urlscan.io logo urlscan.io
SecurityTrails logo

www.nytimes.com Open in urlscan Pro
151.101.1.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/zxfmWCsdlh
Effective URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Submission: On June 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 2 countries across 17 domains to perform 121 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2415.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 1 67.199.248.12 396982 (GOOGLE-CL...)
1 1 3.217.69.250 14618 (AMAZON-AES)
43 151.101.1.164 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 172.217.23.98 15169 (GOOGLE)
1 35.244.188.62 15169 (GOOGLE)
2 143.204.215.30 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.241.35.241 15169 (GOOGLE)
1 52.207.181.173 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.134 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 3.94.97.242 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
121 27
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.12 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com
nyti.ms
1    3.217.69.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-69-250.compute-1.amazonaws.com
trib.al
43    151.101.1.164 (United States)

ASN54113 (FASTLY, US)
www.nytimes.com
g1.nyt.com
static01.nyt.com
samizdat-graphql.nytimes.com
myaccount.nytimes.com
mwcm.nytimes.com
a1.nyt.com
mwcm.nyt.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a.et.nytimes.com
purr.nytimes.com
8    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
7    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
securepubads.g.doubleclick.net
1    35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com
als-svc.nytimes.com
2    143.204.215.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-30.fra53.r.cloudfront.net
dd.nytimes.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
1    35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com
meter-svc.nytimes.com
1    52.207.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-181-173.compute-1.amazonaws.com
a.nytimes.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
5290727.fls.doubleclick.net
ad.doubleclick.net
1    2600:9000:2057:8e00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    3.94.97.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-97-242.compute-1.amazonaws.com
pnytimes.chartbeat.net
7    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
platform.iteratehq.com
iteratehq.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
40 nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 2415
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8776
a.et.nytimes.com — Cisco Umbrella Rank: 6644
als-svc.nytimes.com — Cisco Umbrella Rank: 11428
myaccount.nytimes.com — Cisco Umbrella Rank: 12671
dd.nytimes.com — Cisco Umbrella Rank: 11668
meter-svc.nytimes.com — Cisco Umbrella Rank: 12527
a.nytimes.com — Cisco Umbrella Rank: 8002
purr.nytimes.com — Cisco Umbrella Rank: 11358
mwcm.nytimes.com — Cisco Umbrella Rank: 12359
1 MB
20 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 10309
static01.nyt.com — Cisco Umbrella Rank: 6146
a1.nyt.com — Cisco Umbrella Rank: 8329
mwcm.nyt.com — Cisco Umbrella Rank: 18186
654 KB
18 google.com
news.google.com — Cisco Umbrella Rank: 4557
adservice.google.com — Cisco Umbrella Rank: 92
play.google.com — Cisco Umbrella Rank: 46
www.google.com — Cisco Umbrella Rank: 9
100 KB
15 googlesyndication.com
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
87 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 9765
ad.doubleclick.net — Cisco Umbrella Rank: 203
176 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
126 KB
4 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 6897
iteratehq.com — Cisco Umbrella Rank: 6270
36 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 7288
201 B
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 660
261 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1253
15 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
43 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7295
792 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
104 KB
1 trib.al
trib.al — Cisco Umbrella Rank: 16807
189 B
1 nyti.ms
nyti.ms — Cisco Umbrella Rank: 166864
240 B
1 t.co
t.co — Cisco Umbrella Rank: 466
508 B
121 17
Domain Requested by
13 g1.nyt.com www.nytimes.com
g1.nyt.com
mwcm.nyt.com
11 a.et.nytimes.com www.nytimes.com
11 www.nytimes.com t.co
www.nytimes.com
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
8 news.google.com www.nytimes.com
news.google.com
t.co
www.gstatic.com
8 samizdat-graphql.nytimes.com www.nytimes.com
7 pagead2.googlesyndication.com tpc.googlesyndication.com
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 play.google.com www.gstatic.com
7 securepubads.g.doubleclick.net www.nytimes.com
securepubads.g.doubleclick.net
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
www.googletagservices.com
6 tpc.googlesyndication.com c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 www.gstatic.com news.google.com
www.gstatic.com
3 mwcm.nyt.com www.nytimes.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.nytimes.com
3 myaccount.nytimes.com www.nytimes.com
myaccount.nytimes.com
3 static01.nyt.com www.nytimes.com
2 iteratehq.com platform.iteratehq.com
2 platform.iteratehq.com t.co
platform.iteratehq.com
2 ad.doubleclick.net 1 redirects c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
5290727.fls.doubleclick.net
2 dd.nytimes.com t.co
dd.nytimes.com
1 www.google.com tpc.googlesyndication.com
1 pnytimes.chartbeat.net www.nytimes.com
1 insight.adsrvr.org www.nytimes.com
1 a1.nyt.com t.co
1 static.chartbeat.com t.co
1 www.googletagservices.com c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
1 mwcm.nytimes.com www.nytimes.com
1 fonts.gstatic.com news.google.com
1 purr.nytimes.com www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 meter-svc.nytimes.com www.nytimes.com
1 adservice.google.de securepubads.g.doubleclick.net
1 als-svc.nytimes.com www.nytimes.com
1 www.googletagmanager.com www.nytimes.com
1 trib.al 1 redirects
1 nyti.ms 1 redirects
1 t.co
121 38
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
nytimes.com
Thawte RSA CA 2018		 2022-03-14 -
2023-04-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
a.et.nytimes.com
GTS CA 1D4		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-03 -
2023-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
a.nytimes.com
R3		 2022-04-18 -
2022-07-17		 3 months crt.sh
purr.nytimes.com
GTS CA 1D4		 2022-05-14 -
2022-08-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Frame ID: 914BBDB67E129A07DB66380E60DFA2B5
Requests: 70 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 2C3D3964E0BA2B97EC78790D39C74EDB
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459783&publicationId=nytimes.com
Frame ID: BD14E571002AEFF3F7770A61172D70A6
Requests: 13 HTTP requests in this frame

Frame: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6BFE02FEF8306A4CD0B7B0FADA5F680D
Requests: 1 HTTP requests in this frame

Frame: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB360068245C6A3B0A77AA363F708598
Requests: 9 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur
Frame ID: 8CB0503401A02712ECDB2649A700FE7F
Requests: 2 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-373072-INYT-April-2022/flex
Frame ID: 5D515D0B007F7ADB94BD92948C0C863C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC5352CE5F976CDB82E90FBADA0C9286
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDAD1062A886D35D96F2FB1FBF4E4AE5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A888948D3B80EC02117FF11A825050C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

F.D.A. Approves Alopecia Drug That Restores Hair Growth in Many Patients - The New York Times

Page URL History Show full URLs

  1. https://t.co/zxfmWCsdlh Page URL
  2. https://nyti.ms/3zAb6UR HTTP 301
    https://trib.al/CmxyJeI HTTP 301
    https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

121
Requests

99 %
HTTPS

57 %
IPv6

17
Domains

38
Subdomains

27
IPs

2
Countries

2419 kB
Transfer

6672 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/zxfmWCsdlh Page URL
  2. https://nyti.ms/3zAb6UR HTTP 301
    https://trib.al/CmxyJeI HTTP 301
    https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur
Request Chain 77
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CJ6O3cKlrfgCFQjzdwodyMoEww;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

