www.nytimes.com Open in urlscan Pro
151.101.193.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.huffpost.com/click/28816829.418414/aHR0cHM6Ly93d3cubnl0aW1lcy5jb20vMjAyMi8wOC8yMi91cy9wb2xpdGljcy90cnVtcC1tYX...
Effective URL:
https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_...
Submission: On August 24 via api (August 24th 2022, 11:47:48 am UTC) from BE — Scanned from DE

Summary HTTP 116 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 16 domains to perform 116 HTTP transactions. The main IP is 151.101.193.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3528.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
34	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
12	52.207.181.173 52.207.181.173	14618 (AMAZON-AES) (AMAZON-AES)
1	34.192.116.222 34.192.116.222	14618 (AMAZON-AES) (AMAZON-AES)
16	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	18.66.97.36 18.66.97.36	16509 (AMAZON-02) (AMAZON-02)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:7800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:45f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.203.58.48 34.203.58.48	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:ea:... 2a02:26f0:ea:492::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:dc:... 2a02:26f0:dc:29d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
116	29

1 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

link.huffpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.207.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-181-173.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.116.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-116-222.compute-1.amazonaws.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.dev.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-36.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45f7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.58.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-58-48.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:492::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:29d::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 3528 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8722 a.et.nytimes.com — Cisco Umbrella Rank: 6590 als-svc.nytimes.com — Cisco Umbrella Rank: 10860 myaccount.nytimes.com — Cisco Umbrella Rank: 12036 dd.nytimes.com — Cisco Umbrella Rank: 11132 meter-svc.nytimes.com — Cisco Umbrella Rank: 11522 a.nytimes.com — Cisco Umbrella Rank: 8077 purr.nytimes.com — Cisco Umbrella Rank: 8366 mwcm.nytimes.com — Cisco Umbrella Rank: 11458 csp.dev.nytimes.com — Cisco Umbrella Rank: 36933	2 MB
23	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9867 static01.nyt.com — Cisco Umbrella Rank: 7332 a1.nyt.com — Cisco Umbrella Rank: 8512 mwcm.nyt.com — Cisco Umbrella Rank: 20519 typeface.nyt.com — Cisco Umbrella Rank: 29902	1 MB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	50 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 9643	171 KB
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 6898 iteratehq.com — Cisco Umbrella Rank: 6414	32 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3353 collector.brandmetrics.com — Cisco Umbrella Rank: 4498	16 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1188 c.go-mpulse.net — Cisco Umbrella Rank: 554	51 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	44 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7563	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 610	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1264	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	107 KB
1	huffpost.com 1 redirects link.huffpost.com — Cisco Umbrella Rank: 561955	696 B
116	16

	Domain	Requested by
14	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
14	www.nytimes.com	www.nytimes.com 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
10	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
8	samizdat-graphql.nytimes.com	www.nytimes.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com www.googletagservices.com
5	mwcm.nyt.com	www.nytimes.com
4	iteratehq.com	platform.iteratehq.com
4	tpc.googlesyndication.com	304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	dd.nytimes.com	www.nytimes.com dd.nytimes.com myaccount.nytimes.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	typeface.nyt.com	myaccount.nytimes.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
2	a.nytimes.com	www.nytimes.com myaccount.nytimes.com
1	csp.dev.nytimes.com	s.go-mpulse.net
1	www.google.com	tpc.googlesyndication.com
1	c.go-mpulse.net	myaccount.nytimes.com
1	s.go-mpulse.net	myaccount.nytimes.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	www.googletagservices.com	304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	static01.nyt.com	www.nytimes.com
1	link.huffpost.com	1 redirects
116	37

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
cn.nytimes.com
twitter.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
a.et.nytimes.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
als-svc.nytimes.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
a.nytimes.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Frame ID: E86912AEE6B31D49C5ECF74F4D71B070
Requests: 69 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 0A1E3D9EA8C70457AF425A668C6CE8B3
Requests: 3 HTTP requests in this frame

Frame: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 14636648D93AAD6AB824FFFF24E04A6C
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email
Frame ID: 227B5F7E632D288E897590D99F053F95
Requests: 2 HTTP requests in this frame

Frame: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 14D76D2E16EDEEE4ECF0B2843A7CC99E
Requests: 7 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: 7EEDACC4569CAD54DE40E5301EF99009
Requests: 15 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
Frame ID: 5E3256AED10737F12D7AFB647D5F8B7A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1616EDB77543680879EA3CB7C06877DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA3B85793EDD1F71CBD313D161C8A061
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trump Had More Than 300 Classified Documents at Mar-a-Lago - The New York Times

Page URL History Show full URLs

https://link.huffpost.com/click/28816829.418414/aHR0cHM6Ly93d3cubnl0aW1lcy5jb20vMjAyMi8wOC8yMi91cy9wb2... HTTP 302
https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&u... Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

116
Requests

100 %
HTTPS

55 %
IPv6

16
Domains

37
Subdomains

29
IPs

4
Countries

3368 kB
Transfer

9008 kB
Size

30
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/usa/20220823/trump-mar-a-lago-documents/
Title: 阅读简体中文版

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/usa/20220823/trump-mar-a-lago-documents/zh-hant/
Title: 閱讀繁體中文版

Search URL Search Domain Scan URL

URL: https://twitter.com/Acyn/status/1561517837855997952?s=20&t=vxpMwEFKkNHhH4whsDZwNg
Title: had a “standing order” to declassify material

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.huffpost.com/click/28816829.418414/aHR0cHM6Ly93d3cubnl0aW1lcy5jb20vMjAyMi8wOC8yMi91cy9wb2xpdGljcy90cnVtcC1tYXItYS1sYWdvLWRvY3VtZW50cy5odG1s/62e940231581cc2d8a07388bB0f38cca3 HTTP 302
https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request trump-mar-a-lago-documents.html Show response
www.nytimes.com/2022/08/22/us/politics/
Redirect Chain

https://link.huffpost.com/click/28816829.418414/aHR0cHM6Ly93d3cubnl0aW1lcy5jb20vMjAyMi8wOC8yMi91cy9wb2xpdGljcy90cnVtcC1tYXItYS1sYWdvLWRvY3VtZW50cy5odG1s/62e940231581cc2d8a07388bB0f38cca3
https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email

253 KB
74 KB

103ms
33ms

Document
text/html

151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7ed8b7d05ca568ac7043fe6fcac2cb818712c40cf0cf4ca4e8e2cf4d42296c29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 104
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 73906
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Wed, 24 Aug 2022 11:47:39 GMT
fastly-restarts: 1
last-modified: Wed, 24 Aug 2022 11:45:55 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/08/22/us/politics/trump-mar-a-lago-documents.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: e61cca5ca43640cdbb9ca6353fa5676a
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cloud-trace-context: e8375245964a81b425a3e1e70877cee8/18429970365979656059;o=1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1661341576.279948,VS0,VE6
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Wed, 24 Aug 2022 11:45:55 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2022-08-24 11:46:16 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2022-08-24T01:26:30.333Z
x-served-by: cache-lga21930-LGA, cache-hhn4038-HHN
x-timer: S1661341660.852001,VS0,VE18
x-xss-protection: 1; mode=block

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 11:47:39 GMT
location: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
server: Sailthru
x-robots-tag: noindex

GET
H2 200 web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 39ms
15ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
date: Wed, 24 Aug 2022 11:47:39 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 4360361
x-guploader-uploadid: ADPycdtuGEEhtg-sZXKVRt-8bTAwvxG6BvWVTtQgj9wetk2CA-uvUO5O83OqwqlozY5vq30wh_nISjsjaQF332T1gJvt_w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-length: 9789
via: 1.1 varnish
x-served-by: cache-hhn4038-HHN
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:34:57 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1661341660.914682,VS0,VE0
etag: "0ae5b8ecb62ff6424a71dc89303213f5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149653041
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9789
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 36628

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 16ms
16ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2571429
x-guploader-uploadid: ADPycdtPhOee9iaKjhNgxGhR0NNiC0p1hGgbtxaiZcxSBz9W_2N4PDvCvu-OSb9UqzDW-7tQtUdmlPqYKqODsaCmMna93g
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-25 17:30:30 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.892320,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 37753
date: Wed, 24 Aug 2022 11:47:39 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Mon, 25 Jul 2022 17:22:57 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-goog-generation: 1658769777669754
expires: Tue, 25 Jul 2023 17:30:30 GMT
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 adslot-4afb2bb937997f570706.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
9 KB 17ms
16ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-4afb2bb937997f570706.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a57dee254acc35e52bab34fb54d606ff9f3eafdf13956f8cddf4806502b40b0a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 662974
x-guploader-uploadid: ADPycdtnIbE7XceTQ_GnykOA533elZUh3DEuE-EKQ6dx1llG5uJs0pTy659DdIOtp6Qwjz6XXZgnlQq-5_OC2R2he8kYNELJpIeJ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-16 19:38:05 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.919351,VS0,VE1
etag: "6c73084144209c810529238777a9de25"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-4afb2bb937997f570706.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 17956
date: Wed, 24 Aug 2022 11:47:39 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7635
last-modified: Tue, 16 Aug 2022 19:35:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=CrmgWQ==, md5=bHMIQUQgnIEFKSOHd6neJQ==
x-goog-generation: 1660678503108628
expires: Wed, 16 Aug 2023 19:38:05 GMT
x-gdpr: 1
x-goog-stored-content-length: 21723
accept-ranges: bytes

