:17:08 GMT
server: cloudflare
etag: W/"e4ed1234913bf8bca8dda8c437b2bf20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYKeSzNgcnDRQ6c8tWqGWNYObeZG%2BjnB%2FQyTGqVNIZSrVMU6GjU25ayvwLXLuqRLv2inzzc9eL6KMoiiMJmwXMq%2BXDGY8xtLCtY%2FKl4i0xks7mSn%2BPiuP4oI6XR8ZZpGd%2F7m1J8KQG1xrTqAqjrvf6QUQdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 79d18d8ed849361d-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 6E25 6 KB
2 KB 89ms
44ms XHR
application/json 2a02:26f0:3500:991::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5590014&v=1.720.0&sl=0&si=8d64fd55-6dbb-470b-9291-9e6e08be78c3-rqg0qn&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 88d86a5f08b3472502d0e7653e55a097067b8d4d7feccd822870cf8a1fab2d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 18:30:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1566

GET
H2 200 13xp-ohioexplainer1-hmpq-jumbo.jpg
static01.nyt.com/images/2023/02/13/multimedia/00xp-ohioexplainer1-hmpq/ 201 KB
202 KB 8ms
8ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/02/13/multimedia/00xp-ohioexplainer1-hmpq/13xp-ohioexplainer1-hmpq-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-a728333c94ea6f774da7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

221beb25ee85f143a80f06c64b474f017ebadc5ef60f21136fc517844a1cf300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 21:05:59 GMT
date: Tue, 21 Feb 2023 18:30:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 77023
x-guploader-uploadid: ADPycdvizu4fsJ_W2clkZmCSK6VmqQbont3TijkmuBElMVmoP3yhDbTgejvQhDdZY-L5YO0vN7B4ocXvFD7g9J49l9iNRtG7NSuu
x-cache: HIT, HIT
fastly-io-info: ifsz=344730 idim=1024x683 ifmt=jpeg ofsz=205534 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 205534
x-served-by: cache-iad-kjyo7100028-IAD, cache-hhn-etou8220069-HHN
server: UploadServer
x-timer: S1677004224.845374,VS0,VE0
etag: "HZUSrRSDRWos9E8OmJ6XfYcxF0kDIIwmZlI7LRnORgQ"
vary: Accept
x-goog-generation: 1676322330740470
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=QpEKSg==, md5=/vTPxKPcb1NZ6bFArAs4sg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 344730
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 2