121 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zxfmWCsdlh
t.co/ 		224 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/zxfmWCsdlh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
176
content-type
text/html; charset=utf-8
date
Tue, 14 Jun 2022 15:49:05 GMT
expires
Tue, 14 Jun 2022 15:54:06 GMT
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
14c86b82426446c1f9ce6b41e9d99cafada402997f4e38edbb16abcad7fab036
x-response-time
115
x-xss-protection
0
Primary Request alopecia-drug-approved-fda.html
www.nytimes.com/2022/06/13/health/
Redirect Chain
  • https://nyti.ms/3zAb6UR
  • https://trib.al/CmxyJeI
  • https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
327 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Requested by
Host: t.co
URL: https://t.co/zxfmWCsdlh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2576cc790941273183052e88bf3060fc1d4460c7fc25ecd259473d15707f05bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/zxfmWCsdlh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
52
cache-control
s-maxage=300,no-cache
content-encoding
gzip
content-length
71838
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 14 Jun 2022 15:49:06 GMT
fastly-restarts
1
last-modified
Tue, 14 Jun 2022 15:48:14 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/06/13/health/alopecia-drug-approved-fda.html
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
3e44bf7c31974199ae028903708db236
x-cache
HIT, HIT
x-cache-hits
1, 1
x-cloud-trace-context
32d1161a7e2a07ee2fa34f33f87e4cb1/6967512131436453939;o=1
x-content-type-options
nosniff
x-datadome
protected
x-datadome-timer
S1655221699.055994,VS0,VE10
x-frame-options
DENY
x-gdpr
1
x-nyt-app-webview
0
x-nyt-data-last-modified
Tue, 14 Jun 2022 15:48:14 GMT
x-nyt-edge-cache
HIT-HIT
x-nyt-route
vi-story
x-origin-time
2022-06-14 15:48:19 UTC
x-pagetype
vi-story
x-scoop-last-modified
2022-06-14T14:22:53.257Z
x-served-by
cache-lga21920-LGA, cache-hhn4057-HHN
x-timer
S1655221747.983519,VS0,VE8
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, max-age=0, no-cache
content-length
257
content-type
text/html;charset=utf-8
date
Tue, 14 Jun 2022 15:49:06 GMT
location
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
server
CherryPy/7.1.0
web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
content-type
text/css; charset=utf-8
age
665779
x-guploader-uploadid
ADPycdtiXjW-Y2HmI2xo5r55nT0OBy8J0F3lDrtKI-J8_W5zrUGUaQOUBrB3o2u3HuloHi5vm1eefKhqNXQk2ZRdNbqeMg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9789
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
accept-ranges
bytes
expires
Tue, 06 Jun 2023 22:52:47 GMT
last-modified
Tue, 03 May 2022 17:15:49 GMT
server
UploadServer
x-timer
S1655221747.032853,VS0,VE0
etag
"0ae5b8ecb62ff6424a71dc89303213f5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598149653041
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
9789
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
12478
global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
3084314
x-guploader-uploadid
ADPycduunQqczQOn08s2WUNii2J817Bjt28nA5frc3M8ngYCl3ZOReqnzYJ6i_u2FxANX2Muxk2g9OZJEuMVnKX-K1bNCw
x-goog-stored-content-encoding
identity
x-origin-time
2022-05-09 23:03:52 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.008917,VS0,VE1
etag
"3571f7d1a0dfa9e747b201e07fd9492b"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type
text/css; charset=utf-8
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
12461
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1978
last-modified
Mon, 09 May 2022 22:55:44 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation
1652136944330769
expires
Tue, 09 May 2023 23:03:52 GMT
x-gdpr
1
x-goog-stored-content-length
5676
accept-ranges
bytes
adslot-ddcb90975619ee96c79f.js
www.nytimes.com/vi-assets/static-assets/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-ddcb90975619ee96c79f.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ecde91d8c12af674c6f198b48f55fe2aedfd881ee2f9fd238a489c2b7988266d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1110266
x-guploader-uploadid
ADPycdvlMCgftF7Yy9dNoEh3idk_HACuVyifGg_2qQqMy68LjcXWZZc6QDqnmsU5Onai4zzbTO81ww4Lxh6b1Wak2pzMd625Cas9
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-01 19:25:42 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.026913,VS0,VE1
etag
"d71e3202e38877d0d5d4985bdc813470"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-ddcb90975619ee96c79f.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
2688
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7396
last-modified
Wed, 01 Jun 2022 18:55:15 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=WHX2YA==, md5=1x4yAuOId9DV1Jhb3IE0cA==
x-goog-generation
1654109715440940
expires
Thu, 01 Jun 2023 19:24:40 GMT
x-gdpr
1
x-goog-stored-content-length
20978
accept-ranges
bytes
merlin_208496565_a914c5df-a246-46ba-8fdb-5e96692fb71b-superJumbo.jpg
static01.nyt.com/images/2022/06/13/science/13alopecia1/ 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2022/06/13/science/13alopecia1/merlin_208496565_a914c5df-a246-46ba-8fdb-5e96692fb71b-superJumbo.jpg?quality=75&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
03bf118c08cfb059c85df4e10cfe6428e5e633e4ba476b1abd8a056884bf2e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish, 1.1 varnish
age
71892
x-guploader-uploadid
ADPycdtWiuiwxoNEYwufJ3PyawDHInK9mJ9bTw3wG3F3scMTJ3E6MOuDJxqO4W3zZAVGoZMr2K9fcFVptYme3J5OYs3Orws1WA29
x-cache
HIT, HIT
fastly-io-info
ifsz=481745 idim=1536x2048 ifmt=jpeg ofsz=191868 odim=1536x2048 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
fastly-stats
io=1
content-length
191868
x-served-by
cache-iad-kcgs7200100-IAD, cache-hhn4057-HHN
server
UploadServer
x-timer
S1655221747.065466,VS0,VE1
etag
"V0EQHWWki9stGX/YULRo8HgMisD4M+yYtRnb8QCLwp8"
vary
Accept
x-goog-hash
crc32c=68czsg==, md5=6F7TKtx2pqxK/bP+qWeV/g==
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 13 Jun 2022 19:50:54 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
author-gina-kolata-thumbLarge-v2.png
static01.nyt.com/images/2018/02/16/multimedia/author-gina-kolata/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2018/02/16/multimedia/author-gina-kolata/author-gina-kolata-thumbLarge-v2.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f90832f2498fa3f721dbe70e0887cf160cf78e4a7e14efc329863de89bd8dc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish, 1.1 varnish
age
446523
x-guploader-uploadid
ADPycdsM0Zvl-hr4ypP28CcgHV_CrCB6xk1J95Dh_bHlUM3JUoGrnoiwH9QfpSrImmwRUwXmWyw2F8d8SXUL2uZk1DQxMg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
10, 3
content-length
28205
x-served-by
cache-iad-kcgs7200156-IAD, cache-hhn4057-HHN
last-modified
Thu, 26 May 2022 11:46:20 GMT
server
UploadServer
x-timer
S1655221747.065332,VS0,VE0
etag
"589bc71fdd41101440cee453fb330766"
vary
Origin
x-goog-hash
crc32c=sF8+og==, md5=WJvHH91BEBRAzuRT+zMHZg==
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 May 2022 11:47:02 GMT
vendor-ed96389ba0970897e997.js
www.nytimes.com/vi-assets/static-assets/ 		210 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-ed96389ba0970897e997.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5a30e0a93378ad4c43c402f2703dd8669375265eede6eb3f3974f55ac2343c41
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
952094
x-guploader-uploadid
ADPycdseBM2gGiHxW3Zhgl5uvY2TKAT-UfrfKVQO0EHGpSzABdIA-26AOPUscGwuLt4jQAQdH1Oq6DUw4H_WwbFZAXwlSA
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-03 15:20:52 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.063229,VS0,VE1
etag
"20004cfdbf9ab701ee22fded91584cc7"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-ed96389ba0970897e997.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
17375
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
62556
last-modified
Fri, 03 Jun 2022 15:14:32 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=Kc4Beg==, md5=IABM/b+atwHuIv3tkVhMxw==
x-goog-generation
1654269272122022
expires
Sat, 03 Jun 2023 15:20:52 GMT
x-gdpr
1
x-goog-stored-content-length
214977
accept-ranges
bytes
story-d1114dc25aff94399765.js
www.nytimes.com/vi-assets/static-assets/ 		1 MB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/story-d1114dc25aff94399765.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
daf7d49b86563eea41f1e5a1288991818c6c51c2c513754205877b45212605d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
92474
x-guploader-uploadid
ADPycdutIiMjmdlhlGUlKvPV5-jkoW8D1jpyNlLHqL5qqVMDkB590S961UlxWGxokfe6ViMRW18Ymdsr71P723eSPKCBnw
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-13 14:29:00 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.063439,VS0,VE1
etag
"4d555194a5648c9241464dedb539c3ea"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-d1114dc25aff94399765.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
16
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
298545
last-modified
Mon, 13 Jun 2022 13:55:40 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=Q13YgA==, md5=TVVRlKVkjJJBRk3ttTnD6g==
x-goog-generation
1655128539897680
expires
Tue, 13 Jun 2023 14:07:52 GMT
x-gdpr
1
x-goog-stored-content-length
1140237
accept-ranges
bytes
main-34e8fcf7dcb74a171241.js
www.nytimes.com/vi-assets/static-assets/ 		1 MB
363 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3a94f1da3143b2f5313a735fec6251738fd911b8bf6e998453b61f8030d3cdd0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
87988
x-guploader-uploadid
ADPycduiUTyWJ4sIu2hGL4UUoLsiCwk_XW_cJEiIAZuuK-8wS58PxyiA7bpFQoVq-JYebgL1pJTDA648pvlpQslNtFjXww
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-13 15:22:39 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.063543,VS0,VE1
etag
"58b2741e3df0d784262d2b35da022903"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
25
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
370927
last-modified
Mon, 13 Jun 2022 14:43:22 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=1YDQOw==, md5=WLJ0Hj3w14QmLSs12gIpAw==
x-goog-generation
1655131401858125
expires
Tue, 13 Jun 2023 15:22:38 GMT
x-gdpr
1
x-goog-stored-content-length
1294847
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		386 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dcc7809445f9f5bb3319e06e9e8dcde4244bbbbbb3bfb18f8a83a940c60ff14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105864
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
41
cache-control
max-age=30
content-length
0
date
Tue, 14 Jun 2022 15:49:07 GMT
samizdat-x-canary
false
samizdat-x-instance
9fad7c3e
server
samizdat-graphql-ac8db6c
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
421e3eea595c6c7b-42230b863a7d8dd5-0
x-cache
HIT
x-cache-hits
3
x-datadog-trace-id
421e3eea595c6c7b-42230b863a7d8dd5-0
x-nyt-audience-target-flat
EU:PM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
PM
x-nyt-region
NW
x-samizdat-query-exe-id
b3e2d6445d5f2b30
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4039-HHN
x-timer
S1655221747.096937,VS0,VE1
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
v2
samizdat-graphql.nytimes.com/graphql/ 		148 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