GET
H2 200 merlin_211262838_a7f299a9-6ff8-40e6-b1f7-6cf9d51bc901-superJumbo.jpg
static01.nyt.com/images/2022/08/22/nyregion/22dc-investigate01/ 571 KB
572 KB 40ms
17ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/08/22/nyregion/22dc-investigate01/merlin_211262838_a7f299a9-6ff8-40e6-b1f7-6cf9d51bc901-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 80796bd5546aa3748a69fe18cfba1aca1da75a66b63089c6b2331981009812c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:39 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/webp
age: 128508
x-guploader-uploadid: ADPycdu_Y6KkSvDU-Y3ETaOjlAUgCTBWdJUFw1QGj-1g70drUGI-R0pkqz_CHTcpUrpXaFDJmOr6fosL_7G-NSBCVhcq
x-cache: HIT, HIT
fastly-io-info: ifsz=1164369 idim=2048x1365 ifmt=jpeg ofsz=585210 odim=2048x1365 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 585210
x-served-by: cache-iad-kjyo7100135-IAD, cache-hhn4038-HHN
server: UploadServer
x-timer: S1661341660.955028,VS0,VE2
etag: "mD8PRdgVgzuBWWjQMAVywbW2bsfJk21UfKDrmLsL4BA"
vary: Accept
x-goog-hash: crc32c=KW7Fyw==, md5=6AcbbPely9ggEZObY6DQ+Q==
x-goog-generation: 1661213146219400
access-control-allow-origin: *
expires: Tue, 23 Aug 2022 00:05:51 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 1164369
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 vendor-6590b33d4cb850db967c.js Show response
www.nytimes.com/vi-assets/static-assets/ 214 KB
64 KB 63ms
62ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 4626986
x-guploader-uploadid: ADPycdvJbLoj2XSNwLgGhfh7vpKBRUvPlbpu62BRbGF4qECmhJL38izbSJfnq70oZhJpaJgOIz05LjhYyvblGYv-6qQi3Er_rFfE
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-01 22:31:13 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.965007,VS0,VE1
etag: "b75822cbef7de86ec44450c02f1a5b75"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 47304
date: Wed, 24 Aug 2022 11:47:39 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 64035
last-modified: Fri, 01 Jul 2022 19:06:26 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Z9tGOA==, md5=t1giy+996G7ERFDALxpbdQ==
x-goog-generation: 1656106083282356
expires: Sat, 01 Jul 2023 22:31:13 GMT
x-gdpr: 1
x-goog-stored-content-length: 219560
accept-ranges: bytes

GET
H2 200 story-44c0fc075ea0386c14a0.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
352 KB 64ms
62ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-44c0fc075ea0386c14a0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

509d3ac20f5a0f79c4e1a109576824b5ce54d6451cd7c8e806d1f8e97cfcddb2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 80670
x-guploader-uploadid: ADPycdtfQ-5Q696UVEXabYdKa8vcrpjFq3WNDuA2sAFs6Fpd7z_A22C3JtykO-U946fFOg61CsMo3zxRQsiqLapk46VJwiENiIYq
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-23 13:23:10 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.965396,VS0,VE1
etag: "bbe82849a52f5198540e493b2a958865"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-44c0fc075ea0386c14a0.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 31
date: Wed, 24 Aug 2022 11:47:39 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 360021
last-modified: Tue, 23 Aug 2022 04:30:27 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=4SV1fw==, md5=u+goSaUvUZhUDkk7KpWIZQ==
x-goog-generation: 1661229027803953
expires: Wed, 23 Aug 2023 13:23:10 GMT
x-gdpr: 1
x-goog-stored-content-length: 1325320
accept-ranges: bytes

GET
H2 200 liveblog-9f9b2fc1e6497d23b107.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
337 KB 65ms
64ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/liveblog-9f9b2fc1e6497d23b107.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3d691e54d75e4a6eb1ed797c7ed7ee3d21ddd809a9cbe8298a032940dba647de

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 80661
x-guploader-uploadid: ADPycdsK8aHGak-LvdvrRQFhKnHKIk8Th0avAFGgXvByJupiPnfLYw0G2hNq6P_0UDQ8krYd9JtlMgvquf1xUsAvxi3JPgp8OSRj
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-23 13:23:19 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.965381,VS0,VE2
etag: "212423e90be2d11fdedf1b80df663b63"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/liveblog-9f9b2fc1e6497d23b107.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
date: Wed, 24 Aug 2022 11:47:39 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 344792
last-modified: Tue, 23 Aug 2022 04:30:27 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=rx288Q==, md5=ISQj6Qvi0R/e3xuA32Y7Yw==
x-goog-generation: 1661229027572049
expires: Wed, 23 Aug 2023 13:23:18 GMT
x-gdpr: 1
x-goog-stored-content-length: 1275185
accept-ranges: bytes

GET
H2 200 main-b36552749f05d9a20e5a.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
376 KB 64ms
63ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1a4dcd062f04cc72c5251f1f24c570ddc17a6ea9d47d001815bea268f57f0011

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 73028
x-guploader-uploadid: ADPycdtH6iSfF9bn6oSNDNg0q004sc-A-TeroOpd6kkzp-4jnzJLXW5947zGIpr4BQ4GoQkeNSxnIvrShvQ3YDaGMqTWIUYM8Mgx
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-23 15:30:32 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.965670,VS0,VE1
etag: "4681094eb0e40ec5c0e0802dd104ac48"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 25
date: Wed, 24 Aug 2022 11:47:39 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 383254
last-modified: Tue, 23 Aug 2022 15:23:25 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=SVz2aA==, md5=RoEJTrDkDsXA4IAt0QSsSA==
x-goog-generation: 1661268205280813
expires: Wed, 23 Aug 2023 15:30:32 GMT
x-gdpr: 1
x-goog-stored-content-length: 1338787
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
107 KB 106ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bb21b642b531ba8903ef70a4a9f41a32fa5678538d3486c2f4e36e61f3071e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:40 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108823
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 106ms
16ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 21
cache-control: max-age=30
content-length: 0
date: Wed, 24 Aug 2022 11:47:40 GMT
samizdat-x-canary: false
samizdat-x-instance: 267e6eda
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 694828f1100707f4-6abacb5f44a6a4fa-1
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: 694828f1100707f4-6abacb5f44a6a4fa-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: NW
x-samizdat-query-exe-id: bae2f5ce61d2708b
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4044-HHN
x-timer: S1661341660.039530,VS0,VE1

POST
H2 200 track
a.et.nytimes.com/ 0
0 402ms
113ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
878 B 41ms
39ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 4d8a1807c6611591-2a573e2406f61060-0
age: 58
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 01a9de12ff02aeb6
samizdat-x-canary: false
x-nyt-country: DE
x-timer: S1661341660.057392,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
x-nyt-region: NW
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
x-cache-hits: 2
x-samizdat-query-sup-code
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: HIT
samizdat-x-instance: 69e0bee9
x-envoy-upstream-service-time: 18
content-length: 123
server: envoy
x-served-by: cache-hhn4038-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 4d8a1807c6611591-2a573e2406f61060-0
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 als Show response
als-svc.nytimes.com/ 1 KB
2 KB 413ms
145ms XHR
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F915997f9-15d0-5740-b882-8d2d6642d91b&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 2c4513a9894ef236d7436788299af2927671b317b036fefa0f7fc18d5912a295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 google
x-envoy-decorator-operation: als-svc.nytimes.com:443/*
server: envoy
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 38
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
content-length: 1126

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 87ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1332673
x-guploader-uploadid: ADPycdtcxEyG42fRucZKOKf7xHUzrgMeE236Xk3k59SWMzsnM1Wslx08zQp8P9rY_Hivtf6RmbacL7uR2-w8rKQUb6TuLu6k9PPb
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 09 Aug 2023 01:36:26 GMT
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1661341660.050836,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598151017654
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19816
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2146

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 89ms
17ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 650164
x-guploader-uploadid: ADPycdsxt--gZ4ZQ_BF4zOmbdXwMVW-3pC4dSWDrwCrpFzzdYxNdYp85VE8xRPMFQ6m__-J19pqlIXLZvvAfpr5LexQUCQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 16 Aug 2023 23:11:35 GMT
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1661341660.050812,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598151054057
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2133

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 106ms
35ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 24749600
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1661341660.051693,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1547

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 108ms
37ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 24147482
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1661341660.051235,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 919

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 54ms
36ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1250701
x-guploader-uploadid: ADPycdv4_o3sV7wGNfL0oAMya361tutTbmUynJrFBKi7AzyATTIONGxNWeyyG8_XjMRt4HVKw-BwSuY1ve7Xnlc6CvA928NHNQuY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Thu, 10 Aug 2023 00:22:38 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1661341660.051213,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149661480
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 830

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 55ms
38ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 133483
x-guploader-uploadid: ADPycdu8JbeHnHPdXBPtxFWwBgVFiSDYmymZtmTfK5CuK-21MA4lZrC3j1Qst342zLrn1F0m_yYfaMU10x04H34hQDAaaomYzAFc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Tue, 22 Aug 2023 22:42:56 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1661341660.051216,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149597753
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1337

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 54ms
37ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 648155
x-guploader-uploadid: ADPycds56Pfgzkax2uiPyoXBeOwXgAEJQKMy65h97_vaREFah9KPPwx4nn49TDsk4X42xA16BKJUPBQCC6xQADTk9RUo7-Ra9_9P
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 16 Aug 2023 23:45:05 GMT
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1661341660.051153,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598151578179
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2064

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 54ms
37ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 127090
x-guploader-uploadid: ADPycdvwOd3K1E0si-vloMZbo8advCVPguPcWmyj0y-r-lTuOI2fymMajoEW3SYaKbPEFgJO_flmCQ_fHqaRANN7HWLxKqbTifFq
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 23 Aug 2023 00:29:29 GMT
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1661341660.051167,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598150991608
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1927

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 81ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-4afb2bb937997f570706.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

2f121e168a9baaeab6c2607a5c7ea788955724717d26ae30b6e40c503c5981b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28541
x-xss-protection: 0
server: sffe
etag: "1312 / 533 of 1000 / last-modified: 1661339366"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Aug 2022 11:47:40 GMT

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 0A1E 393 B
1 KB 28ms
16ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

79d1077118ad58d8bacbcbd079fa59b6805c0c87fcf15167547e6a59bd748c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 55
cache-control: public, max-age=600
content-encoding: gzip
content-length: 278
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Wed, 24 Aug 2022 11:47:40 GMT
etag: W/"189-C2vjZnp3UqLCAxehpsmU1auc71A"
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-cloud-trace-context: d8cfa31c844363130c66c7c5f855f4c6
x-content-type-options: nosniff
x-datadog-parent-id: 8443183982633776793
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 7876860371521105025
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 24
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-hhn4038-HHN