GET
H2 200 match-prod-41c7baf5c4dde6d213c3.js Show response
platform.iteratehq.com/ 85 KB
29 KB 23ms
23ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1736a8ee454e1cd527017be42ce2376f06a0496c0e3bbfb3b5570c32c8b78b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:23 GMT
x-amz-version-id: IY2q0Sf7hCA.Nwz4PPsPFG6wu8iKtBNc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 626PSZFVFDN0E4NQ
age: 3959
x-amz-id-2: KFuutokBd8hTvA70snIb2cwxuDstBwBynv/uANDYKXEPjK0TxzZzaCvkQcc5W6Q8xFZ5xoLXKDM=
last-modified: Tue, 21 Feb 2023 17:17:07 GMT
server: cloudflare
etag: W/"3ea76037f7da148abc95b7b1d4e6c913"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTNFe5bf5ws1jwMbEdubQWQJZvFqf0I7OUxOTEM%2FMty%2FOQjTVtqT25usS6TJ3zz0LCf5eZJgAdUW%2BTcGb77C1%2Fm%2FpUNrLAdbOLfqsHpzJpodEhi%2BzDcfQNH3AJx410qPjlFNvQxt2QFBDVmrp%2B9b8oazJKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 79d18d8f18c9361d-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 18:30:23 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75DA 42 B
174 B 43ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT3BhOXcmSARD6vyiMPeL8LDGkcF-LbsZXt05-dhmSu4V5ZWwQA16k1ks3MuoIrBkX6N5j2Jh3FdrzWppcpez1uuaJs1g3_w-SJQK-TccjGMt88lzX&sig=Cg0ArKJSzAEtinKruNnzEAE&id=lidar2&mcvt=1002&p=149,0,423,1600&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=4096615031&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677004222045&rpt=646&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 18:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
359 B 105ms
105ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:24 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krDZFoJRQuOyQHApUHIcgr7kADE45YfzI%2FIEgF5N8nvELvveczZLuEFVw1x7CSUGmEwN%2FUfx9u5ELFkc1iKbGVt2R04wt8zpUqCIsCtGIBwdPF2DemgMxoDer6BntPQp9XE2MmqZmRvOuwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d903c1c3a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 139ms
104ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d8f9af33a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34BanxAnwgzNZb6iuJZuMAvFVejKMS82SmzMCuQjpkLx9KXiW1J9BJRW9%2FO8Pbkwx5WW8cluBLqcL2XRCSiiTltkRmp2YrjcVwf%2FPnC%2FjM5xKrAm7842tn%2FihywLO0DrLaKJPxofZc%2Bees8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A1D 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 17:42:59 GMT
expires: Wed, 21 Feb 2024 17:42:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AE6E 783 B
1 KB 107ms
45ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d09f580da5dfe300dcc212226401ccde89149bfab7b0b2ed821357f5ee320ad0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OmE2sIq9R0jdtMpxMtg2Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-OmE2sIq9R0jdtMpxMtg2Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 18:30:23 GMT
expires: Tue, 21 Feb 2023 18:30:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A1D 36 KB
14 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 15:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 15:18:10 GMT

POST
H2 403 report
csp.dev.nytimes.com/ Frame 6E25 425 B
537 B 19ms
9ms Other
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

6d72226ec5fade1916ff596433589c4f433b6716e9238ad11ce3408f1daa2a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

x-served-by: cache-hhn-etou8220070-HHN
date: Tue, 21 Feb 2023 18:30:23 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: Varnish
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 425
retry-after: 0
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE6E 0
0 41ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=2837103150259578&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7A1D 0
10 B 9ms
9ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GJT8dA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:30:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ Frame 6E25 0
0 131ms
130ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Farticle%252Fohio-train-derailment.html%253Fmkt_tok%253DODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 403 report
csp.dev.nytimes.com/ Frame 6E25 425 B
487 B 7ms
7ms Other
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

3cbdfec170638fef8e37a0486b55df05310e37417fd6798171259a3202e4cd9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

x-served-by: cache-hhn-etou8220070-HHN
date: Tue, 21 Feb 2023 18:30:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: Varnish
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 425
retry-after: 0
x-cache-hits: 0

GET getdns.txt
trial-eum-clientnsv4-s.akamaihd.net/eum/ Frame 6E25 0
0

POST
H2 403 report
csp.dev.nytimes.com/ Frame 6E25 425 B
464 B 7ms
7ms Other
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

0e6387273305ab039e18b29506d36960e940cc370d6bc5aedd4ff620a876ed72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/csp-report

Response headers

x-served-by: cache-hhn-etou8220070-HHN
date: Tue, 21 Feb 2023 18:30:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: Varnish
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 425
retry-after: 0
x-cache-hits: 0