x-samizdat-query-sup-code
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
631d9516f48b2420-6f324ec40095e41f-1
age
7
x-cache
HIT
samizdat-x-instance
9f2c7193
x-samizdat-query-field-errors
0
x-cache-hits
2
x-samizdat-query-exe-id
d4e56e6d59b55045
content-length
123
samizdat-x-canary
false
x-nyt-continent
EU
server
samizdat-graphql-ac8db6c
x-timer
S1655221747.108980,VS0,VE0
x-nyt-region
NW
x-served-by
cache-hhn4057-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:PM
cache-control
max-age=30
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
631d9516f48b2420-6f324ec40095e41f-1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
swg.js
news.google.com/swg/js/v1/ 		145 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baae4f16aeec8d6c608031c3f410e54b902ae5820455577cf0031cae6209088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45963
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 18:45:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 16:18:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
7ade0d63de839a8d599ec7c7b550dbd83589a2cf1a02126080953b046e24467c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27876
x-xss-protection
0
server
sffe
etag
"1244 / 722 of 1000 / last-modified: 1655217774"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Jun 2022 15:49:07 GMT
als
als-svc.nytimes.com/ 		847 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F23499fb9-cc34-5897-be0f-51fbd8c7bbe3&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.188.244.35.bc.googleusercontent.com
Software
/
Resource Hash
c26d8658199fcd8c06274696a9e0cfa4bb79fcfbbedde0930e93c0daf9405fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 google
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
847
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
3086369
x-guploader-uploadid
ADPycdv-wMrn_0wD7S_Q23L9H4O3AJmYu42pFqEqLNoCsE31ocWZUaAG-wMQkKAGQqktDXBh7JBBnFqIf0kt5td-Plv2_Q
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Tue, 09 May 2023 22:29:36 GMT
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1655221747.104633,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598151017654
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
19816
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
36639
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
3076375
x-guploader-uploadid
ADPycdvy4KmYsVi6P3KPpVVP2Dv1fJclwBRYKAVGUpFE-DH_EloUVl3KM3xKSwGh-g-WNLV0c3b819DgVM1NyotGK-bUyA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Wed, 10 May 2023 01:16:11 GMT
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1655221747.104600,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598151054057
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20276
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
36562
cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
18629686
x-guploader-uploadid
ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29076
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Fri, 11 Nov 2022 00:54:21 GMT
last-modified
Wed, 15 Sep 2021 19:43:02 GMT
server
UploadServer
x-timer
S1655221747.104601,VS0,VE0
etag
"a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734982705223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
29076
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
25351
cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
18027570
x-guploader-uploadid
ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Fri, 18 Nov 2022 00:09:37 GMT
last-modified
Wed, 15 Sep 2021 19:43:03 GMT
server
UploadServer
x-timer
S1655221747.104837,VS0,VE0
etag
"108ce298d451197b23fefceb3e36959f"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734983132414
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20136
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
16279
franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
2465969
x-guploader-uploadid
ADPycdvuCUtRuuV6_DcEKwFwL_2UNBL2FipfjxHd5ZlxtGyJ2lYSgFleuwGejfXAERxhltpuJBlJQWOdxZnyTGSqcINBTQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Wed, 17 May 2023 02:49:37 GMT
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1655221747.104817,VS0,VE0
etag
"a6479a5200f9a6352bdb71589c27c9c3"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598150991608
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20136
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
30800
cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
4891259
x-guploader-uploadid
ADPycdsupGZBtfyEtUZCrrlJSlP-NvKgk5h0K03F_Kb35zhaRG1G7gTSrc5Z-3asiNmJzbzG62XTmU8ab6eIlHgJq8uTAD8m1Ufh
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28620
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Wed, 19 Apr 2023 01:08:07 GMT
last-modified
Wed, 15 Sep 2021 19:43:02 GMT
server
UploadServer
x-timer
S1655221747.104825,VS0,VE0
etag
"f99a0459024509f157a3352e5de4f873"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734982696426
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
28620
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
13839
imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
3075244
x-guploader-uploadid
ADPycdv15LMgpdMl_eTPZN1ehbcyd8XULuVQduYPl060XjnrJakJFAuinT7HtttDy9rEk28ib5zLIoOrGh88PKjwE8EJjw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26504
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Wed, 10 May 2023 01:35:02 GMT
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1655221747.126389,VS0,VE0
etag
"6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598151578179
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
26504
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
35513
cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
content-type
application/octet-stream
age
4291638
x-guploader-uploadid
ADPycdtIqnjeD4B7ks-jtEooS8CE2vRJpBFWQu83PaR2kEb7JwKF36P8WBHSb1QVV2HUrCI6Uyu3O27Am16m_ysTY4x3fg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27260
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Tue, 25 Apr 2023 23:41:48 GMT
last-modified
Wed, 20 Apr 2022 13:09:39 GMT
server
UploadServer
x-timer
S1655221747.126385,VS0,VE0
etag
"7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1650460179222416
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
27260
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
24169
prefetch-assets
myaccount.nytimes.com/auth/ Frame 2C3D 		393 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/auth/prefetch-assets
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy / Express
Resource Hash
0fcec2cb0900bbedf0010a1cd7e66e6cd863d36f6206097d2810a2036cafe96c
Security Headers
Name Value
Strict-Transport-Security max-age=300; preload; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
303
cache-control
public, max-age=600
content-encoding
gzip
content-length
276
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 14 Jun 2022 15:49:07 GMT
etag
W/"189-tSwPCnleeB0uIyOyJQl4e9g5Izs"
server
envoy
strict-transport-security
max-age=300; preload; includeSubdomains
vary
Accept-Encoding
via
1.1 varnish
x-api-version
F-X
x-cache
HIT
x-cache-hits
7
x-cloud-trace-context
2b882512d6bc38c3559f093fd9480a7a
x-content-type-options
nosniff
x-datadog-parent-id
2635071175483275484
x-datadog-sampled
1
x-datadog-sampling-priority
1
x-datadog-trace-id
7031901843085663393
x-envoy-upstream-service-time
2
x-nyt-backend
lire-ui
x-nyt-edge-cache
HIT
x-powered-by
Express
x-served-by
cache-hhn4057-HHN
pubads_impl_2022060901.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127664
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 08:36:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Jun 2023 15:45:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
872d9920504bf7d3df13ab8a907db0b07563c5a951e56c46eb9e9b98c8e02061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
expires
Tue, 14 Jun 2022 15:49:07 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:33:17 GMT
x-content-type-options
nosniff
age
950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21972
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 16:23:17 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:40:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 16:30:34 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame BD14 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=459783&publicationId=nytimes.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34b00a09f0db58119a4b4eef9ad6bc9114c0665b5a1fc22884d593a30a2c843d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F8223i5hZ1Tq_nNzBM523w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-F8223i5hZ1Tq_nNzBM523w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-F8223i5hZ1Tq_nNzBM523w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-F8223i5hZ1Tq_nNzBM523w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Tue, 14 Jun 2022 15:49:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-0da262f7af0045345caf.js
www.nytimes.com/vi-assets/static-assets/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-0da262f7af0045345caf.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
689923abc1f31fa49595a39a01daf31ede12944c26a32fd588e037c594948e2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1110204
x-guploader-uploadid
ADPycduDNmpW7uRFIRBttZU1O-M7HI1Y6EZrY7GzyKOoyxd9K38WiaNJQOipYQmqx4FLKpxGgACijP_Uu_rkheiHaPmCBA
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-01 19:25:43 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.347765,VS0,VE1
etag
"22f1168f4dce9c02433f66763cde2a92"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-0da262f7af0045345caf.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
2511
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
13826
last-modified
Wed, 01 Jun 2022 18:55:16 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=cUhZUA==, md5=IvEWj03OnAJDP2Z2PN4qkg==
x-goog-generation
1654109716628578
expires
Thu, 01 Jun 2023 19:25:43 GMT
x-gdpr
1
x-goog-stored-content-length
44029
accept-ranges
bytes
vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
www.nytimes.com/vi-assets/static-assets/ 		67 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
952085
x-guploader-uploadid
ADPycdv4RhEa_7MJ4a0EmWclyk2k0gnlHCXy5EDrJApjaRlZzBXrYaUo9IXGYn5wWWBpQ_2cxhKhSAut5jq3vm9wXWt74w
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-03 15:21:02 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.348123,VS0,VE1
etag
"31ae068f9753c44599fc91cfeeeead54"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
13490
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
13353
last-modified
Fri, 03 Jun 2022 15:14:32 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=sxH6MA==, md5=Ma4Gj5dTxEWZ/JHP7u6tVA==
x-goog-generation
1654269272247723
expires
Sat, 03 Jun 2023 15:21:02 GMT
x-gdpr
1
x-goog-stored-content-length
68978
accept-ranges
bytes
vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