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-3d57ebeeee52672e9892.js Show response
www.nytimes.com/vi-assets/static-assets/ 44 KB
15 KB 17ms
16ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-3d57ebeeee52672e9892.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9848f51ba9e7a2aef2b93302e9fd76a890f2dcbcf5e90435409cd4aa3cc4ef1a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 61578
x-guploader-uploadid: ADPycdueb2WgmUZ31UsIFeeQzjUQKBLYg9Oaj13VWFJg6o_ZZziJVWYR0ATAaNEK4n01vwKzcWnlgKGO0l2jEp598df-1A
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-23 18:41:22 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.382836,VS0,VE1
etag: "9ace0dadfe29c3a96ecc074429533201"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-3d57ebeeee52672e9892.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1817
date: Wed, 24 Aug 2022 11:47:40 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14137
last-modified: Tue, 23 Aug 2022 18:34:28 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=OswKvQ==, md5=ms4Nrf4pw6luzAdEKVMyAQ==
x-goog-generation: 1661279668210988
expires: Wed, 23 Aug 2023 18:41:22 GMT
x-gdpr: 1
x-goog-stored-content-length: 45067
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 21ms
20ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2546140
x-guploader-uploadid: ADPycduAC35Qj5NJ-xQ4pMJr98jLS1NZMv9zejn8RodjsSagS1ojIz9l4P7Fno8gmfmkI8j8VAl5Ro5M08_FDVJ9tjBjqUa_8B4F
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-26 00:32:00 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.383321,VS0,VE1
etag: "31ae068f9753c44599fc91cfeeeead54"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 35796
date: Wed, 24 Aug 2022 11:47:40 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13353
last-modified: Mon, 25 Jul 2022 23:45:47 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=sxH6MA==, md5=Ma4Gj5dTxEWZ/JHP7u6tVA==
x-goog-generation: 1658167158782052
expires: Wed, 26 Jul 2023 00:32:00 GMT
x-gdpr: 1
x-goog-stored-content-length: 68978
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 21ms
21ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 4618832
x-guploader-uploadid: ADPycdsrn68bCehgYwMH5jgwdXXWaAHE9jlE9tj_X6T4kTKyRwSL5J4k1M2G4hVPavrX-Wl3wgTILvVnzCvO79l8LYImByGB_KcN
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-02 00:47:08 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341660.383314,VS0,VE1
etag: "e10a051414b80d3f4e5fcadfc8657375"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 39350
date: Wed, 24 Aug 2022 11:47:40 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5017
last-modified: Fri, 01 Jul 2022 19:06:27 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=PVfhtw==, md5=4QoFFBS4DT9OX8rfyGVzdQ==
x-goog-generation: 1656537443186208
expires: Sun, 02 Jul 2023 00:47:08 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

GET
H2 200 tags.js Show response
dd.nytimes.com/ 209 KB
43 KB 143ms
16ms Script
text/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-36.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

be4e7fe530814818817ef4e09f740982d12335e178ae1a60f1ae8699fb89878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
etag: "34515-5e4b2951e5a21-gzip"
age: 1873
x-cache: Hit from cloudfront
content-length: 43581
access-control-allow-origin: *
last-modified: Tue, 26 Jul 2022 10:15:40 GMT
server: Apache
date: Wed, 24 Aug 2022 11:16:28 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront), 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2, FRA56-P2
accept-ranges: bytes
x-amz-cf-id: gWR8krGp8KwNF5B1B6z0_q5tWfzJMADtIEGNjjo4g3IkCk4PpE7QQw==
expires: Wed, 24 Aug 2022 12:16:27 GMT

GET
H2 404 index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 0A1E 0
0 24ms
23ms Script
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:40 GMT
via: 1.1 varnish
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 2
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 19
content-length: 308
x-served-by: cache-hhn4038-HHN
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-type: text/html; charset=UTF-8
x-cloud-trace-context: 081e76c42f0fc1101eed29152d49c530
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 0A1E 431 KB
144 KB 16ms
15ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=31b9525

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

257fdec697aca5fc95c16eaa2e19309f2ecdd5c53b40f31ace1319801d30c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:40 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 379
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 50
content-length: 146205
x-served-by: cache-hhn4038-HHN
expires: Wed, 24 Aug 2022 00:00:32 GMT
server: envoy
etag: "GZ1K2w"
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 3a9d7d242233cad7ebd99e1aed1bca2e
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 3

GET
H2 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 18ms
15ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Aug 2023 11:18:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
375 B 91ms
51ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 11:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
expires: Wed, 24 Aug 2022 11:47:40 GMT

GET
H2 200 recirculation-e521936602c768da0280.js Show response
www.nytimes.com/vi-assets/static-assets/ 80 KB
23 KB 17ms
16ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/recirculation-e521936602c768da0280.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

487b92652357985eeb010d2732bb5f562b3c59408f2149aa662a57d622117a46

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 80662
x-guploader-uploadid: ADPycdt3CfItj0WIokk7zhAmBIOBQFjaSCp2YJgcoDM9t17Wio2tLTILcoHKzko16YL6dGrtsRMazgyh9tDj1u8r4KmnasiwTD2a
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-23 13:23:18 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341661.997648,VS0,VE1
etag: "5d38e82a99b7afb29a011fed257d56c8"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/recirculation-e521936602c768da0280.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1286
date: Wed, 24 Aug 2022 11:47:40 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 22184
last-modified: Tue, 23 Aug 2022 04:30:27 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=PsaeJg==, md5=XTjoKpm3r7KaAR/tJX1WyA==
x-goog-generation: 1661229027549108
expires: Wed, 23 Aug 2023 13:23:18 GMT
x-gdpr: 1
x-goog-stored-content-length: 81734
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 116ms
115ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
616 B 55ms
21ms XHR
application/json 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-36.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

c6e38571d31857a0f37a4ae0b0bd99e0c843d6d45549b17abed104ab2023f4aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:41 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P2
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: pg4tI3j8j1oMJ9kOa2VHd-MdPM81-SKV_f3NnhVkZnohKXER3y8WJw==
expires: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 22ms
22ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 22
cache-control: max-age=30
content-length: 0
date: Wed, 24 Aug 2022 11:47:41 GMT
samizdat-x-canary: false
samizdat-x-instance: 267e6eda
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 694828f1100707f4-6abacb5f44a6a4fa-1
x-cache: HIT
x-cache-hits: 2
x-datadog-trace-id: 694828f1100707f4-6abacb5f44a6a4fa-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: NW
x-samizdat-query-exe-id: 9b0946e2c91e54a0
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4044-HHN
x-timer: S1661341661.156998,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 19ms
19ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 22
cache-control: max-age=30
content-length: 0
date: Wed, 24 Aug 2022 11:47:41 GMT
samizdat-x-canary: false
samizdat-x-instance: 267e6eda
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 694828f1100707f4-6abacb5f44a6a4fa-1
x-cache: HIT
x-cache-hits: 3
x-datadog-trace-id: 694828f1100707f4-6abacb5f44a6a4fa-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: NW
x-samizdat-query-exe-id: 97f1f07cee5c6d65
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4044-HHN
x-timer: S1661341661.213026,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 21ms
20ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 22
cache-control: max-age=30
content-length: 0
date: Wed, 24 Aug 2022 11:47:41 GMT
samizdat-x-canary: false
samizdat-x-instance: 267e6eda
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 694828f1100707f4-6abacb5f44a6a4fa-1
x-cache: HIT
x-cache-hits: 4
x-datadog-trace-id: 694828f1100707f4-6abacb5f44a6a4fa-1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 16
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: NW
x-samizdat-query-exe-id: 80ad1cd13023b308
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4044-HHN
x-timer: S1661341661.262081,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
818 B 125ms
124ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Wed, 24 Aug 2022 11:47:41 GMT
content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 7eac459a66082792-7f7ba55defde7792-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 662b0e10
x-samizdat-query-field-errors: 0
x-envoy-upstream-service-time: 19
x-cache-hits: 0
x-samizdat-query-exe-id: deaa3671f19f1f1c
samizdat-x-canary: false
x-nyt-continent: EU
server: envoy
x-timer: S1661341661.175094,VS0,VE109
x-nyt-region: NW
x-served-by: cache-hhn4038-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 7eac459a66082792-7f7ba55defde7792-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 642 B
1 KB 356ms
213ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&pageviewID=vqUq-D-ialf3OoHE-oEoGxwf
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 0f2f50fbc7872a8f8c8f3d9220b8e3dcd6c7df4815291adb129fe92e772dc0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:41 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 642

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
825 B 410ms
410ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 2b040aa4f6829c93-28c08f253e9e2fbc-1
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 9978afc165ed552c
samizdat-x-canary: false
x-nyt-country: DE
x-timer: S1661341661.230389,VS0,VE394
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
x-nyt-region: NW
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
x-cache-hits: 0
x-samizdat-query-sup-code
date: Wed, 24 Aug 2022 11:47:41 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: e0e2e192
x-envoy-upstream-service-time: 23
content-length: 77
server: envoy
x-served-by: cache-hhn4038-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 2b040aa4f6829c93-28c08f253e9e2fbc-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 41 KB
7 KB 458ms
458ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: d42655691421a6e80017450784b4ca42677840413840e4a117185b1347766535

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Wed, 24 Aug 2022 11:47:41 GMT
content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 30f89dbd179f19cc-2b701fc4b1a2f05b-0
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 23491fc5
x-samizdat-query-field-errors: 0
x-envoy-upstream-service-time: 69
x-cache-hits: 0
x-samizdat-query-exe-id: fcaf7fb81ee3dd09
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Wed, 24 Aug 2022 11:47:41 GMT
server: envoy
x-timer: S1661341661.283391,VS0,VE442
x-nyt-region: NW
x-served-by: cache-hhn4038-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 30f89dbd179f19cc-2b701fc4b1a2f05b-0
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-8fe8b4e7c48496e0bd52.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
15 KB 17ms
16ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-8fe8b4e7c48496e0bd52.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