GET getdns.txt
trial-eum-clienttons-s.akamaihd.net/eum/ Frame 6E25 0
0

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
523 B 131ms
131ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6196241e7863699a13633f3c367248ddf53a72946bd87ee0a788740f1090bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:24 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mASAVWNIltoAT19QMF5J%2BjryBWKcYao08KUYDDIMg7JuIiW8GVJYhNW5daaroDUs3seYPQRPW90izpg%2B%2BxnTtYtMogefP19v4dvlrBJqHNcch5dV7go5L8bwkQH1IFRgHqo1OGODYJNxjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d918ebe3a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 103ms
103ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d90ed8a3a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCHGAQ9fC24pXdS7G4BLDOfcV0Gb0BRHyzmVB9Q%2FKls2OzEV4MuYrVxZ8Bfueyl6iTlcZzv7mowDbzSLPcI3JlXCPJROOOHptj7TsPhYPS8eBbbNyD77CDrWJbguQInLOqcpB0AtPYW2Vgc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
328 B 127ms
127ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17361cebddcdb680132145a3b5a2ef4f8a2143f3f11d75c0d75e45804971f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:24 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzkpPtjXcU24yUna%2FcdfLHsXsBBZPhlJDLyiIDOQNqLyOCUmVeQfxJ3skcXM4RMFRHT0pjgbV9B592fHe1ZegrGASfawcPbsxZFrz%2BD3KNR46ReYSNG7WAsoDrgAnVWlhg6rGD4IwaaaXO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d9309913a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 103ms
103ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d92685e3a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReqJx4Hcf9sf%2BRtMSbpwoTUjpOjWyPJKRE2siOpvA5u4Crw%2BsHz57B5D0wg%2B1A5DQRYOBIg2fbuZCGwaaNXr2i3F9rpE7j0xIk2l1kNFst70Us43lJb%2FZ5HOnf%2FmKvVeATA1b3PNLw7DEHU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=2837103150259578&bg=!W1ilWAzNAAZYlHKzeJQ7ADkAdvg8WheAGIwMFWxXietai0iCS48zP8arG1lYsLAb5Shi5zl47RUSKRmKKWwCdrSTsBJfiW1rr20CAAAAaFIAAAADaAEHCgC7tAn8wfyOYEn7z-7kWU1M5j-uNNCxngDkiZUfH7rOxMbV-3KNplX8JEHXTWM1TF_52qsIxU9fzTs9LD6ins13GS9zXsA7xELTnfqxMkhpkGJoh1hde7d27oI3itMZn-Lh9X_7m60-pn2MWBW1ZtLXnpSU28zaLHcVTBPBc8blPwSP9XlV01cpsmHIJkviSZy2gIyD2-AU71ut5-VvesBDrfjuy5CU-QeR51TN1QnPHyF2h41h4exhS8_ow5kCl6t-P73nnReq-p8fSFUGx_Jacsga4k9YZJG4z1TK2Wxa7WqlNFXHCY23FG60UHXmngq77KUydye-r6iS55pwAiBRBhnZsX-reU6mib9Gwt3b6RQW8J5qNMXujOIasjv5x02AnfknC6GmJmzHUZRBfRcV0He4hjYKmNzxk7aX5nYVnLA3K_yYKW4FzL3C-r6jStpMA84vDscpEdH58lMh012mv3CEHzpaf2n5TBsLhmKTFbnAT_p36hY7b9vQb12NTKj8pWp1BrW6zWb3dzUVDlfEJeHUiUd-xwZDAq2bLzRuJZ9t8h5CMflMhJAPWESW6z-2M967M2yO42VcaMHrWwciPge_Va_izTvXyIQh7V1uACtAV6boYKHM6B3DLa7gk9rMD15JOFL_paFYEMl51L9rYc5cT-HpNXI8P0ko5Z2yHwvyQ0ewW4ugL1Q2XGl6mXdRtEQkIvE7kQTsRXKZKVUpgSZajI8c6eQ0_-wZNbKkTOoqm6-uADKbtHdI_6mEVXmBIH8dGR4PKWscUDrZqklseNzMe0xVFrfZTSY0jWBlqpySX3wJBFHmYwlD6B_IxgSa8bfTVh9y2Q016BuC3td6y0HX8psFuiEXs7wsdcB7E6oV12SLDtLwqtz-LvW3sTN_PINzvYt0yrOgVVwt_6gokj7gA-1x9qFP1RJwLLh1gV6J9lCsO3Np_7SsOVOUZY28x_24kK_gRYwzQLR4KRKYgwbqAn0ya0T9WrvBqHXo_WLn731bw0Ldtz5v9y1wVU969RGbpjZgCZmkdCFaoKtcW2UxADpQRGdrgRrnx4Zp6432uiurrpQcKyAfF3qM3-k4WSXL7LvC8DvOpQYhOALa3rrElzyTXL87W3AK37Yyh8I2M3AMnw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
335 B 106ms
106ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17361cebddcdb680132145a3b5a2ef4f8a2143f3f11d75c0d75e45804971f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:24 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxVvKo2p3JjMzvcTjTEq2qk64y0plw%2B%2FBu4znnYIHDWz6Mw%2FklBZ6Kg0nYX37AGyGLJXfGqCe9DfDBfa95FLAm0ca%2B0ii1Nw9%2Fak7Woe7ZAU8GkYW3jS3%2FDz5e5OTEYHVf3rp0Kk%2Fa3DKkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d947c363a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 102ms
102ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d93db173a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CZBYR5pcZk0SrwkUcEz5xFzple%2B4FXFq8I1DH3OxNTjyf0eGRxu9p10YQ6zvFqLKYggasZj7AAWt0IcUB%2FrzGzV5zVoReRbSeE1OxfOSgvRAwEU1Pswvio8Xlg1LDUuDmfakoZPQS5%2Ffhc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
380 B 129ms
128ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17361cebddcdb680132145a3b5a2ef4f8a2143f3f11d75c0d75e45804971f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:25 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8mP3awouKnOor%2Br4Hv73GriY3Ksag1HVJ6Ibg44eNfaCXkRD3uwhzIMXgAXo2%2FOOuC9EcjcsZX8s8QUyEzq9U63ZCjOKJtTgoBHL5rA4bf0N9De84jDF%2BD1%2FNXY8IMWdpQmU9iuiZimfdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d95dec13a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 107ms
107ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d952d6c3a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OC1LHijjn%2FfiVakKDAne70gbV7GoqRXRIeul8lAGZA6xrVWPeHcUcGN7rVWUsfz71U8yMFlFb8lmw3XTLY%2Ba8oG5dhDuUD3dxSCLJYm6TldXq69LxarqQvnbp1MJYWZWBsBGXlBOukqm7A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
346 B 130ms
130ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8e334f06e5dcf1faeb80b383c618844ad122e81e4b93b142c3b973c8e477bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:25 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiS1xBPG52ZWOFU5qpfN44rGosYPcb2H%2B0c4JO1oEpbSylCkSVnHnq1w93ZSft23AgDch3R0S%2BauRFnMza7C4st%2BJCxSAr2GoRdCH67qvZO6FgdBMN68laWkUyL%2FJUfbmYDYkc7XY%2BnPcuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d9749713a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 101ms
101ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d96a8423a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvLYddczJPoEY5yl0Yajzu0TktfYYDWZohwe753n9349MMyuuXkPO7hPd%2B3jFjd0EOkXQWn9JCs8rMv%2Fi7kHDS4Pm54vSTOptMsOMP10qm4g%2FyxvFUzCZLxcmptMNodh7zKQS9g8UJeWixg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
332 B 114ms
114ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8e334f06e5dcf1faeb80b383c618844ad122e81e4b93b142c3b973c8e477bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:25 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Im%2BDLS0sZiZT%2Ft0fqkQkfBCDU3kG0Txc57MvnbQsTyg5WV1lnf%2Fa1ngu0ChZNUuwEaWw620eDf024mRo%2FbiZbMAhvC7zzSKvDWbqom8EScFvbGGtGqz7McGaqs%2BYlBq4puEiFVU6JMA%2BKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d98cc683a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 105ms
104ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d981af93a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVKm8eGgtqgZ8Y2I4ohF1uixL3eOymUIBqBADMCuMjVyHKJOV8OZQ192%2FKdkytCZ7ia0lc%2BCmfTLTxlVRNy73orqJx3BDCibkFyb6q%2F0ruEXC%2Bti5vjnrEgr2biL1e6nmO1Dgpf%2BeiKjuxQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
332 B 114ms
114ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-41c7baf5c4dde6d213c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8e334f06e5dcf1faeb80b383c618844ad122e81e4b93b142c3b973c8e477bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Feb 2023 18:30:25 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1R3Mzy1dkE61wcpHmbUrwIRzeLNFJ2lAa41wWTOn7BdTEGGU2Jx7G5IYVMO%2FRXiJLJ9XaXFzOcOiiyfxStJ6VEkasDpqiJoAeieQP2EvqLC%2B2%2Fu1Gg5zx%2F8tQRtdf%2BayoEzVaMjWjpxKFdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79d18d9a2f243a7f-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 102ms
102ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 79d18d997dd23a7f-FRA
content-length: 0
date: Tue, 21 Feb 2023 18:30:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cd7SkcuNF8HlAeNX6Z5MpNHmzWTauxFIdVEtrwugmIqMbyGEya0lsJIuBVQPHKC1H9FIQ%2FTtFj7qCidVcOPIDmM5YU8NlXltXQllURnrh1lf4%2BbVYgsH25%2FJwa%2BtrkmXPkKF8sDcMsOmhp4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 132ms
131ms Ping
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/article/ohio-train-derailment.html?mkt_tok=ODUwLVBVUC01MzkAAAGKEz-V2zd9VIeDOja8FP0hY0zuISE7-3REDHVNE-ok77QrZPMrRuyPOWAWS24MnDdmui7lNq1EM92-F7JyAajHF9-IHrngZVAqxWVufcDU8wg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trial-eum-clientnsv4-s.akamaihd.net
URL: https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p3qogbogf