www.nytimes.com/vi-assets/static-assets/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cc49996658507fab7a30a2e9cf53cfb8ddd903d86ad652d776fd5fc08e2938f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1171900
x-guploader-uploadid
ADPycds9UmkzfRcmjyemfS8NJGwfDowKQ6WHu9TXugr7C7UTDGPhlA5uFlKbjgo6ftBc-K5OZEJTClMUNCuISf0trZM-FQ
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-01 02:17:27 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221747.348174,VS0,VE1
etag
"fa5bc2a2165f8c6daab9bef9cff51ef9"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
14400
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
5019
last-modified
Tue, 31 May 2022 21:14:29 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=ZP5p3Q==, md5=+lvCohZfjG2qub75z/Ue+Q==
x-goog-generation
1654031669367125
expires
Thu, 01 Jun 2023 02:17:26 GMT
x-gdpr
1
x-goog-stored-content-length
22000
accept-ranges
bytes
entitlements
news.google.com/swg/_/api/v1/publication/nytimes.com/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.nytimes.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 2C3D 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 varnish
x-api-version
F-X
age
0
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache
HIT
x-envoy-upstream-service-time
18
content-length
308
x-served-by
cache-hhn4057-HHN
server
envoy
strict-transport-security
max-age=300; preload; includeSubdomains
content-type
text/html; charset=UTF-8
x-cloud-trace-context
90f4dc59e1eaf2a186a85e4fd4c7a3da;o=1
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
1
unified-lire.bundle.js
myaccount.nytimes.com/lire_ui/js/ Frame 2C3D 		429 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=a94cdf4
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8994f3cb2bc6dd75c2f0bd67b04968f17415df55f4eae7b9d26e9fb788f55eb4
Security Headers
Name Value
Strict-Transport-Security max-age=300; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-api-version
F-X
age
453
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache
HIT
x-envoy-upstream-service-time
4
x-cache-hits
6
content-length
145645
x-served-by
cache-hhn4057-HHN
server
envoy
etag
"rifFJw"
strict-transport-security
max-age=300; preload; includeSubdomains
content-type
application/javascript
via
1.1 varnish
x-cloud-trace-context
5bca7800d7a1ce22dea6d2b3db7a7956
cache-control
public, max-age=600
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-nyt-backend
lire-ui
expires
Wed, 08 Jun 2022 00:39:52 GMT
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
tags.js
dd.nytimes.com/ 		207 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: t.co
URL: https://t.co/zxfmWCsdlh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-30.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
ade179d1e0d2cba2c301ef6a3e9a92dff2bcdf5b64b77d33bc42d83a82d74bdb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
etag
"33db8-5e164e609610b-gzip"
age
1777
x-cache
Hit from cloudfront
content-length
43334
access-control-allow-origin
*
last-modified
Tue, 14 Jun 2022 09:19:15 GMT
server
Apache
date
Tue, 14 Jun 2022 15:19:33 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront), 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
FRA60-P2, FRA53-C1
accept-ranges
bytes
x-amz-cf-id
qdudK86P3ug4_5tcx8Aoy1hBwsbOCPghi9bPSL24kDmKDBkH9oP7kA==
expires
Tue, 14 Jun 2022 16:19:30 GMT
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame BD14 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: t.co
URL: https://t.co/zxfmWCsdlh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-Wdd6xlB2ph17DW_Ee8Zcig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-Wdd6xlB2ph17DW_Ee8Zcig' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=459783&publicationId=nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
date
Tue, 14 Jun 2022 15:49:07 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-Wdd6xlB2ph17DW_Ee8Zcig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-Wdd6xlB2ph17DW_Ee8Zcig' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame BD14 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459783&publicationId=nytimes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:33:17 GMT
x-content-type-options
nosniff
age
950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21972
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 16:23:17 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2m... Frame BD14 		168 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459783&publicationId=nytimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
befbf0f6202f9f489535a148c97f0b132bf221eecc63add620e94ec7bf2dc444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 18:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60267
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 04:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 18:30:06 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1621678851978654&correlator=2474760023594449&eid=31067816%2C31067168%2C44752586%2C42531606%2C31067488&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Chealth&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=3934037196&didk=4011368107&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D433&cust_params=als_test_clientside%3Dweb_none_high_20220614154907%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1655220190519%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Delilillyandcompany%252Cfoodanddrugadministration%26des%3Dyourfeedscience%252Calopeciaareata%26auth%3Dginakolata%26coll%3Dhealth%252Camp%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dhealth%26si_section%3Dhealth%26id%3D100000008394766%26pt%3Dnt1%252Cnt10%252Cnt14%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt7%252Cnt9%252Cpt13%252Cpt15%26gscat%3Dgs_health%252Cneg_citi_aa%252Cgs_health_specialities%252Cneg_mastercard%252Cgs_health_derma%252Cneg_bofa%252Cneg_capitalone%252Cneg_ibmtest%252Cgs_fashion%252Cneg_hearts%252Cgs_health_misc%252Cneg_fcli%252Cgs_health_musculoskeletal%252Cgv_safe%252Cgs_t%26is_viral%3Dhigh%26tt%3D27%252C79%252C318%26mt%3DMT6%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D1%26page_view_id%3D1Kf6ygfToal9bDlgw5_XiLTB%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D0gHNgvM3SWmI4aTxexdMGh&sc=1&cookie_enabled=1&abxe=1&dt=1655221747447&lmt=1655221694&dlt=1655221747000&idt=417&biw=1600&bih=1200&adxs=0&adys=76&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x250&msz=1600x0&fws=4&ohw=1600&ga_vid=1789918536.1655221747&ga_sid=1655221747&ga_hid=1539983695&ga_fc=false&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
512b43de4d19dff885bc55bd40b41522cf043b5560f256bcc32ed96c92e9e977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10040
x-xss-protection
0
google-lineitem-id
5874317211
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138387287604
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6BFE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 15:49:07 GMT
expires
Wed, 14 Jun 2023 15:49:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
0
cache-control
max-age=30
content-length
0
date
Tue, 14 Jun 2022 15:49:07 GMT
samizdat-x-canary
false
samizdat-x-instance
b5b10ad0
server
samizdat-graphql-ac8db6c
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
667e8e8d79f2ce6b-3aa8fddedd7c4cb0-1
x-cache
HIT
x-cache-hits
2
x-datadog-trace-id
667e8e8d79f2ce6b-3aa8fddedd7c4cb0-1
x-nyt-audience-target-flat
EU:PM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
PM
x-nyt-region
NW
x-samizdat-query-exe-id
880e903e7cb50007
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4039-HHN
x-timer
S1655221748.680205,VS0,VE1
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
1
cache-control
max-age=30
content-length
0
date
Tue, 14 Jun 2022 15:49:07 GMT
samizdat-x-canary
false
samizdat-x-instance
b5b10ad0
server
samizdat-graphql-ac8db6c
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
667e8e8d79f2ce6b-3aa8fddedd7c4cb0-1
x-cache
HIT
x-cache-hits
3
x-datadog-trace-id
667e8e8d79f2ce6b-3aa8fddedd7c4cb0-1
x-nyt-audience-target-flat
EU:PM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
PM
x-nyt-region
NW
x-samizdat-query-exe-id
b6036676003cf81b
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4039-HHN
x-timer
S1655221748.790758,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
1
cache-control
max-age=30
content-length
0
date
Tue, 14 Jun 2022 15:49:07 GMT
samizdat-x-canary
false
samizdat-x-instance
b5b10ad0
server
samizdat-graphql-ac8db6c
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
667e8e8d79f2ce6b-3aa8fddedd7c4cb0-1
x-cache
HIT
x-cache-hits
4
x-datadog-trace-id
667e8e8d79f2ce6b-3aa8fddedd7c4cb0-1
x-nyt-audience-target-flat
EU:PM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-meridiem
PM
x-nyt-region
NW
x-samizdat-query-exe-id
ae979ef2cc1258fe
x-samizdat-query-field-errors
0
x-served-by
cache-hhn4039-HHN
x-timer
S1655221748.819607,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ 		104 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
52ffb82933a795a1-33be181e43ccb77e-1
x-cache
MISS
samizdat-x-instance
b076bd5e
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
5d5d1c0ed3c148ac
via
1.1 google, 1.1 varnish
samizdat-x-canary
false
x-nyt-region
NW
server
samizdat-graphql-ac8db6c
x-timer
S1655221748.689031,VS0,VE101
x-nyt-continent
EU
x-served-by
cache-hhn4057-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-audience-target-flat
EU:PM
cache-control
private, no-store
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
52ffb82933a795a1-33be181e43ccb77e-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
meter.js
meter-svc.nytimes.com/ 		638 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&referer=https%3A%2F%2Ft.co%2F&pageviewID=1Kf6ygfToal9bDlgw5_XiLTB
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.35.241.35.bc.googleusercontent.com
Software
/
Resource Hash
ccf8f45ae31db79f524df4cf6623816dd643847e7b2f7eb744aa7ff2d9c56076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
via
1.1 google
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
Set-Cookie
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
638
v2
samizdat-graphql.nytimes.com/graphql/ 		62 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
32d47f02718c916c-10e74c0f59226789-1
age
0
x-cache
MISS
samizdat-x-instance
b076bd5e
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
21b11cde20b7af44
content-length
77
samizdat-x-canary
false
x-nyt-continent
EU
server
samizdat-graphql-ac8db6c
x-timer
S1655221748.799692,VS0,VE99
x-nyt-region
NW
x-served-by
cache-hhn4057-HHN
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:PM
cache-control
max-age=30
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
32d47f02718c916c-10e74c0f59226789-1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
v2
samizdat-graphql.nytimes.com/graphql/ 		43 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-ac8db6c /
Resource Hash
c468f68b02f140930dae78c628db4af7d373a340fb50c33739d95d8e31895ae3