670a95cd158403499bf308fbe60338311489378bef26576fedcd21b3bf2f2cab

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 419932
x-guploader-uploadid: ADPycduoHwq-bh6VkcDkT6v43f10oP7ybDtp6qD0H0iaIZgryBV5sTpmC3yNQ-J1BTsA-cDfJR5iLMQKWFre3Un8-FHCrpgZrs5h
x-goog-stored-content-encoding: identity
x-origin-time: 2022-08-19 15:08:48 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341661.276571,VS0,VE1
etag: "78a96bb9be8fca955100e6f356a59819"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-8fe8b4e7c48496e0bd52.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9151
date: Wed, 24 Aug 2022 11:47:41 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15126
last-modified: Fri, 19 Aug 2022 15:00:39 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Q6shFA==, md5=eKlrub6PypVRAObzVqWYGQ==
x-goog-generation: 1660921239089005
expires: Sat, 19 Aug 2023 15:08:48 GMT
x-gdpr: 1
x-goog-stored-content-length: 51442
accept-ranges: bytes

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 367ms
138ms XHR
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&caller_id=nyt-vi&jkcb=1661341661290&referrer=&sourceApp=nyt-vi
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: envoy /
Resource Hash: dde340afbe70bfec044f29025bd58dd519f7270fdb405596981c23ca29c85c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:41 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: b9ec919e2085568b662a24aae1be674e
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 31
access-control-allow-headers: Content-Type, x-requested-by
expires: Wed, 24 Aug 2022 11:47:41 GMT

GET
H2 200 requestHandler Show response
www.nytimes.com/svc/community/V3/ 3 KB
3 KB 17ms
16ms Script
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html&cmd=GetCommentSummary&method=get&callback=jsonp_1661341661293_97752

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

13256de09978a61c620da111b76c919a5dfc5f2a27247a4ace4d0c826d7222e7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:41 GMT
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 6
x-cache: HIT
x-origin-time: 2022-08-24 11:47:35 UTC
x-served-by: cache-hhn4038-HHN
server: nginx
x-timer: S1661341661.308288,VS0,VE1
strict-transport-security: max-age=63072000; preload; includeSubdomains
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/svc/community/V3/requestHandler?callback=<esi:include%20src="/esi/jsonp-callback"/>&cmd=GetCommentSummary&method=get&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html
content-type: application/json
x-gdpr: 1
access-control-allow-credentials: true
x-nyt-route: community-svc-cacheable
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-nyt-edge-cache: HIT
x-nyt-app-webview: 0
x-cache-hits: 1

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 214ms
120ms Fetch
text/html 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:41 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 13c3f3171f706c84f8f7c126131135b1
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Wed, 24 Aug 2022 11:47:41 GMT

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 27ms
26ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
date: Wed, 24 Aug 2022 11:47:41 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2550126
x-guploader-uploadid: ADPycduTWNhi6QJwnEbzVzp7BX7Q2Dp-ndNR9GeqAjplhDuwX8NPGNEcDPIdBdxMPg3z0iyPvpz5yZvsn0B9v_XkhgVjF03mnUFC
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Tue, 25 Jul 2023 23:25:34 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1661341662.818476,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149856995
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1498

GET
H2 200 cheltenham-italic-400.0020c60e1c956444040efc53cd3e7be0.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
28 KB 26ms
26ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-400.0020c60e1c956444040efc53cd3e7be0.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d3a408bd4b43b49614538306cd1dfd1de81176568427e3605d09948db3d516d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=SlXNZw==, md5=ACDGDhyVZEQEDvxTzT574A==
date: Wed, 24 Aug 2022 11:47:41 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 738056
x-guploader-uploadid: ADPycdvINQfqddCe6uw9e58uJJvN-1nl_8YgCJ4r_p9Nh3ITrYl7Tf2cnOvMl784PwWewl4OwrZuqBjbNqkq4NNkpRaMsnT0UyNb
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28076
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Tue, 15 Aug 2023 22:46:44 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1661341662.818437,VS0,VE0
etag: "0020c60e1c956444040efc53cd3e7be0"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149626880
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 401

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 70ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 67ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 100ms
50ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=topics_debug&api=false&signalVal=undefined&signal=null&signalResolved=1&signalFlag=0&nonBlockingFlag=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 75ms
51ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=topics_debug&api=false&signalVal=undefined&signal=null&signalResolved=1&signalFlag=0&nonBlockingFlag=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 190ms
189ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=853418409075245&correlator=899577742363945&eid=31068827%2C31068884&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=1133286891&sfv=1-0-38&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D2016&cust_params=als_test_clientside%3Dweb_none_medium_20220824114740%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1661340929526%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dtrumpdonaldj%26org%3Djusticedepartment%252Cnationalarchivesandrecordsadmi%252Cfederalbureauofinvestigation%252Ctrumporganization%252Cmaralagopalmbeachfla%26des%3Dclassifiedinformationandstates%252Carchivesandrecords%252Csearchandseizure%252Cunitedstatespoliticsandgovernm%26auth%3Dmaggiehaberman%252Cjodikantor%252Cadamgoldman%252Cbenprotess%26coll%3Dusnews%252Cuspolitics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008498567%26pt%3Dnt1%252Cnt11%252Cnt12%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt17%252Cnt18%252Cnt21%252Cnt3%252Cnt5%252Cnt8%252Cpt20%252Cpt7%26gscat%3Dneg_ibmtest%252Cneg_debeer%252Cneg_chanel%252Cneg_ibm%252Cneg_capitalone%252Cneg_citi_aa%252Cneg_chan2%252Cneg_bofa%252Cneg_gg1%252Cneg_google%252Cneg_rms%252Cneg_mttl%252Cneg_trpavd%252Cneg_mastercard%252Cneg_am%252Cneg_ts%252Cgs_politics%252Cneg_mtb%252Cgs_law%252Cneg_sabic%252Cgs_law_misc%252Cgs_politics_misc%252Cneg_rolex%252Cgs_politics_american%252Cgv_crime%252Cgs_t%26is_viral%3Dmedium%26tt%3D66%26mt%3DMT8%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3DvqUq-D-ialf3OoHE-oEoGxwf%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DEJr7zDIlbxplDsTnkPRGS2%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1661341661965&lmt=1661341555&dlt=1661341659877&idt=1945&adxs=0&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&frm=20&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1687166204.1661341662&ga_sid=1661341662&ga_hid=1306323141&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c8cfec314c6ca9248f8b3675eed4ebf2ce4558f1c86768f508d18b958f3956db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10533
x-xss-protection: 0
google-lineitem-id: 5874317211
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138398470786
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 434 B
262 B 62ms
61ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=853418409075245&correlator=899577742363945&eid=31068827%2C31068884&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=2&adks=1723209830&sfv=1-0-38&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D2021&cust_params=als_test_clientside%3Dweb_none_medium_20220824114740%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1661340929526%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dtrumpdonaldj%26org%3Djusticedepartment%252Cnationalarchivesandrecordsadmi%252Cfederalbureauofinvestigation%252Ctrumporganization%252Cmaralagopalmbeachfla%26des%3Dclassifiedinformationandstates%252Carchivesandrecords%252Csearchandseizure%252Cunitedstatespoliticsandgovernm%26auth%3Dmaggiehaberman%252Cjodikantor%252Cadamgoldman%252Cbenprotess%26coll%3Dusnews%252Cuspolitics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008498567%26pt%3Dnt1%252Cnt11%252Cnt12%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt17%252Cnt18%252Cnt21%252Cnt3%252Cnt5%252Cnt8%252Cpt20%252Cpt7%26gscat%3Dneg_ibmtest%252Cneg_debeer%252Cneg_chanel%252Cneg_ibm%252Cneg_capitalone%252Cneg_citi_aa%252Cneg_chan2%252Cneg_bofa%252Cneg_gg1%252Cneg_google%252Cneg_rms%252Cneg_mttl%252Cneg_trpavd%252Cneg_mastercard%252Cneg_am%252Cneg_ts%252Cgs_politics%252Cneg_mtb%252Cgs_law%252Cneg_sabic%252Cgs_law_misc%252Cgs_politics_misc%252Cneg_rolex%252Cgs_politics_american%252Cgv_crime%252Cgs_t%26is_viral%3Dmedium%26tt%3D66%26mt%3DMT8%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3DvqUq-D-ialf3OoHE-oEoGxwf%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DEJr7zDIlbxplDsTnkPRGS2%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1661341661984&lmt=1661341555&dlt=1661341659877&idt=1945&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&frm=20&vis=1&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1687166204.1661341662&ga_sid=1661341662&ga_hid=1306323141&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

de54ba227b65d2fe6dfa5197ec86971138a74d23ab2b99275633e7afd56101ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1463 6 KB
4 KB 79ms
23ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 11:47:42 GMT
expires: Thu, 24 Aug 2023 11:47:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 60 KB
15 KB 437ms
429ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?utm_campaign=Morning%20Email%208-23-22&utm_medium=email&utm_source=Sailthru&utm_term=us-morning-email&plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b36552749f05d9a20e5a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: af35f09a596676b960126621cf0453a42dfa43374c3595e5a7eca308c90c50ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-envoy-upstream-service-time: 322
x-served-by: cache-hhn4038-HHN
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1661341662.216628,VS0,VE414
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-user-status, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 1d180947af5c8c60426876210df6d84a
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 37 KB
15 KB 17ms
16ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/liveblog-9f9b2fc1e6497d23b107.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b90034f10044a3bc0162aafa5ae731d19f4aacbfdd5db5847a9d96bc83c950cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 384
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 6
content-length: 14641
x-served-by: cache-hhn4038-HHN
expires: Wed, 24 Aug 2022 02:16:54 GMT
server: envoy
etag: "GZ1K2w"
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: e9fc2d573deb56702b19c486ad8d50a9
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 6

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2742
date: Wed, 24 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Aug 2022 13:02:00 GMT

GET
H3

200

activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus... Show response
5290727.fls.doubleclick.net/ Frame 227B
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fw...