Domain: trial-eum-clienttons-s.akamaihd.net
URL: https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p3qogbogf

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.alertmedia.com/	1970-01-20 09:50:06	Name: __cf_bm Value: o.AwNCOr2RkjIvDOIKBVipuBYL3WErcv8YWsdn1bhYs-1677004220-0-Abk2IeYpJFlQOgWGWQaGJe5Vr/MJzba+e2KYdxjqTuiBvT6LUOj8n5YhwJakWNP5Zm16DOn2X46krHHbsz9UB0E=
.nytimes.com/	1970-01-20 18:35:40	Name: nyt-a Value: VFebMiHvJqYgnQD7xwVMA6
.nytimes.com/	1970-01-20 09:50:25	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 18:35:40	Name: nyt-purr Value: cfhspnahhudnhu
.nytimes.com/	1970-01-20 09:50:25	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 09:50:25	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: e109218eddb646f59583dcf4d3444350
.et.nytimes.com/	1970-01-20 09:50:06	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 18:35:40	Name: sessionIndex Value: 1\|1677004220492\|VFebMiHvJqYgnQD7xwVMA6\|1677004220492
.nytimes.com/	1970-01-20 19:26:04	Name: nyt-m Value: 89C5D6A60D6103F0BCEF4DE7855A5320&n=i.2&rc=i.1&igd=i.0&vp=i.0&imu=i.1&igu=i.1&ira=i.0&iir=i.0&g=i.0&prt=i.0&iga=i.0&imv=i.0&iru=i.1&ird=i.0&v=i.0&vr=l.4.0.0.0.0&cav=i.1&e=i.1677679200&pr=l.4.0.0.0.0&iue=i.0&ifv=i.0&fv=i.0&ica=i.0&t=i.0&er=i.1677004221&iub=i.0&igf=i.0&ft=i.0&ier=i.0&s=s.core&uuid=s.1689e79f-49ba-498e-9580-4bb86e3d9b77
.nytimes.com/	1970-01-20 19:19:34	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-20 18:35:40	Name: nyt-jkidd Value: uid=0&lastRequest=1677004221669&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=https%3A%2F%2Fgo.alertmedia.com%2F&landing=&start=1677004221669&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 18:35:40	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 09:50:23	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 09:50:23	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.doubleclick.net/	1970-01-20 19:11:40	Name: IDE Value: AHWqTUns0ciztY-fCp7KgPxjJnBY1VQdaLbzGn8E3CipOAo96FEqjleT1EDbBygL_8g
.nytimes.com/	1970-01-20 19:11:40	Name: __gads Value: ID=fed672f4effc1b6a:T=1677004220:S=ALNI_MbsKdoCuqaW7emOeo4MiqiUgzCzEA
.nytimes.com/	1970-01-20 19:11:40	Name: __gpi Value: UID=00000bba1955ce5b:T=1677004220:RT=1677004220:S=ALNI_MZax45f0P4C-YhaKe6fJZCfd2Z25w
.nytimes.com/	1970-01-20 11:59:40	Name: _gcl_au Value: 1.1.927718023.1677004222
.www.nytimes.com/	1970-01-20 18:35:40	Name: datadome Value: 3g10ExUU7z82LdmFun8ewsiuXTu4dFvEI__Q4vdnjan3IiI4m5asjM9i~HvrDnmjuzV7I5Nl8DMnJgcoPrLEMUXMt89~kU8E29RJqw0p3gdhcKgPZIH1hid3OWgDvk2o
.nytimes.com/	1970-01-20 19:18:52	Name: _cb Value: DJl5CIOms0uBFeVKt
.nytimes.com/	1970-01-20 19:18:52	Name: _chartbeat2 Value: .1677004222625.1677004222625.1.-PaBpCjlNFy7h3QNCo_jk3BP9nK2.1
.nytimes.com/	1970-01-20 09:50:06	Name: _cb_svref Value: https%3A%2F%2Fgo.alertmedia.com%2F
.nytimes.com/	1970-01-20 19:26:04	Name: walley Value: GA1.2.1632022799.1677004221
.nytimes.com/	1970-01-20 09:51:30	Name: walley_gid Value: GA1.2.1715668600.1677004223
.nytimes.com/	1970-01-20 09:50:04	Name: _gat_UA-58630905-2 Value: 1
.et.nytimes.com/	1970-01-20 09:51:30	Name: et-ppvid Value: https://www.nytimes.com/article/ohio-train-derailment.html=n-hlNBjSkuG4ojvUtzOii-_6^https://myaccount.nytimes.com/auth/iframe/enter-email=3hviI99MxGW_WOtAHYsnfMXu
.myaccount.nytimes.com/	1970-01-20 18:35:40	Name: datadome Value: 63KelwHciMHO2nVzw7WodvU51qh_0XHPh5bM8ARKIvc_psjHNG_McQdhQXWvY~zFAwgXLGJfzsotqOZhDTWQt2aFdqVvsoOD~rRvDaDGr6W4yCTInA4UJzggySoAJ47I
.nytimes.com/	1970-01-20 10:00:09	Name: RT Value: "z=1&dm=nytimes.com&si=f8475e91-426d-494d-a866-3410f50a67da&ss=leel0job&sl=1&tt=w5&bcn=%2F%2F02179919.akstat.io%2F&ld=105"
.nytimes.com/	1970-01-20 19:26:04	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2Y1MGRjMDAxMTQyMzAwMDE4MzgzMTUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc3MDA0MjI0fQ.D8F3YhcJiWm0i8Jvr-8m-Q-tWPIIxo2RP6oF7DvG6kQ