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

x-samizdat-query-sup-code
date
Tue, 14 Jun 2022 15:49:07 GMT
content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
2ecc1f5dda143008-52f5ce18a91dea68-1
access-control-allow-origin
https://www.nytimes.com
x-cache
MISS
samizdat-x-instance
6b636c73
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
fea683f9eb7da009
samizdat-x-canary
false
x-nyt-continent
EU
last-modified
Tue, 14 Jun 2022 15:49:07 GMT
server
samizdat-graphql-ac8db6c
x-timer
S1655221748.828520,VS0,VE159
x-nyt-region
NW
x-served-by
cache-hhn4057-HHN
vary
Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:PM
cache-control
private, no-store
access-control-allow-credentials
true
x-nyt-country
DE
x-datadog-trace-id
2ecc1f5dda143008-52f5ce18a91dea68-1
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
comments-6827a74a8bc30fa6406a.js
www.nytimes.com/vi-assets/static-assets/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/comments-6827a74a8bc30fa6406a.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
66787a9a5da5ff7866e357d11259ac4346af3ac439c1d9b93abc6b011303c318
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
91207
x-guploader-uploadid
ADPycduTvfIUBgIXX1E3rBaLEBkuFVdRiXWxdThD1hNUfB7vOwm8H4gL0XzAQQp8RjRb5KVPDYNX69PtWjHhjgDjHH3Tyw
x-goog-stored-content-encoding
identity
x-origin-time
2022-06-13 14:29:00 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221748.828968,VS0,VE1
etag
"13f83685ae357f1c27e16362dc70e57e"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-6827a74a8bc30fa6406a.js
content-type
application/javascript
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
2229
date
Tue, 14 Jun 2022 15:49:07 GMT
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
15168
last-modified
Mon, 13 Jun 2022 14:26:54 GMT
server
UploadServer
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-goog-hash
crc32c=fDK8lA==, md5=E/g2ha41fxwn4WNi3HDlfg==
x-goog-generation
1655130414224730
expires
Tue, 13 Jun 2023 14:29:00 GMT
x-gdpr
1
x-goog-stored-content-length
51638
accept-ranges
bytes
data-layer
a.nytimes.com/svc/nyt/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&caller_id=nyt-vi&jkcb=1655221747842&referrer=https%3A%2F%2Ft.co%2F&sourceApp=nyt-vi
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-181-173.compute-1.amazonaws.com
Software
envoy /
Resource Hash
f8a441a81425af322de7a248850c416984ad3ede09f0675f4bac0cce49810933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
4758a07a8defdf8fdf7eb7f8b5705eeb
cache-control
private
access-control-allow-credentials
true
x-envoy-upstream-service-time
30
access-control-allow-headers
Content-Type, x-requested-by
expires
Tue, 14 Jun 2022 15:49:08 GMT
purr-cache
purr.nytimes.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:07 GMT
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
4937c771f8ea8ac2322248d891707dcb
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Tue, 14 Jun 2022 15:49:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		412 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1621678851978654&correlator=2474760023594449&eid=31067816%2C31067168%2C44752586%2C42531606%2C31067488&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Chealth&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&ifi=2&adks=2575660191&didk=2459026112&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D840&cust_params=als_test_clientside%3Dweb_none_high_20220614154907%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1655220190519%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Delilillyandcompany%252Cfoodanddrugadministration%26des%3Dyourfeedscience%252Calopeciaareata%26auth%3Dginakolata%26coll%3Dhealth%252Camp%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dhealth%26si_section%3Dhealth%26id%3D100000008394766%26pt%3Dnt1%252Cnt10%252Cnt14%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt7%252Cnt9%252Cpt13%252Cpt15%26gscat%3Dgs_health%252Cneg_citi_aa%252Cgs_health_specialities%252Cneg_mastercard%252Cgs_health_derma%252Cneg_bofa%252Cneg_capitalone%252Cneg_ibmtest%252Cgs_fashion%252Cneg_hearts%252Cgs_health_misc%252Cneg_fcli%252Cgs_health_musculoskeletal%252Cgv_safe%252Cgs_t%26is_viral%3Dhigh%26tt%3D27%252C79%252C318%26mt%3DMT6%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D1%26page_view_id%3D1Kf6ygfToal9bDlgw5_XiLTB%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D0gHNgvM3SWmI4aTxexdMGh%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1655221748081&lmt=1655221694&dlt=1655221747000&idt=417&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1789918536.1655221747&ga_sid=1655221747&ga_hid=1539983695&ga_fc=false&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
c6bbe74bfedd3197e14660b61e116dbe7e171dcb2c821dfd41d6fd91f114e76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
213
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
merlin_208496568_f4a2e7ee-1889-47c3-b23b-43d1c6f9942e-superJumbo.jpg
static01.nyt.com/images/2022/06/13/science/13alopecia2/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2022/06/13/science/13alopecia2/merlin_208496568_f4a2e7ee-1889-47c3-b23b-43d1c6f9942e-superJumbo.jpg?quality=75&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3962ae8f930422b5460501e7aa49ce92f8abfc1b588ee07a95ecd526216951bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
via
1.1 varnish, 1.1 varnish
age
71754
x-guploader-uploadid
ADPycdtP_sU4WNK0S1bSt1F_-6XIsgzVjqI1VPndmzPnolcQYjGR1-09ZkzOR1dZQk-fVPBTxcp82QTHcOxABGId09ZvyA
x-cache
HIT, HIT
fastly-io-info
ifsz=271454 idim=2048x929 ifmt=jpeg ofsz=89484 odim=2048x929 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
fastly-stats
io=1
content-length
89484
x-served-by
cache-iad-kcgs7200157-IAD, cache-hhn4057-HHN
server
UploadServer
x-timer
S1655221748.096606,VS0,VE1
etag
"398m9ZTyxzyQfhNSNmK1TEa5TWrMzjV7cqnuivZ9jsU"
vary
Accept
x-goog-hash
crc32c=dfJolg==, md5=0xL5aA5kygCB3JZXBtTDDQ==
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 13 Jun 2022 19:53:14 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
container.html
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 15:49:07 GMT
expires
Wed, 14 Jun 2023 15:49:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BD14 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459783&publicationId=nytimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
600147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Jun 2023 17:06:41 GMT
m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ghd-F4d9UH0.L.B1... Frame BD14 		129 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ghd-F4d9UH0.L.B1.O/am=MQAg/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4tPwE5nNZhh6rKzMSANe-btTYung/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
357f254831a4fce17b7bbd40d5e4108c172a26b8e0b92dd369886404cd204bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44225
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 01:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 20:15:44 GMT
/
dd.nytimes.com/js/ 		232 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-30.fra53.r.cloudfront.net
Software
DataDome /
Resource Hash
8ad973399e73715bc9ba12b1ce1799200494829cfdf85355c26083e19b199166