819 B
483 B

100ms
64ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

35f252a08454d9cf707a2ed3b57a79bc34197fffcd3871c363544f1d7bd777ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 11:47:42 GMT
expires: Wed, 24 Aug 2022 11:47:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 11:47:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 69ms
17ms Script
application/x-javascript 2600:9000:223c:7800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 10:57:35 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 3007
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2xxmXAXtUJwnjQGYsRTSOGTBfUkyejehZwmx3KVOIEasE3IHFLoISg==
expires: Wed, 24 Aug 2022 12:57:35 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
652 B 75ms
22ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
content-type: application/javascript
age: 34560
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4038-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1661341662.422799,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1506

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
3 KB 87ms
31ms Script
text/javascript 2606:4700:20::ac43:45f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee05fbdb0862ebd5b3d578ced55476e357752b93de3101de6938416bc3ffceaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 11:04:15 GMT
server: cloudflare
age: 2607
cf-polished: origSize=4729
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpExxyniCCgDn38FwaRgDkdJlyxMgVQswKgnLR%2F7yo%2FqEgjyosnOB5obM1hFMbpr%2BV6lb4dWdjc7h7jQqd47bWBfYmQupNnd4N0YlzLzGps9n5k%2Fc34Zac0MTWmO65lPnalBdDc0EzlNT0s27mr%2FXmMK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73fbdace3fa0baed-MXP
cf-bgj: minify

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 140ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=2063508704
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 container.html Show response
304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 14D7 6 KB
3 KB 68ms
23ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 11:47:42 GMT
expires: Thu, 24 Aug 2023 11:47:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame 7EED 20 KB
9 KB 412ms
407ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

b28c920167ece7f54f0e7f82812ff0e3916065f27bf0aabf0f8d1c2ddec073ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
content-type: text/html; charset=utf-8
date: Wed, 24 Aug 2022 11:47:42 GMT
etag: W/"4f3f-4aUWbt9R2gp5EWYvdCW3nsOR6R4"
expires: 0
pragma: no-cache
resp-details: [[it:lui]]
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 88f3bbe5137932de780c9525c52473a0
x-content-type-options: nosniff
x-datadog-parent-id: 4914783918466115682
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 1278435508524489434
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 27
x-nyt-backend: lire-ui
x-nyt-edge-cache: MISS
x-powered-by: Express
x-served-by: cache-hhn4038-HHN

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 40 KB
13 KB 46ms
41ms Script
text/javascript 2606:4700:20::ac43:45f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1894466033553bace0959ec962a02719a6b79229809a4e806535808c00508e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 11:04:15 GMT
server: cloudflare
age: 2607
cf-polished: origSize=41729
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEVnylahFgFkNmONreNWIVSmJ5WTD4ze76CM48RAQW2Y3GxLbGFGT7VVc2iXXkJPvNdpGJd0L4tAY4%2FeMRfczpKv0Ze4vkH36l5Qz7iwAzwIzd%2FMv9aQT976SdUp87aRjxQBDGS0phSi16cSef8JTyiL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73fbdacee929baed-MXP
cf-bgj: minify

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 335ms
106ms Image
image/gif 34.203.58.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html&u=DPMhdGDl3OzdQHqXY&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Maggie%20Haberman%2CJodi%20Kantor%2CAdam%20Goldman%2CBen%20Protess&n=1&f=00001&c=0&x=0&m=0&y=1542&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3256&_c=Morning%20Email%208-23-22&_m=email&_x=Sailthru&_z=us-morning-email&t=BNalMWC7CzW0DN7m62DtIyVXCQVdOo&V=136&i=Trump%20Had%20More%20Than%20300%20Classified%20Documents%20at%20Mar-a-Lago&tz=0&_acct=anon&sn=1&sv=CDiFPACegPZfBdSgV0BWcb_8DsmorG&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.58.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-58-48.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:42 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 54ms
22ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1306323141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html&dr=&ul=en-us&de=UTF-8&dt=Trump%20Had%20More%20Than%20300%20Classified%20Documents%20at%20Mar-a-Lago%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=223189718&gjid=96027080&cid=1687166204.1661341662&tid=UA-58630905-2&_gid=1813783724.1661341663&_r=1&gtm=2wg8m0P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&cd3=%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000008498567&cd18=Maggie%20Haberman%2CJodi%20Kantor%2CAdam%20Goldman%2CBen%20Protess&cd19=Trump%20Had%20More%20Than%20300%20Classified%20Documents%20at%20Mar-a-Lago&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2022&cd27=2022-08-22-20&cd28=Monday&cd29=20&cd30=1661304390333&cd32=U.S.%20News%2CU.S.%20Politics&cd33=SECTION%2CSECTION&cd34=NEWS&cd36=22dc-investigate&cd37=1343&cd38=Washington&cd42=nyt-vi&cd43=Classified%20Information%20and%20State%20Secrets%2CArchives%20and%20Records%2CSearch%20and%20Seizure%2CUnited%20States%20Politics%20and%20Government&cd44=Justice%20Department%2CNational%20Archives%20and%20Records%20Administration%2CFederal%20Bureau%20of%20Investigation%2CTrump%20Organization%2CMar-a-Lago%20(Palm%20Beach%2C%20Fla)&cd45=Trump%2C%20Donald%20J&cd48=August&cd49=long_1200_1600&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=EJr7zDIlbxplDsTnkPRGS2&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=EJr7zDIlbxplDsTnkPRGS2&z=1468891836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 14D7 22 KB
7 KB 69ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
URL: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Aug 2023 11:20:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14D7 140 KB
44 KB 69ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
URL: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 11:47:42 GMT

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 297ms
29ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=1923659
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H3 200 dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lag...
adservice.google.com/ddm/fls/z/ Frame 227B 42 B
63 B 88ms
56ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJPMk_2z3_kCFcHFsgodE4sCsw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3619082159394;gtm=2wg8m0;auiddc=667588000.1661341662;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F08%2F22%2Fus%2Fpolitics%2Ftrump-mar-a-lago-documents.html%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3DMorning%2520Email%25208-23-22%26utm_term%3Dus-morning-email?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 222ms
221ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 14D7 0
0 52ms
52ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIL9bl-SJEe9plrXfDRu6JF5RxNm06o2nhhruToWW5LhclEgiZUFkYpnMjMUWGVUC7EZGmmLf8e2dBl6lMApaAg8Dblh67RwuKyznYIOzvERmk-Afm0BJYXBtxWD7P6TjcCCsSwcpjnC2Miny87pWrIAr2vLffS7Tv3t_xrqJtjmClkQ_m8X0lD6fqtrNmyWC1kLegkbYuicC1nCZFhaZK0U4izB_jUcisDqhDRLH7dxvaTm1K7X20NBFNpOUKDq4axW_CHEt_j-4ZKMxCQLdn63CH6bTROHnKc4KKSt6c-EdUoUL1V2ekBZLSJ5Nn4LrZ-enp8RaHUeefygYQr_Pe_y6y7J7ENiQF4C7uJ9io8u6YesBb&sai=AMfl-YSbtnIqowMUDwZfDneph2B8fb_Z9mSNY8U_EQr43uCCCfjlLwp0KxTdrTWcMtkUd7ygRdD_dyaO2Wyq0vqC91OAl865PAz0Q4dZVsjxk_M&sig=Cg0ArKJSzG7LaalX46jAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
URL: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 11:47:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 flex Show response
www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/ Frame 5E32 4 KB
2 KB 19ms
18ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex

Requested by

Host: 304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
URL: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b78d7857cf4502f1c3fa3fdf6b744175b14ab72978f54e18a5f184061075a8a2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
age: 1415
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1166
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html;charset=UTF-8
date: Wed, 24 Aug 2022 11:47:42 GMT
expires: 0
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
pragma: no-cache
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding,x-nyt-country, x-nyt-continent, X-NYT-Currency, Fastly-SSL
x-api-version: F-X
x-cache: HIT
x-cache-hits: 10
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 20
x-gdpr: 1
x-magnolia-vary: x-nyt-country, x-nyt-continent, X-NYT-Currency
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
x-nyt-route: mwcm-banner-ads
x-origin-time: 2022-08-24 11:24:08 UTC
x-served-by: cache-hhn4038-HHN
x-timer: S1661341663.708021,VS0,VE1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 14D7 0
0 52ms
52ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMUCT-cNwkdFvw-uayIcHmUnSodwxZDmpxDisqCKGpDaw-5Dijsejgqmka1KCi5zIi364efJQ6z4vEO8QRgmGoCAF2egcY-P6pDawXMas0rUcWyIgMmPFAsh-2rr3Ndbt3BO7VlWvvlqOzIR_pJIoLzWn36AT4uPFOC8LZeYUQeW4lyPJmfEQ3QqYjMVsXhfrSQzJCO8FNdgAinHmV2HvrtzdKvIutTs1vaQGzpIAdQP_rSmeAZAYO8snKvO8cdv-tKK5ykpE_4ac9RW3dz9pRvgZ2A3LjX1volWEl6s_f9BhP_Rg9rpNIzuoVOptdgJNdFQtvxu7JspIb4g&sai=AMfl-YQknubSHszHw4-GTQrvUeAh32gw1cU0ydVd3dQfbxeeEgEgrfGJeiXr1A_kkdfg0vI1fKPJzHVnNmxqo88G5Q4Nx5UX0lZOb2j518O6__8&sig=Cg0ArKJSzL5sFKqBq4eSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 11:47:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Aug 2022 11:47:42 GMT

GET
H2 200 main_flex.css
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/css/ Frame 5E32 149 KB
15 KB 27ms
17ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/css/main_flex.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 045e0724b29511c66a9812883940d2c57a406318057a42770b02605c055f6a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 124915
x-cache: HIT
x-envoy-upstream-service-time: 6
content-length: 14949
x-served-by: cache-hhn4038-HHN
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 16:13:31 GMT
server: envoy
x-timer: S1661341663.789148,VS0,VE1
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 562