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://go.alertmedia.com/ODUwLVBVUC01MzkAAAGKEz-V23VM3NvIJyR3m8ZwuGKDYX59Zy_GgMKulW7WOFFFzWVA30-0jLFbmHS2jSBrCJtYS8A= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://02179919.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p3qogbogf' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p3qogbogf' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-QGgb5+NIrarSd97aaK3GMDfCocT69lc/PEVc6dmoYt0=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
6ca32454f76c06e80f5eccafef701343.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c.go-mpulse.net
cdn.brandmetrics.com
collector.brandmetrics.com
csp.dev.nytimes.com
dd.nytimes.com
g1.nyt.com
go.alertmedia.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
104.17.71.206
151.101.129.164
151.101.193.164
151.101.65.164
172.217.20.6
18.66.97.95
20.50.2.28
2600:9000:223c:d200:18:1fcd:351:7bc1
2606:4700:20::681a:6e5
2606:4700:20::ac43:479c
2606:4700:e0::ac40:6509
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:400d:803::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2004
2a02:26f0:3500:592::11a6
2a02:26f0:3500:991::11a6
35.169.218.52
35.71.131.137
52.3.42.214
52.54.49.121
0108016187bc37c00a33d4b6c863f01266d2b5b10d946db26e0c759e8826cf8f
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09320ebcab28b0a453f804508dfd345ba6a971f85665b34fd83878bcb5c4f16e
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0d7ccee7c64ea7c455ea02283deaa6a1d0b862d4494cc0e8a5e7f8c4de932943
0e6387273305ab039e18b29506d36960e940cc370d6bc5aedd4ff620a876ed72
1282bf458f0f71ef47407d56b0b5e229799f608f427edd10f0f4f7197a3a99fc
1635094857036b73eb9d7c8c382e8d24de5731dee0053c84fb343af9282d12a8
1736a8ee454e1cd527017be42ce2376f06a0496c0e3bbfb3b5570c32c8b78b96
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c0c530712be256a6d04b8d3221be5499cf530b7109362cfc2327a04b721a22f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f4a49e702d0d77e1694817dd9cf1ba8569a9e2506ff6f3e6eaab2be2b14b46d
221beb25ee85f143a80f06c64b474f017ebadc5ef60f21136fc517844a1cf300
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
28e2b7960711621979738bb45c41f9869fe60877bc4b3d73a3082a304f69dea7
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
29cd49f61d6124f05a6cd8d781742624ea2205be8dcee00249e588e2a02737e2
2ae7ad8d75bd447c7def5f2954ca9583163cdb884bea925592b568a9f0f6b4ff
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
320665fed3de0e7308cf1fdae387d8ab8df4ba3e3f08862c562c2c92654612a6
3270e56ef7c74cc9fb2e0ba9ea907b8913a0b46d781ed18b20013711f4d9a609
362f9aaae9dd7b210345b50db9f4de54e0467c20afdfb35073dbd12d4d86c167
370620b4736e7bdbf7dae225a556bb908e2b7b50a5c1d7c48006bf2bf42045ff
3cbdfec170638fef8e37a0486b55df05310e37417fd6798171259a3202e4cd9b
3ec38c80170899bf399c9301086ce2d8829b607d04204c200e900083dc74441b
419e3a7710475352406223fcbbf2490b0b2cba5c595450171493813eddeb2f3b
4486a33a70b0ab6227074c97c026bc4c4ad732d4290f349c1eedd4d4d5e311d9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4a063a63035471eff910e678b0a10a54cd25c6cecb2f24242e30a9f3e38b4af7
4a90a3424a65a9eb2d592941bd4257ca6d5e193a3e64438b42ca46016ce32a5d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b1e6e8a48f4f9f2b5c1651045906dfb671cf15e8a9571b94d223dbc00109874
5d329ba1259bdb36c7b894d95fc7f99b5c2ba0ba5471acc89ab45a681b2e14f1