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
server
DataDome
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
232
x-amz-cf-id
QAq1trwaFb2WKGVUX5QYvTyuRM0LBRSw16KhFyO0qi4oMsOH0eQZnw==
expires
0
/
mwcm.nytimes.com/capi/metered_assets/ 		19 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?smid=tw-nytimes&smtyp=cur&plat=web&mc=1&mr=0&ma=1&counted=true&granted=true&us=anon&context-type=&areas=barOne&areas=truncator&areas=inlineUnit
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-34e8fcf7dcb74a171241.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
582e67e05045637ec690eafa3fb041e13085aec2413c6bd3878a20aa3960dfcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
access-control-allow-origin
https://www.nytimes.com
x-cache
MISS
x-envoy-upstream-service-time
167
x-served-by
cache-hhn4057-HHN
expires
Tue, 14 Jun 2022 15:49:08 GMT
server
envoy
x-cmots-campaign-names
{"barOne":"MAG_web_nonsub_all_monthly-sale","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer
S1655221748.303653,VS0,VE262
vary
x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 varnish
x-cloud-trace-context
8fa5482bc9f783f441d63ec115ac628f
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-muassets
accept-ranges
bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FB36 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
URL: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Jun 2023 06:30:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB36 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
URL: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655121705858007"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 15:49:09 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
862
date
Tue, 14 Jun 2022 15:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 14 Jun 2022 17:34:46 GMT
activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fh...
5290727.fls.doubleclick.net/ Frame 8CB0
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2F...
616 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
519edd34769f517c65562ac3e600616c95e7121a0d736242a1eff9b943866036
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
399
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 15:49:08 GMT
expires
Tue, 14 Jun 2022 15:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 15:49:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
chartbeat.js
static.chartbeat.com/js/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: t.co
URL: https://t.co/zxfmWCsdlh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 14:10:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 02:06:17 GMT
server
nginx
age
5896
etag
W/"62981b19-9081"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
EWHG9w2UvcgmL-TYak5kZgcvlxIAfChB9Nwm5fA3MN5YeHrHAy_JNg==
expires
Tue, 14 Jun 2022 16:10:52 GMT
show-ads.js
a1.nyt.com/analytics/ 		45 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: t.co
URL: https://t.co/zxfmWCsdlh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
content-type
application/javascript
age
48817
x-guploader-uploadid
ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
65
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
accept-ranges
bytes
expires
Mon, 23 Aug 2021 07:13:52 GMT
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1655221748.403284,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1608239975905841
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
45
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
2275
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=842557001
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ghd-F4d9UH0.L.B1... Frame BD14 		1 KB
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ghd-F4d9UH0.L.B1.O/am=MQAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4tPwE5nNZhh6rKzMSANe-btTYung/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f1e48f808f07b9c49500cde59c3d6e41e9731fa764a9239649f6008ad4daf26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
688
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 01:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 20:15:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4MKGNYnxsmJDPq_7eem9J9A88CiappObJN9UMpUBLhGJA9OGl_xSCVVzGT2bDoToPVxp98VpaxDD1Hd0AkcGoJ1RZZ-sVSZYjJgX4CM3ep3uD7rRLs4jw9Dj4LjlMweC-TC5ZDVl-jIliddhEM5vxjEiAv7nMzcY6qsvBqAJj0ggYx8wB1dyw-yhBIEWSo46e7nsW8MpNAzXYHBbCTfu8awfwPYEEcKW-4Gvs6mGtcVL110RrcN58m1-3K5mVWsTl-z19AoZWLHAHmbe7IkegrsI5WXuD7zFpNd7vwlV-8oycrtc0_CPKLE7ge8MAXqiOv9lVJZxhsO8nLNy2QlukgLYUh2MlqX0&sai=AMfl-YTaKMKffdX7HKGYxKL2dLx64DJu9Q2Bzj0Od_OBdbVfD5pnybZ3XG9oAfwSrrJQcKq_zjMykQO6-NH1IdkhHRwAYVM5corPhNaWhxubpTpnSyO9_BMKVMC2tQP_w4RI&sig=Cg0ArKJSzJ9wqC6kznaLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
URL: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Jun 2022 15:49:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
flex
www.nytimes.com/subscription/ads/MON-373072-INYT-April-2022/ Frame 5D51 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/subscription/ads/MON-373072-INYT-April-2022/flex
Requested by
Host: c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
URL: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2f3cbc6f586b4c8c94e93c787b07e3a462f93407b0a8d61dd5132f88042516bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
age
435
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1106
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html;charset=UTF-8
date
Tue, 14 Jun 2022 15:49:08 GMT
expires
0
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-373072-INYT-April-2022/flex
pragma
no-cache
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding,x-nyt-country, x-nyt-continent, X-NYT-Currency, Fastly-SSL
x-api-version
F-X
x-cache
HIT
x-cache-hits
5
x-envoy-upstream-service-time
20
x-gdpr
1
x-magnolia-vary
x-nyt-country, x-nyt-continent, X-NYT-Currency
x-nyt-app-webview
0
x-nyt-edge-cache
HIT
x-nyt-route
mwcm-banner-ads
x-origin-time
2022-06-14 15:41:53 UTC
x-served-by
cache-hhn4057-HHN
x-timer
S1655221748.419612,VS0,VE1
B27033638.325107308;dc_pre=CJ6O3cKlrfgCFQjzdwodyMoEww;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame FB36
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CJ6O3cKlrfgCFQjzdwodyMoEww;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_r...
14 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CJ6O3cKlrfgCFQjzdwodyMoEww;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
URL: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
8cc3d3a654a9213d135840165eeaca5af27226e5f0b129b0c98bd52dc21178a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10726
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CJ6O3cKlrfgCFQjzdwodyMoEww;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame BD14 		437 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=5915933066169518368&bl=boq_subscribewithgoogleclientserver_20220612.16_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=56949&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
603f09a8999c7d7bbcb7e7be1a162317c9f83528ce3473b38f0692c96c30d834
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1539983695&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=F.D.A.%20Approves%20Alopecia%20Drug%20That%20Restores%20Hair%20Growth%20in%20Many%20Patients%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=cur&cs=tw-nytimes&cm=social&cc=&_u=YAhAAEABAAAAAC~&jid=1012499214&gjid=1357648075&cid=1789918536.1655221747&tid=UA-58630905-2&_gid=160185660.1655221748&_r=1&gtm=2wg6d0P528B3&cg1=health&cg2=null&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&cd3=%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&cd4=Health&cd9=9&cd10=tw-nytimes&cd13=twitter&cd14=science_desk&cd15=owned&cd16=social&cd17=100000008394766&cd18=Gina%20Kolata&cd19=F.D.A.%20Approves%20Alopecia%20Drug%20That%20Restores%20Hair%20Growth%20in%20Many%20Patients&cd20=&cd21=Article&cd23=Health&cd26=2022&cd27=2022-06-13-15&cd28=Monday&cd29=15&cd30=1655216573257&cd32=Health%2Camp&cd33=SECTION%2CSYNDICATED&cd34=NEWS&cd36=13alopecia&cd37=1145&cd38=Science&cd42=nyt-vi&cd43=your-feed-science%2CAlopecia%20Areata&cd44=Eli%20Lilly%20and%20Company%2CFood%20and%20Drug%20Administration&cd48=June&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Science&cd54=science_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=0gHNgvM3SWmI4aTxexdMGh&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=0gHNgvM3SWmI4aTxexdMGh&z=1977279343
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
main_flex.css
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/css/ Frame 5D51 		191 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/css/main_flex.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-373072-INYT-April-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
75d32980d33cc4c724a7281e2c490968fc2e4bd09219ad925ac1bb561947d3b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
age
57436
x-cache
HIT
x-envoy-upstream-service-time
9
content-length
20658
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
last-modified
Fri, 01 Apr 2022 16:07:13 GMT
server
envoy
x-timer
S1655221748.457915,VS0,VE0
x-origin-server
mwcm-pub-est04.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
260
wordmark-Master-large-optimised-BLK.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/images/ Frame 5D51 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/images/wordmark-Master-large-optimised-BLK.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-373072-INYT-April-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57c4e9c3b00e2ab7b4320be10f61cf71f34131de582759ce746fbf0d728b30a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
578350
x-cache
HIT
content-length
2330
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
last-modified
Fri, 01 Apr 2022 16:05:16 GMT
server
nginx
x-timer
S1655221748.457908,VS0,VE0
x-origin-server
mwcm-pub-est01.prd.iad1.nyt.net
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
3713
2Euro_Strike.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/images/ Frame 5D51 		1 KB
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/images/2Euro_Strike.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-373072-INYT-April-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
92a76cac3a3fb15c24c3de481254af320cfb87e746cc66905399b42d150ed094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
age
60539
x-cache
HIT
x-envoy-upstream-service-time
5
content-length
776
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
last-modified
Fri, 01 Apr 2022 16:05:16 GMT
server
envoy
x-timer
S1655221748.485200,VS0,VE0
x-origin-server
mwcm-pub-est08.prd.iad1.nyt.net
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
via
1.1 varnish
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
342
ping
pnytimes.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html&u=EQTumBzqW87DfTEin&d=nytimes.com&g=16698&g0=health%2Cscience_desk&g1=Gina%20Kolata&n=1&f=00001&c=0&x=0&m=0&y=9240&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Ft.co%2F&b=2085&t=BuFO-r5uB0bCsldQ7BtJK2IBptnLN&V=133&i=F.D.A.%20Approves%20Alopecia%20Drug%20That%20Restores%20Hair%20Growth%20in%20Many%20Patients&tz=0&_acct=anon&sn=1&sv=CtTCBxBXe0E8BjLnQYDXF2guCxoc0Z&sr=https%3A%2F%2Ft.co%2F&sd=1&im=06679ef3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.97.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-97-242.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ghd-F4d9UH0.L.B1... Frame BD14 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ghd-F4d9UH0.L.B1.O/am=MQAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,bm51tf,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4tPwE5nNZhh6rKzMSANe-btTYung/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6104464d660e92b0ea49624d94c48ad74a444c3874a16772d0d3669276d70931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7445
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 01:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 20:15:44 GMT
log
play.google.com/ Frame BD14 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 14 Jun 2022 15:49:08 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 14 Jun 2022 15:49:08 GMT
expires
Tue, 14 Jun 2022 15:49:08 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 14 Jun 2022 15:49:08 GMT
expires
Tue, 14 Jun 2022 15:49:08 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame BD14 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 14 Jun 2022 15:49:08 GMT
log
play.google.com/ Frame BD14 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 14 Jun 2022 15:49:08 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 14 Jun 2022 15:49:08 GMT
expires
Tue, 14 Jun 2022 15:49:08 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
cheltenham-normal-200.woff
g1.nyt.com/fonts/family/cheltenham/ Frame 5D51 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
03efc2c33b01f7c7b16a5b6cb06734ee6dcfb42169f6fcbf139e29829e10c8ed

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=Y43oLg==, md5=khTMuz/jAiD+H6ESnBkGrA==
date
Tue, 14 Jun 2022 15:49:08 GMT
via
1.1 varnish
content-type
application/octet-stream
age
1700703
x-guploader-uploadid
ADPycdvn44pkGHQDxhq6ZIUa42mTzFstn1Ke6R1WpuncFkFUnYub0uwnilhPjtEtplmt-fuCEU5Jk7EiaIiuOftyeIH5WQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
35244
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Thu, 25 May 2023 23:24:05 GMT
last-modified
Tue, 03 May 2022 17:15:49 GMT
server
UploadServer
x-timer
S1655221749.528029,VS0,VE0
etag
"9214ccbb3fe30220fe1fa1129c1906ac"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598149605487
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
35244
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1066
franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ Frame 5D51 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=44i2vg==, md5=oZLbMQk12KiCgy4syD8hGQ==
date
Tue, 14 Jun 2022 15:49:08 GMT
via
1.1 varnish
content-type
application/octet-stream
age
4927896
x-guploader-uploadid
ADPycdvDoF0cTz3QtlLo7YpQ6w6NFOYFRwl3J6SOh6kWJMKui-k-buUyr5iBG9tYBz14GvUVwHSfpu0Fa2VG5Ev26G3HBoBUvgiu
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27688
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Tue, 18 Apr 2023 14:57:32 GMT
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1655221749.528152,VS0,VE0
etag
"a192db310935d8a882832e2cc83f2119"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1631734984103192
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
27688
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
4446
franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ Frame 5D51 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44ce733e1c9cedefd832ff0b571555695fb7f8dbff7a066d3de45c446e44bb45