GET
H2 200 wordmark-Master-large-optimised-BLK.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/ Frame 5E32 6 KB
3 KB 25ms
16ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/wordmark-Master-large-optimised-BLK.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 57c4e9c3b00e2ab7b4320be10f61cf71f34131de582759ce746fbf0d728b30a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 126775
x-cache: HIT
x-envoy-upstream-service-time: 3
content-encoding: gzip
content-length: 2330
x-served-by: cache-hhn4038-HHN
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 16:13:00 GMT
server: envoy
x-timer: S1661341663.789296,VS0,VE1
x-origin-server: mwcm-pub-est08.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 684

GET
H2 200 Frameflex_lg.png
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/ Frame 5E32 51 KB
52 KB 20ms
15ms Image
image/png 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/Frameflex_lg.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 70f066865ae01e91db9ecb90dad756acc7c146b7511080ab3904fc4ef8c4280d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 98743
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 52594
x-served-by: cache-hhn4038-HHN
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 16:13:00 GMT
server: envoy
x-timer: S1661341663.840444,VS0,VE0
x-origin-server: mwcm-pub-est10.prd.iad1.nyt.net
content-type: image/png;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 481

GET
H2 200 Frameflex_md.png
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/ Frame 5E32 35 KB
35 KB 16ms
16ms Image
image/png 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/Frameflex_md.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 5efea7a3479aa2dc6ee8d1c63a96db37049f50ab424f74acf13e87cda3266936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 123433
x-cache: HIT
x-envoy-upstream-service-time: 4
content-length: 35934
x-served-by: cache-hhn4038-HHN
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 16:13:03 GMT
server: envoy
x-timer: S1661341663.840582,VS0,VE0
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
content-type: image/png;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 565

GET
H2 200 Frameflex_sm.png
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/ Frame 5E32 19 KB
19 KB 16ms
15ms Image
image/png 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/images/Frameflex_sm.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-327108-INYT-July2022-Internal/inyt/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e7382a15fd1fc8a77ecdf22902521a2c88213aa5380a5d865083b1e693be2a48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
age: 564368
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 19244
x-served-by: cache-hhn4038-HHN
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 16:13:00 GMT
server: envoy
x-timer: S1661341663.847282,VS0,VE1
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
content-type: image/png;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 182

GET
DATA 200
OK truncated
/ Frame 14D7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f643d9af2efd6420d8b4c1114c790811697cca6151dd0a6068c010e4ccbccd1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ Frame 5E32 27 KB
27 KB 19ms
17ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=44i2vg==, md5=oZLbMQk12KiCgy4syD8hGQ==
date: Wed, 24 Aug 2022 11:47:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11047810
x-guploader-uploadid: ADPycdvDoF0cTz3QtlLo7YpQ6w6NFOYFRwl3J6SOh6kWJMKui-k-buUyr5iBG9tYBz14GvUVwHSfpu0Fa2VG5Ev26G3HBoBUvgiu
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27688
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Tue, 18 Apr 2023 14:57:32 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1661341663.853431,VS0,VE0
etag: "a192db310935d8a882832e2cc83f2119"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984103192
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27688
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 195

GET
H2 200 franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ Frame 5E32 26 KB
27 KB 18ms
17ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=kksIKQ==, md5=y4VIDDC2yl9T9nOZMhEDbw==
date: Wed, 24 Aug 2022 11:47:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 3670912
x-guploader-uploadid: ADPycduQH5CwNkhRPR9NaAiHi_j2EAJxFFL8Y8xRRw90uZsqxgXhWVqqyNqoWLOQWT_qkmiPCKtsgBMycyZtq6gYiBDSlgQEMvw7
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26600
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Thu, 13 Jul 2023 00:05:50 GMT
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1661341663.853542,VS0,VE0
etag: "cb85480c30b6ca5f53f673993211036f"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598151041619
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26600
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 222

GET
H2 200 cheltenham-normal-300.woff
g1.nyt.com/fonts/family/cheltenham/ Frame 5E32 35 KB
36 KB 15ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff

Requested by

Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-327108-INYT-July2022-Internal/INYT/lib/css/main_flex.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=b2NKXw==, md5=gst5XYxXu+Nn0P++uojrUw==
date: Wed, 24 Aug 2022 11:47:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 6773927
x-guploader-uploadid: ADPycdt0nXcfaQW-SaKoR8DD6iFXc0csrJ_loIIX6dput3V41uZ3ImZYPjOl3UvDIBE8xOAPt3Vi0giJtHp-0IbK-kxiJdO3aX6L
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35940
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:08:56 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1661341663.859874,VS0,VE0
etag: "82cb795d8c57bbe367d0ffbeba88eb53"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149678277
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 35940
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 534

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 7EED 431 KB
143 KB 18ms
17ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=31b9525

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

257fdec697aca5fc95c16eaa2e19309f2ecdd5c53b40f31ace1319801d30c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 382
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 50
content-length: 146205
x-served-by: cache-hhn4038-HHN
expires: Wed, 24 Aug 2022 00:00:32 GMT
server: envoy
etag: "GZ1K2w"
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 3a9d7d242233cad7ebd99e1aed1bca2e
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 4

GET
H2 200 sentry.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 7EED 108 KB
36 KB 18ms
18ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ec8aac1a1f74bea844cfa644ebdd236941d9b98e831ddf0b5cd831a7b91fc737

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:42 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 344
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 6
content-length: 37051
x-served-by: cache-hhn4038-HHN
expires: Tue, 16 Aug 2022 03:40:27 GMT
server: envoy
etag: "GZ1K2w"
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: f6de867fff148dd64aad5d2a75d923e1
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 2

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame 7EED 205 KB
49 KB 122ms
34ms Script
application/javascript 2a02:26f0:ea:492::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:492::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: br
last-modified: Mon, 04 Jul 2022 03:50:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame 7EED 0
0 117ms
116ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame 7EED 209 KB
43 KB 17ms
17ms Script
text/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-36.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

be4e7fe530814818817ef4e09f740982d12335e178ae1a60f1ae8699fb89878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
etag: "34515-5e4b2951e5a21-gzip"
age: 1875
x-cache: Hit from cloudfront
content-length: 43581
access-control-allow-origin: *
last-modified: Tue, 26 Jul 2022 10:15:40 GMT
server: Apache
date: Wed, 24 Aug 2022 11:16:28 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront), 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2, FRA56-P2
accept-ranges: bytes
x-amz-cf-id: nOHNXZzq1um75RjeNIq2E0yNrSY_4k2vSt_HzT6K-yXdbyybD_RuhA==
expires: Wed, 24 Aug 2022 12:16:27 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame 7EED 0
0 114ms
113ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame 7EED 990 B
1 KB 351ms
139ms Fetch
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2022%25252F08%25252F22%25252Fus%25252Fpolitics%25252Ftrump-mar-a-lago-documents.html%25253Futm_source%25253DSailthru%252526utm_medium%25253Demail%252526utm_campaign%25253DMorning%25252520Email%252525208-23-22%252526utm_term%25253Dus-morning-email%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-326005
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=31b9525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: envoy /
Resource Hash: ef6c325575c17ecc2f578cd7015b9c91171b5710e0c46131cda4abb6f656cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 7fa6cfdd04a746238529f8e5fdb60aca
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 33
access-control-allow-headers: Content-Type, x-requested-by
expires: Wed, 24 Aug 2022 11:47:43 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
114ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 7EED 29 KB
29 KB 88ms
18ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Wed, 24 Aug 2022 11:47:43 GMT
via: 1.1 varnish
content-type: font/woff
age: 119127
x-guploader-uploadid: ADPycdug1VIYF65cq3ku5lOzQ3xtAocJtsDiBN-ar0toDIgZrArAcAo9IhAjGjbzLwSATI8UA_vA4v_XYY3PDiVZCvDqt8qIupHN
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 23 Aug 2023 02:42:15 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1661341663.196797,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717313763
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 665

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 7EED 29 KB
29 KB 82ms
19ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Wed, 24 Aug 2022 11:47:43 GMT
via: 1.1 varnish
content-type: font/woff
age: 730669
x-guploader-uploadid: ADPycdvla_Qaihw0nyxnabdEQBE34lMffFGnkJ_CGMXdVhw9ikvm7DPQMSo8ZXdw2_pmF7Fi052aNjqrpk6uzUlndDD_
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn4063-HHN
accept-ranges: bytes
expires: Wed, 16 Aug 2023 00:49:53 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1661341663.196996,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
strict-transport-security: max-age=63072000; preload; includeSubdomains
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717322939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 623

POST
H2 200 track
a.et.nytimes.com/ Frame 7EED 0
0 116ms
115ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame 7EED 232 B
617 B 22ms
21ms XHR
application/json 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-36.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

45a290f96a0c1b412fbe93b3bca051c229293e311d5fa4a2008e387e6f7c0998

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:43 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P2
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
x-amz-cf-id: ZaHLvFqxK5WkwTNacLusP45krs8a6VCZiFrLJD0F7hb3RkU_C8Pe5A==
expires: 0

GET
H2 200 .status
a.et.nytimes.com// 0
0 115ms
115ms Fetch
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 99ms
65ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9576d5cac77c92f0654248749f2f009c7c22a2cc6b1cd78a4e417c1a639d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11169
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 126ms
49ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c51e201e1fc5627052bd55f8d02292e01f759d9f0904646c0ce66d9a32b5d25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421
content-type: application/javascript
x-amz-request-id: YKWVQGKMQWAZ8H7Y
x-amz-id-2: K+aIeHUI4254tElUgz+hg4jaHbHFJWGMPCtRYAq8x+rghcHnsJIxnxfwVPfpyyf5h3SVO4q/GuM=
last-modified: Thu, 18 Aug 2022 19:32:03 GMT
server: cloudflare
etag: W/"ae35a6ac9123a1c63d8fbf3b95d4de9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mv3Oax5WilcPp2KEPBf%2BilyF8kkT3Ef%2FEb4BT7eexhMS0I%2Bfo%2BoaRk%2FFOgi%2FZehLqs0XrKzFysI8Y%2FaJvxH7Lma5CMCpFNCtryrziFsope%2F3oM6d0eRE5wAWlLaeKwC9uSu4ADe2lhWeCco2hfmSEYXfVo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: vUfne8BsQblGRbrB_5xsGx2imO_aeD2U
cache-control: max-age=1800
cf-ray: 73fbdad3e975839d-MXP