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
61987b71501afac79b03e8baa611020d395a37e824fd2360e7831443a305e71d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
674f87febbb98c6127476c45292fa00ab22cee295e3a193219c58652d350d139
6d72226ec5fade1916ff596433589c4f433b6716e9238ad11ce3408f1daa2a42
6d8746e48b67756bb47325d133dc76c6eb324eb6e1ea1e5b32b3a894536c1d70
6ec3ae424ac39223857fe857a25ecac5260c47918d63d753bc3c03be6feebc81
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d96d8edfb2ae63f0b3d1ddc3f1af921bae0e9d2416bd61047298f20fbff8e23
7e0d8d6ed7a960fe4c6563417af06dc7881227fdafa24f1889541ac78811a5ba
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
837c46a211e63b71476737cae813c22a71d995b58b1fbd6d6b677236ce44b2b7
88d86a5f08b3472502d0e7653e55a097067b8d4d7feccd822870cf8a1fab2d01
89c621cba92a10f0b3c8cd9cfeec1cc73e961d101f05b4507ca33cdeebc0c37e
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4de433a239ffe8f8504099ef8ea7b8dbea3fc313641b183f0bbd1a3420fd1b
92e09dd00b707b8b2e4e7162ac6e840c903702f7cea702231bf0ecc84d650e7b
9b1c1e318ca29b1805e42e7b40baa4fe51a633d941429b9954553ea2aea86b99
9f0a678593ec9fdda66464e23f2d5c626d20444e60ab310a366cc916609c101a
a3128ea436a6cf8295a2c73c934b9d60053e42ec5dc3529f0113f26c6ca8c1cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6dff68c963e39916368b1c90ab3d2baa2c359ccf58098f9d365b6944023a92b
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
a8dac7a116eb73925ab69ec9366bd93b9babc4e68b3425ea183cd54eedc93167
ad4390a257ac44e8d87c4b5a97ace91286b8ab39439a84374e59498d9379e56d
ad63466fa7eb66de30b2cb6c2a86723546a1bb369c8620ca869c3297ffa02f86
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b3fdb813192098028336976db08f3065344ea01a1d5df815c29bc1476d4f3912
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b95ba7f8bc8db2c75cc980ff92ab77708e8b4c06edf022e8f578ca3d8e11417f
bb0bda7259459c31d3fc9bdbd21e7385c1a10fcb8087a32829b858f182c67291
c6cd522742d93f1f1d555e18fc9b22b8d9cdab7ad6a37dbd9784cd1f39db9e7b
c8ce109d1227c0fb3255dc7a84628ec77a9c948f5c378d076918832171cf6696
ca8e334f06e5dcf1faeb80b383c618844ad122e81e4b93b142c3b973c8e477bd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d003abd556356a30c3b0e288ff8c1074053a22050bbdb4e9f3b2931c8a9dcef3
d09f580da5dfe300dcc212226401ccde89149bfab7b0b2ed821357f5ee320ad0
d17361cebddcdb680132145a3b5a2ef4f8a2143f3f11d75c0d75e45804971f2a
d7b8ecfd11e8086450c73ba71ec182da2ef46cb8602cfdaccf9640efe20fdcb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e6196241e7863699a13633f3c367248ddf53a72946bd87ee0a788740f1090bf1
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2859c18a274d988c4e21803e47de7c41f66060fc060b66822e165b44f82492c
f6425b050a77eda6dabcd8da83e17c5425cd69cdcdc2e18277278d644416d973
f745cef00cf29b0b9806d20bdc65ae6c07696c7daa7984f37dcf21b3e64ac9bc

www.nytimes.com Open in urlscan Pro 151.101.129.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

99 %HTTPS

58 %IPv6

17 Domains

39 Subdomains

27 IPs

5 Countries

5056 kBTransfer

11591 kBSize

31 Cookies

33 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.129.164 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

99 %
HTTPS

58 %
IPv6

17
Domains

39
Subdomains

27
IPs

5
Countries

5056 kB
Transfer

11591 kB
Size

31
Cookies

137 HTTP transactions
2 data transactions