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=tEQkCg==, md5=QUdY3gmNxkS2iK+gMdNfmw==
date
Tue, 14 Jun 2022 15:49:08 GMT
via
1.1 varnish
content-type
font/woff
age
29087002
x-guploader-uploadid
ADPycdtcX6zdWVtIlrLWXoy3MBMjHzz_Rg_LD0TuoP7aobuyL76Fi93GWjfvkxT2kk8j28PaCgOg-QROUKjiqwObkID-AyCfRg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27196
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Wed, 13 Jul 2022 00:05:44 GMT
last-modified
Tue, 06 Apr 2021 21:11:53 GMT
server
UploadServer
x-timer
S1655221749.528620,VS0,VE0
etag
"414758de098dc644b688afa031d35f9b"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1617743513131086
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
27196
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
5813
cheltenham-normal-300.woff
g1.nyt.com/fonts/family/cheltenham/ Frame 5D51 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-373072-INYT-April-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash
crc32c=b2NKXw==, md5=gst5XYxXu+Nn0P++uojrUw==
date
Tue, 14 Jun 2022 15:49:08 GMT
via
1.1 varnish
content-type
application/octet-stream
age
3085255
x-guploader-uploadid
ADPycdviWCYXqtHmRe4IHUM-JTMyja1RsZEFOL_mpKDJA_iOp45doOVQCgPkj_RwYP6mHgI6QpH_u8c6jESxixrCjiHS4w
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
35940
x-served-by
cache-hhn4046-HHN
accept-ranges
bytes
expires
Tue, 09 May 2023 22:48:12 GMT
last-modified
Tue, 03 May 2022 17:15:49 GMT
server
UploadServer
x-timer
S1655221749.534402,VS0,VE0
etag
"82cb795d8c57bbe367d0ffbeba88eb53"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1651598149678277
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
35940
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
8404
log
play.google.com/ Frame BD14 		131 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5Y1MuL6gcEc.es5.O/am=MQAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI62J2mp-pkdYNOFzZ-in9vpsl1j4A/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 14 Jun 2022 15:49:08 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 14 Jun 2022 15:49:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FB36 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=1485042004;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 19:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 19:13:50 GMT
dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved...
adservice.google.com/ddm/fls/z/ Frame 8CB0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJXk28KlrfgCFTZCHQkdWUsL-g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9243975004173;gtm=2wg6d0;auiddc=1624394915.1655221748;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5290727.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1539983695&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=F.D.A.%20Approves%20Alopecia%20Drug%20That%20Restores%20Hair%20Growth%20in%20Many%20Patients%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=cur&cs=tw-nytimes&cm=social&cc=&ec=dock&ea=impression&el=gdpr&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1789918536.1655221747&tid=UA-58630905-2&_gid=160185660.1655221748&gtm=2wg6d0P528B3&cg1=health&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F06%2F13%2Fhealth%2Falopecia-drug-approved-fda.html%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&cd3=%3Fsmid%3Dtw-nytimes%26smtyp%3Dcur&cd4=Health&cd9=9&cd10=tw-nytimes&cd13=twitter&cd14=science_desk&cd15=owned&cd16=social&cd17=100000008394766&cd18=Gina%20Kolata&cd19=F.D.A.%20Approves%20Alopecia%20Drug%20That%20Restores%20Hair%20Growth%20in%20Many%20Patients&cd20=&cd21=Article&cd23=Health&cd26=2022&cd27=2022-06-13-15&cd28=Monday&cd29=15&cd30=2022-06-14T14%3A22%3A53.257Z&cd32=Health%2Camp&cd33=SECTION%2CSYNDICATED&cd34=NEWS&cd36=13alopecia&cd37=1145&cd38=Science&cd42=nyt-vi&cd43=your-feed-science%2CAlopecia%20Areata&cd44=Eli%20Lilly%20and%20Company%2CFood%20and%20Drug%20Administration&cd48=June&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Science&cd54=science_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=0gHNgvM3SWmI4aTxexdMGh&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=0gHNgvM3SWmI4aTxexdMGh&z=695842089
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Jun 2022 20:48:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68450
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC53 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
235557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 22:23:11 GMT
expires
Sun, 11 Jun 2023 22:23:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame FC53 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 12:29:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
11985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 12:29:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC53 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIKRC9K2oYqyCH5nN7_UP8OGigAMAAAAAOAHgBAI&bg=!7e6l7qrNAAaJfvByqX47ACkAdvg8WlMVJEIhe8d-5l-Kc-MRID7jdwxPEaWXXIFedU7LA-eJQvCTSQIAAABVUgAAAAFoAQeZAudAUSLRkyZkDyPoHOQZkOlTJ4P5KFjSF7gmgkbZyWNIrz-t196PtGKM3Usgp8kBLIAYAbTp8BUE1-Rr_YYUUVtU69WPGYsBCGuXZA2fVXDkqbfvynrpuQC4JPe-VDZaKSaFH_af4G8cg7lxBP57BYTYwyolm7nMlEyu-ArEMdmtqDQtRXMl5lSeo5yKNJCMplcuVjua7PfkDz3FyXf3TR8z4MmmS6lnhKQix72YaWOVv1Kd6So_vjIMDXeRP8MBm9YSV4p2Aq_5PzKIFD8bwORpMbCFvo1kmb7_pQmtQtRb2nvAhjB6ysizwjaf0idJUVKwgwQFFGa9k2ybg5qoXfpbmMXHWwr61ep2rkgbRkKsOlBGpPA-m4ErZp-WsUm2UfxHMAASB4Vh3SKrIl54HusSViAg7adf-u6vPY6CjeI6G61k4qUFsLt-uOj2gNdsQzR8kZLL9L15CGHSnBOdQr3VEDt57Bhx46V9QU4YPCvGq7RWDtx6uNJWzLSB58FO8nfmLlsyLC8kej7NOaUEFkl0LjjwBzeVLDYPygB8uBEvONQEe2hnbTQG-3wUNUeOBG_VYtgPdAbs9zZKoTlr-KafiXAw9brciPZ-NWtO8tyZsD_7xiQ5mzMAfrS6IS_Hkt1AuAr48MeJAyzwyxIPtJtmBRzf7J5YyhkJBb2hWh2D6yARZKUwWrGJu83xhiG3tPcyaCdrtv-IhD7jsxRjdI_8LIwn4Q9N4z8zDa-O344BQ0nSQE7bqTIqledNcz1dYtQeGAxIjbG4a20c1pCKYDuYJRmobZRwOZL4ylHMj1oJwfopvTEPE1CiYBKtyF287pjc3b6UHioEiIG0iCMaQUo9vihMZJBBVHlebtRCorvw7CK4ugy_DiEGRhKf1_RIWOYgXsM6NgPEf8Lbxv9GWLEkOlAdAXIscIqOVUb4fPjHNHsB431mQyUfUpNqhfxIuhOY9ObVvQe7S8N7BA_etdt6swlIGLzLqQ
Requested by
Host: c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
URL: https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLmMx7mYlsvUtbsfYkdVf5BhrRqdIN6qPyA6-fjWWT8v4BkQ90tdlhT1C1Jo5VZVQ6ojo4iqXlkUx0AbAcJuR_xMlOyV-UPAlgImlRq3Y09Gs_TMzA8lCO95-bCOtENmiepSQl2L2PsEzcV6YGODBhgB2BF38WHlLUVnqkB0h3ftBORMWFFj_GZrJkQmN1S8VCMbd3N8WuNxrCLvDGzuyLAHDpya-1T0Y4AgjX1XzmBDYBPHRPiXA6CX-9n6Nn88g8gLc8ZNA12owBk5g4i8u7d9w56fGJE8n3FHFcERMazEww13QVVJ6-_9xc8fNR&sai=AMfl-YRuI7tmlviD47dvsD8K9lcaEqWM9r1W1AiyY2xaGko43-KBgReRq2jOcz1UmZ4-xRuToGYZrTAKEytVro7O_KO_Ju373GnHFhqUDTKCGHauGyv7YfoRk0t1r3rNwK0m&sig=Cg0ArKJSzIR6s-k-TsPoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Jun 2022 15:49:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 14 Jun 2022 15:49:09 GMT
truncated
/ Frame FB36 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03e951eb3f8359688b095995984caf5bdf3dca99ab5d25c250c00c0dbcf02385

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
.status
a.et.nytimes.com// 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com//.status
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept
*/*
Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c78e6d3b998ed0099a984c42400dbce8b15fec687d65aa588de87dc1d1e36780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Jun 2022 15:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10821
x-xss-protection
0
loader.js
platform.iteratehq.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: t.co
URL: https://t.co/zxfmWCsdlh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64aa642326899b3cb49229ca25cc278327d54151a7a54897866323f42ef2bcf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
511
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G04AEA8CMR06RYZZ
x-amz-id-2
pvzmwnkqWLGX5HwdZKp16LGY9u5/xp1w7GF78A84nj4pQtLCvddT68FgC+j+K8KxFiPkJDmBXHA=
last-modified
Mon, 13 Jun 2022 21:11:10 GMT
server
cloudflare
etag
W/"7efa8d3b8e092c6fdf8fcebe207993c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX3G6zvvCU9LWEHzoLGftsEOKPcAos6wSruVdPw%2Bnewg4abXNOXYBqiVW0oYXy6c5ECd%2BXg50WJSVrighi6o1W6%2F0dtwXeC5tFlyzo0%2BluQWM%2Fi77IWiElBgiUU%2FiOdyGt273HfugQ1pB%2FqGfde1dDtuyryT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600
cf-ray
71b436e15ab99150-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 15:49:09 GMT
match-prod-d8cda014060021c37c52.js
platform.iteratehq.com/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/match-prod-d8cda014060021c37c52.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e132fba60b14e081862c737de908dcadbf54157568a789162731530746b5e57
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66792
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
VQK4G01RF9M79VVQ
x-amz-id-2
glCuiTYozRAewhpjHKwfgdx/gF4M5fwALGGoTlGr6cBB6gaqh8Ok7jjvtpCSHIJ58Kx/COeA2d8=
last-modified
Mon, 13 Jun 2022 21:11:04 GMT
server
cloudflare
etag
W/"772e94d72603fe3beb9d28f43470957a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbhcL1o%2FQoL6lXLIh8Z1PQBcSWdENK2%2B2emXEsqG7xW72KR%2B5Vk%2BKuVA3iPh5SGF1xFXbE%2Fbu3CSMqK%2BeoPM2SkrOT6aw3ud8NXpfjeEXXx7mjXuQuJihCyiyEkkD5JRW3Z0nOY9Qvp81%2BgX1d3GHcrw3O8W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
71b436e18f8a9968-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDAD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 15:37:16 GMT
expires
Wed, 14 Jun 2023 15:37:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A888 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d491ae46218ebe5acdc0b3c286d4248e4f3f9f800bc9979e25e7de7d00e7d95
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SmAWKn2LFq40rGXX9XTZJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-SmAWKn2LFq40rGXX9XTZJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 15:49:10 GMT
expires
Tue, 14 Jun 2022 15:49:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
pagead2.googlesyndication.com/bg/ Frame EDAD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 14:23:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
5111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 14:23:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A888 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=1621678851978654&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
embed
iteratehq.com/api/v1/surveys/ 		298 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-d8cda014060021c37c52.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02f87f4291e3d37c53043865e18e842a9653e85d10ab892b7b241abfe0aa31d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type
application/json