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 7EED 6 KB
2 KB 337ms
66ms XHR
application/json 2a02:26f0:dc:29d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5537806&v=1.720.0&sl=0&si=56096dca-1d6d-4cf1-9a3c-d382306351b3-rh4bfj&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:29d::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4d2ce19798cd83cdf7daf80898d25b01a5bbeb0305a2fe62f49b5d25e642895d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 11:47:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1503

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 209ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 11:47:43 GMT

GET
H2 200 match-prod-f1d18b754eb400cd8e6a.js Show response
platform.iteratehq.com/ 83 KB
29 KB 45ms
42ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-f1d18b754eb400cd8e6a.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e48c2600d592c04baff964cd255b59e7b633759820fba14dd904fb0dc250151e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490431
content-type: application/javascript
x-amz-request-id: YKWHSTG77MF0QZTM
x-amz-id-2: rZliSUJKK6wfNmDCNsK1PuQWozZNZeUXEQ79iFjzX1BUDVpBfJw0wm0TVN87zA5FhOX1JvWCYYc=
last-modified: Thu, 18 Aug 2022 19:31:58 GMT
server: cloudflare
etag: W/"3362d52aaff8d64bbb90c1e4a2e0ea00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxwE%2F%2FMWPy556cPR8eC0lT6V2d3BHeRDv4yRQ9TSD8GPJnzmZiTVyWMRQVdqpHEpWaH40RzzP7ewUqMQ8AIVBi9TxJIfep%2BrvZaOjZe2XyYeXjmPYdwAg7DQOVXKi1%2F%2FKvYAgssE52jfs6mnvA17U0Xb9NQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: WqtbRfdnGOHeymDPf3tKPFCh.6.nnZsk
cache-control: max-age=31536000
cf-ray: 73fbdad43a22839d-MXP

POST
H2 200 track
a.et.nytimes.com/ Frame 7EED 0
0 114ms
113ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F08%252F22%252Fus%252Fpolitics%252Ftrump-mar-a-lago-documents.html%253Futm_source%253DSailthru%2526utm_medium%253Demail%2526utm_campaign%253DMorning%252520Email%2525208-23-22%2526utm_term%253Dus-morning-email&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
672 B 139ms
138ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-f1d18b754eb400cd8e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezhyTEoq8L%2B7vUjTSwPpy7CboJoTjrAnaNzDGyJPtrgBFWE%2FZY1YKPTnVfMzofXYhETnVlyKppS3czH3csROJCEjrkD%2BMOAD36dcQpBj0jhwSJkKxzOiNW%2FU%2FF1ecEwsd4DfvDNYaOR0iWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 73fbdad68e86baf7-MXP

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 211ms
134ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 73fbdad5ac88baf7-MXP
content-length: 0
date: Wed, 24 Aug 2022 11:47:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKRKSdno0LmvBDKvun6RwgqdwbriEzfj%2ByFqGvdVTssBcvzpL3LItq9jy6xqBJ9PMRb0GzeVEQbNsgtrwd7SOSey9t3NCSvye6EmorOxv4G2vXfCN9CUphc3M3Hqmrgctx4AILdXoFu2yYs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1616 13 KB
5 KB 18ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 11:30:39 GMT
expires: Thu, 24 Aug 2023 11:30:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA3B 783 B
1 KB 76ms
26ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69f8f2f1eede694fecd010a24dcdcb99a4170ad14fe67e5f36038edddde444a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qRTfnAgMdOOE_7VtuWrAsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-qRTfnAgMdOOE_7VtuWrAsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 11:47:43 GMT
expires: Wed, 24 Aug 2022 11:47:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1616 36 KB
14 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 07:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 07:47:41 GMT

POST
H2 403 report
csp.dev.nytimes.com/ Frame 7EED 417 B
492 B 59ms
15ms Other
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

9606b786f57a0271ca40ced6deb6829c9f4050071c52a339fdcc53016736e930

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4063-HHN
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 417
retry-after: 0
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA3B 0
0 49ms
49ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=853418409075245&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1616 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6x3e4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:47:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 14D7 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy9xaLD8FD2YZF59-YVDqWvLgy99IxzKyXtqbqDMqD1IuDRBr6SwSNpnw-lDdkGq7aNHcdKmzM1Y8V53Q5zfvb5583Ti7ugkYXotYRcQj3uNnnvAwjko5UrusbRc-n6uJzbRmZJ8ckd0HzRYLlDV4KW-knbFWs9ejhMLK9svzCk7Yt_SUZXrdgSSKuUC9xOKLNSx6WfKYkW4kELmMiH1jrMt8HFKGZMdJ6aIewiECe0A-O9uFhxp63s1g-7NYE21Ph9nfK0c8Cfc5BiWewW32cCJbGTuFYtWzi0AgeslV_cP9JTJcNSsHuLWMpgJXixVii3AEeQugyMId2nhBoJg&sai=AMfl-YTh2KhNu-uSnsfd8m-cs3O5wUyZfuIpqC42rMb9Nu4-r6tKys_V4P1CIyXXASNQloL-l0DeiILKKRNA3QCYbqesJ1mxuk-iFJwNmeFN4Q0&sig=Cg0ArKJSzFxnqzIa1D0SEAE&id=lidar2&mcvt=1001&p=149,0,423,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1133286891&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661341662474&rpt=268&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 11:47:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
831 B 154ms
154ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-f1d18b754eb400cd8e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c98b560d301b45829c5efd6d25757ff8058aada8b02e4a08c8b70f6e023cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Wed, 24 Aug 2022 11:47:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7n5FT2Q2JeHTEQDpV0Jj8R4nmfW%2B9%2B2KYVYV6NjjplQyN96Qu0uZC73x%2FNQiiSEh%2FR7f9DWrwBe8k2eV%2FyuhDbLsoPc5D6wktelxNNeQtw9PUb%2Fwppiz0aAOJzwozptuB%2FOz5DTSEXWLgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 73fbdad84a79baf7-MXP

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 135ms
135ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 73fbdad77856baf7-MXP
content-length: 0
date: Wed, 24 Aug 2022 11:47:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2B3R9YJ6cHtg%2F0N9oTzM7jV43LSbHM5XLznsz7oAZx9VYEcELumdqmaoGEciZFwz3ZMgXUYpT20MQxcIYTOX4zFzep22TazgXKBYl6Z%2BQI%2Batvj9qsojP28gitZYIzjikUcwDfxTSdeSdT8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=853418409075245&bg=!RkWlRQHNAAYUOm8VNDo7ACkAdvg8WgMfk24nZzWZF1Q9QhXheAAgy_JrcxRYLxdY6B70tLc_aclJGAIAAABhUgAAAANoAQeZAvCFbCD39E4UCcEDMAViDvpM6k9h1Sr-bwoG5og-26rPC7a4JvEJggZrteZfhsArQQ3wjPhjuAvV5i50uyH31XzUVeT-thhijbHPQ__YYEKeVjGo-hH6rl3EQUFdAgOgiahZdWX9PEMu_0AdZi7Mf35ID02tI4kDrWeJ78-lL-WwYzVdb5REAK5zSc3PAsEgR26ofYI9xfdSThIbyYH1L7UjdzlbNh1LQP0eridbl_tTIzB1aBZg2mKTrpsEuQH4EZ-8ISa0LNFqNz9aBQvHzF_P-GOCaeTahrlWqcbPL0RzN7hjxDg_-Ipe5eTTyUwE_ycVgAxSppfmKDCGPzB2-FLzDGqkgA3tPIiY-AyyPnTAsqN3JaFj44G-rNqS9oqfJ8Ox_d-4l6QVTd-9oA3cdb4d2lOHLq2psxAZ3KSBdmgKzI2WSYGoGB0WPI3KyNOIDxAps2mDI0nlbUam-m8o056IpEMqtgf01FSYX1X7RHAioJBh4s7ibQbjaWJxL4JjwDO0LEMkk5jSu__szN3smdkuhOFbSqb0cm9E9RBn4zLEThZevcOsUM5Y6QGmkKKw4KltQRT2s47R-Nxw5Qb8YjEboCkxLJi2D7L4d_8iKktiHBhv6x-imysGBAP5ZyDHoGklo67V_0fTPs7k4WMewlTN-H_mS4CKz7hLilVgwLOdJYkAhiD06LcRyUdQo9DBEH609mMzzmfW_P-xVlbfV4BlNGjLysFHSUoEKmiCPKh9J9vCHPjWH0jbp5XE1LLbv5NtUKjPm0SqpPtWZ-gsNHiZIDKtg7PIvQDRq_-uHON_MGIE2S2N3J8QS254x8ryFdeqNF9LG0SE5oNP99-TnjNHZA3w0C5Kikb8HoxOgaZXuIue0VfJnuad9DVKE-tGoBix2cQ4FC-8RRhojoA1QpOml7RZVs-vY2eVGjc3TNZczcrP0SZHtLEXsGPIEV0afysTj6eoBdvat9SDXcxZHoMBICotuaDsec1RW7t2EkwJuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Ping
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html?utm_source=Sailthru&utm_medium=email&utm_campaign=Morning%20Email%208-23-22&utm_term=us-morning-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.huffpost.com/	1970-01-20 14:14:58	Name: sailthru_hid Value: 8c1eaf7638abb33066f490cc919c9c9362e940231581cc2d8a07388b70f5cb8984bc546ba93ba849d2e27670
.huffpost.com/	1970-01-20 05:29:12	Name: sailthru_bid Value: 28816829.418414
.nytimes.com/	1970-01-20 14:14:37	Name: nyt-a Value: EJr7zDIlbxplDsTnkPRGS2
.nytimes.com/	1970-01-20 05:29:23	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 14:14:37	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 05:29:23	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 05:29:23	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 65297f12c3a442c0ab813e93b42ba5c6
.et.nytimes.com/	1970-01-20 05:29:03	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 14:14:37	Name: sessionIndex Value: 1\|1661341660275\|EJr7zDIlbxplDsTnkPRGS2\|1661341660275
.nytimes.com/	1970-01-20 14:58:31	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-20 15:05:01	Name: nyt-m Value: ABCD9D4260E83677C44AAE0063503E61&ft=i.0&imu=i.1&iub=i.0&pr=l.4.0.0.0.0&cav=i.1&ica=i.0&ifv=i.0&imv=i.0&ird=i.0&uuid=s.0b6cc2db-2203-4a32-bb59-067695fdab94&v=i.0&fv=i.0&prt=i.0&iue=i.0&s=s.core&e=i.1662019200&rc=i.1&er=i.1661341661&vp=i.0&iir=i.0&ira=i.0&g=i.0&igu=i.1&iru=i.1&t=i.0&n=i.2&igf=i.0&vr=l.4.0.0.0.0&ier=i.0&igd=i.0&iga=i.0
.nytimes.com/	1970-01-20 05:29:45	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 14:14:37	Name: nyt-jkidd Value: uid=0&lastRequest=1661341661588&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1661341661588&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 14:14:37	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 05:29:45	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 07:38:37	Name: _gcl_au Value: 1.1.667588000.1661341662
.nytimes.com/	1970-01-20 14:50:37	Name: __gads Value: ID=5bbe24e7d3401842:T=1661341662:S=ALNI_Mb7iyxnvSUJRwls_kOmYWjmvwvuMQ
.nytimes.com/	1970-01-20 14:57:49	Name: _cb Value: DPMhdGDl3OzdQHqXY
.nytimes.com/	1970-01-20 14:57:49	Name: _chartbeat2 Value: .1661341662544.1661341662544.1.CDiFPACegPZfBdSgV0BWcb_8DsmorG.1
.nytimes.com/	1970-01-20 05:29:03	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 15:05:01	Name: walley Value: GA1.2.1687166204.1661341662
.nytimes.com/	1970-01-20 05:30:28	Name: walley_gid Value: GA1.2.1813783724.1661341663
.nytimes.com/	1970-01-20 05:29:01	Name: _gat_UA-58630905-2 Value: 1
.doubleclick.net/	1970-01-20 14:50:37	Name: IDE Value: AHWqTUkDdnyH6XnciS7_TL47KTngur7-2vOm3jEQTG09ZM5T6Z3LLO5fgql8Gru4Lag
.et.nytimes.com/	1970-01-20 05:30:28	Name: et-ppvid Value: https://www.nytimes.com/2022/08/22/us/politics/trump-mar-a-lago-documents.html=vqUq-D-ialf3OoHE-oEoGxwf^https://myaccount.nytimes.com/auth/iframe/enter-email=5dLa4Efb-RJl9u1LuGiO07gS
.nytimes.com/	1970-01-20 14:14:37	Name: datadome Value: .CbE8ObXDB4JZ-DpcWCb6U~im93Opu3jS9tyP~NG_EPEshMzGfefEMZryOnQL913uK5eM-tu_RNzgkfyUMPtdMqpBKS4APAPkUyY1FooKAGCx2dOwEpH~P6gg00AMtHs
.nytimes.com/	1970-01-20 05:39:06	Name: RT Value: "z=1&dm=nytimes.com&si=d8ad1c96-15ac-4db2-b03f-6e69a9944574&ss=l77jxiyl&sl=1&tt=jb&bcn=%2F%2F684dd326.akstat.io%2F&ld=u9"
.nytimes.com/	1970-01-20 15:05:01	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MzA2MGZlMDMxNWEzZjAwMDFjMjAzZWQiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjYxMzQxNjY0fQ.wuLbBzmmn--CizpUiL7f8NGXMfyfMkO19UDqo94ykYU

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://684dd326.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

304f04f9711294dc9be02617fce0562e.safeframe.googlesyndication.com
5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c.go-mpulse.net
cdn.brandmetrics.com
collector.brandmetrics.com
csp.dev.nytimes.com
dd.nytimes.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
link.huffpost.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
142.250.186.162
142.250.186.38
15.197.193.217
151.101.1.164
151.101.129.164
151.101.193.164
18.66.97.36
20.50.2.28
2600:9000:223c:7800:18:1fcd:351:7bc1
2606:4700:20::681a:7e5
2606:4700:20::ac43:45f7
2606:4700:20::ac43:479c
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2001
2a02:26f0:dc:29d::11a6
2a02:26f0:ea:492::11a6
3.226.166.212
34.192.116.222
34.203.58.48
35.241.35.241
52.207.181.173
045e0724b29511c66a9812883940d2c57a406318057a42770b02605c055f6a9f
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f2f50fbc7872a8f8c8f3d9220b8e3dcd6c7df4815291adb129fe92e772dc0bb
0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09
13256de09978a61c620da111b76c919a5dfc5f2a27247a4ace4d0c826d7222e7
1894466033553bace0959ec962a02719a6b79229809a4e806535808c00508e97
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1a4dcd062f04cc72c5251f1f24c570ddc17a6ea9d47d001815bea268f57f0011
1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05
257fdec697aca5fc95c16eaa2e19309f2ecdd5c53b40f31ace1319801d30c4f6
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
2c4513a9894ef236d7436788299af2927671b317b036fefa0f7fc18d5912a295
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2f121e168a9baaeab6c2607a5c7ea788955724717d26ae30b6e40c503c5981b8
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
35f252a08454d9cf707a2ed3b57a79bc34197fffcd3871c363544f1d7bd777ce
3c9576d5cac77c92f0654248749f2f009c7c22a2cc6b1cd78a4e417c1a639d32
3d691e54d75e4a6eb1ed797c7ed7ee3d21ddd809a9cbe8298a032940dba647de
45a290f96a0c1b412fbe93b3bca051c229293e311d5fa4a2008e387e6f7c0998
487b92652357985eeb010d2732bb5f562b3c59408f2149aa662a57d622117a46
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4d2ce19798cd83cdf7daf80898d25b01a5bbeb0305a2fe62f49b5d25e642895d
509d3ac20f5a0f79c4e1a109576824b5ce54d6451cd7c8e806d1f8e97cfcddb2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
57c4e9c3b00e2ab7b4320be10f61cf71f34131de582759ce746fbf0d728b30a6
5efea7a3479aa2dc6ee8d1c63a96db37049f50ab424f74acf13e87cda3266936
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
670a95cd158403499bf308fbe60338311489378bef26576fedcd21b3bf2f2cab
69f8f2f1eede694fecd010a24dcdcb99a4170ad14fe67e5f36038edddde444a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70f066865ae01e91db9ecb90dad756acc7c146b7511080ab3904fc4ef8c4280d
79d1077118ad58d8bacbcbd079fa59b6805c0c87fcf15167547e6a59bd748c6d
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7ed8b7d05ca568ac7043fe6fcac2cb818712c40cf0cf4ca4e8e2cf4d42296c29
80796bd5546aa3748a69fe18cfba1aca1da75a66b63089c6b2331981009812c0
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9606b786f57a0271ca40ced6deb6829c9f4050071c52a339fdcc53016736e930
9848f51ba9e7a2aef2b93302e9fd76a890f2dcbcf5e90435409cd4aa3cc4ef1a
9bb21b642b531ba8903ef70a4a9f41a32fa5678538d3486c2f4e36e61f3071e9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
a57dee254acc35e52bab34fb54d606ff9f3eafdf13956f8cddf4806502b40b0a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
af35f09a596676b960126621cf0453a42dfa43374c3595e5a7eca308c90c50ea
b28c920167ece7f54f0e7f82812ff0e3916065f27bf0aabf0f8d1c2ddec073ff
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b78d7857cf4502f1c3fa3fdf6b744175b14ab72978f54e18a5f184061075a8a2
b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993
b90034f10044a3bc0162aafa5ae731d19f4aacbfdd5db5847a9d96bc83c950cc
be4e7fe530814818817ef4e09f740982d12335e178ae1a60f1ae8699fb89878c
c51e201e1fc5627052bd55f8d02292e01f759d9f0904646c0ce66d9a32b5d25d
c6e38571d31857a0f37a4ae0b0bd99e0c843d6d45549b17abed104ab2023f4aa
c8cfec314c6ca9248f8b3675eed4ebf2ce4558f1c86768f508d18b958f3956db
cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3a408bd4b43b49614538306cd1dfd1de81176568427e3605d09948db3d516d8
d42655691421a6e80017450784b4ca42677840413840e4a117185b1347766535
d6c98b560d301b45829c5efd6d25757ff8058aada8b02e4a08c8b70f6e023cd3
dde340afbe70bfec044f29025bd58dd519f7270fdb405596981c23ca29c85c3d
de54ba227b65d2fe6dfa5197ec86971138a74d23ab2b99275633e7afd56101ae
e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e48c2600d592c04baff964cd255b59e7b633759820fba14dd904fb0dc250151e
e7382a15fd1fc8a77ecdf22902521a2c88213aa5380a5d865083b1e693be2a48
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ec8aac1a1f74bea844cfa644ebdd236941d9b98e831ddf0b5cd831a7b91fc737
ee05fbdb0862ebd5b3d578ced55476e357752b93de3101de6938416bc3ffceaa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c325575c17ecc2f578cd7015b9c91171b5710e0c46131cda4abb6f656cce1
f643d9af2efd6420d8b4c1114c790811697cca6151dd0a6068c010e4ccbccd1e

www.nytimes.com Open in urlscan Pro 151.101.193.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

55 %IPv6

16 Domains

37 Subdomains

29 IPs

4 Countries

3368 kBTransfer

9008 kBSize

30 Cookies

14 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.193.164 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

55 %
IPv6

16
Domains

37
Subdomains

29
IPs

4
Countries

3368 kB
Transfer

9008 kB
Size

30
Cookies

116 HTTP transactions
1 data transactions