Response headers

date
Tue, 14 Jun 2022 15:49:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKkT2ylIq1aXuiqq2t%2BugdTLmf4IZg3YTktMIHe4QaUL4itAix4wy5oM2SHLI%2FYGQTcQGEXFVV3NoSm1IsWYC89BojKKn1FVc7lT2aZAQnee%2BELtDVfwSSlVW%2FW4UcYolQYqrtFoOaspRS2A"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=0; includeSubDomains
cf-ray
71b436e32c8d9bcb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed
iteratehq.com/api/v1/surveys/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71b436e25fbd914a-FRA
content-length
0
date
Tue, 14 Jun 2022 15:49:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lTx2aE8Ks4KCaty3w5aN9efjeHKWRXwdgMN%2BTOqLdCpmOr%2F0bwXIV%2FGc9k%2Fh0utaTVvb%2F%2BiP0QtkTCghMKNT5h%2FGLx6pH0t1svdg7RetEb3TCcRD7W6RljGjBiraf0htB1rjXl7sILB%2B83I"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
generate_204
tpc.googlesyndication.com/ Frame EDAD 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Y2KPhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 15:49:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=1621678851978654&bg=!5eal5qLNAAaJfvByqX47ACkAdvg8WisXrjWJKK9dxsEKwNIZlZMtzVnNbaTlmPFKPhZNjIL8qMVCuQIAAABWUgAAAAJoAQcKAIxUofsJUCf77oTE0acMBRFDFWDZ2Y8QJcGhDahcyCj9Ym34BKcBpnvarEApGbtad5uNzJKh2ayYX3yWCAkhoBHzRl4FTsfrwOjDsiDTOLhB8EBwfa5Ts7pxB0bZPny_Sz4nVPjr950w9TK-onrQVhY5X0Ebzc_j863R0tOSW8gVcjYX3bo1nAIw04Bwq5kCltzKsRPbQ3DkxgbYkyctk87I-uHwD8AEBzRMthIT7Fcol0Dz-p_9-GF1_7MUyd4aWDyPUHV63G0Vp1Dd5eUsN_ehRGwzbqL03Y83tTU7NAyGDbM3lo1EKmkEJUIj31bo3JzCDQhBDFQVS_OWLzaKs_d5Yng1AKxaF49OSxrgKWNJbEYKDpU_Xiys_LWS-_A5nHpQNbYhAMskgvvj06a3O_iL9C5Y5OIUroJjJ6FruCOq4yVdqfdopQ-C9Gd4LUe5oZ5oyZy_OnZy-xe29zt8FmCyv5hy2axJY9JNoDImg-mS9b7zlILyQirdQi42up2oOZqWqKqKZ5uF563oHse-0MhDprKJqJLRkyUkqcJjgxaJCWPG96eF-3nlcEVSSpngU2FSYIew9Y8zTyVAc0fOyu_dizmXk44mWfm3KT_811h0N_JqIrGuJa2wnocQRFVnF4yU4KGYWUqi7N620KKjsxPXmbuS1lImhHabcVaOo0931gBsGkFHl_Xa4s2gKXsLtGishoxqKRqLEkc5k6Yi_ZfzDNKoKKr-_7yyCQTlnKBAnXT9yOUae1vRSWK_1G58317m_2CJYiI8tXspR-rG3CmhQNiTVM_DDTn3G-dJdrq9MrQ_0lCh2A56amVZNgh1K3_34XNDHu3-DLZBBAwhP1sZqgBZe1PTFTZsMjPLzv3uMAMgecqHW-LuUK9OBvTOmH7r-ZmLr8_T6y2oEDXlfGTwZ-MYAc2Nkl1YHSSOMPJcnqFZguEMQeMups4kMzKokDPr6KbpMYydBDdKQ85Wf-62sbAnISRc6HxMbbjOwMKYFSLFSdKS-9d-2_ffvzfkxw5szkRZC0nMTHLY-rXJDDcd3rjZzGyjEoH-VEiEXpFwBawlv-n2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame FB36 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNYVObbi3vtDB4c-5_6aFBfR5HGxOa5eGNTllNs4-GnTsDEmrgp2YTBGHhYT75FZw0wT4OBUEnAPWVJmTSwYfDcVucckqUungu64jEvSjoII44SkE7&sig=Cg0ArKJSzLfD4l3RoRjTEAE&id=lidar2&mcvt=1000&p=93,0,367,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3934037196&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655221748165&rpt=1749&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 15:49:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html?smid=tw-nytimes&smtyp=cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| event object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge boolean| SwGEntitlement function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 string| sov object| AdSlot object| __preloadedData object| ggeac object| google_tag_data object| google_js_reporting_queue object| UrlCache object| SUBSCRIPTIONS object| SWG object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ object| google_tag_manager object| nytAnalytics string| ddjskey object| ddoptions undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| sprintf function| vsprintf object| meter boolean| NYT_VI_RENDERED string| ASSETTYPE boolean| initialDeviceTypeResizeCallback object| ampInaboxIframes object| ampInaboxPendingMessages function| _0xea207f object| _0x3eebca function| _0x2a7c object| _0x41cf3c object| _0x221b2f object| _0x5732ad object| _0x1ee0e8 object| _0x374161 object| _0x4403ef function| _0x5410 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| AIQ_DATA boolean| notprod string| GoogleAnalyticsObject function| ga object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| gaplugins object| gaData boolean| adBlockDetected object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType object| params object| GoogleGcLKhOms undefined| Raven object| google_image_requests

31 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 5a769dd0-6128-429f-a2f0-4e0d91d581c0
.nyti.ms/ Name: _bit
Value: m5efN6-a600d8c585b4066f20-00Y
.nytimes.com/ Name: nyt-a
Value: 0gHNgvM3SWmI4aTxexdMGh
.nytimes.com/ Name: nyt-gdpr
Value: 1
.nytimes.com/ Name: nyt-purr
Value: cfhspnahhudn
.nytimes.com/ Name: nyt-us
Value: 0
.nytimes.com/ Name: nyt-geo
Value: DE
.nytimes.com/ Name: nyt-b3-traceid
Value: 49b33f61e5ee4519aa0797f2ab8279b5
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1655221747142|0gHNgvM3SWmI4aTxexdMGh|1655221747142
.et.nytimes.com/ Name: et-ppvid
Value: https://www.nytimes.com/2022/06/13/health/alopecia-drug-approved-fda.html=1Kf6ygfToal9bDlgw5_XiLTB
.google.com/ Name: NID
Value: 511=u4oETUvTHsYw5vcUOpoLFTIpPTKivD90vInkfaYOIV6lCkbmCoKN_tbT_hvR_Kd3S2SGCWrHKOeUpn_BQ-NRvxcxucHuxD4gBVAw8Zinme2F-K4Gof20hChCqWWdBiTEOjmnvv5igna-nkizL5TnC2m8sPuv8GMRKDSMntSIDb4
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0
.nytimes.com/ Name: nyt-m
Value: F96BC12901495FA8280A8D7F736EBB0F&vp=i.0&igd=i.0&iir=i.0&e=i.1656662400&rc=i.0&igu=i.1&v=i.1&er=i.1655221747&pr=l.4.0.0.0.0&ifv=i.0&imv=i.1&t=i.1&cav=i.1&s=s.core&uuid=s.f8651b00-5904-4bc9-9a16-765f63c1f25e&imu=i.1&ica=i.0&iue=i.0&iub=i.0&iga=i.0&ird=i.0&l=l.1.1290262934&iru=i.1&ira=i.0&vr=l.4.0.0.0.0&ft=i.0&n=i.2&g=i.0&fv=i.0&prt=i.0&ier=i.0&igf=i.0
.doubleclick.net/ Name: IDE
Value: AHWqTUm1Wn71NvkrQicucWtlLgLok8ZDlu-2tIQ5LlGu2YPqRMKOuc1jVrJfCwVbV74
.nytimes.com/ Name: __gads
Value: ID=cf442513901fdf06-22d00a23b2cd009e:T=1655221747:S=ALNI_Manl98arWl8zM87vsH96m8fYdrkdA
.a.nytimes.com/ Name: jkidd-p
Value: prevPage=&currPage=
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1655221748139&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/ Name: jkidd-s
Value: referrer=https%3A%2F%2Ft.co%2F&landing=&start=1655221748139&isNew=1&pageIndex=1
.nytimes.com/ Name: datadome
Value: .GSHWUaHw66-HBFfyL.BSjZ15R.zHfPCKSRR8U6.s1dgeYre4WM8lt.ZRTpmSSIP5HBW1GWNwaPAFdMJ4qZ~8jzmxof875h.FPAnJjwqWKyxyY_cze0h6lfElWeKjjFu
.nytimes.com/ Name: _gcl_au
Value: 1.1.1624394915.1655221748
.nytimes.com/ Name: walley
Value: GA1.2.1789918536.1655221747
.nytimes.com/ Name: walley_gid
Value: GA1.2.160185660.1655221748
.nytimes.com/ Name: _gat_UA-58630905-2
Value: 1
.nytimes.com/ Name: _cb
Value: EQTumBzqW87DfTEin
.nytimes.com/ Name: _chartbeat2
Value: .1655221748470.1655221748470.1.CtTCBxBXe0E8BjLnQYDXF2guCxoc0Z.1
.nytimes.com/ Name: _cb_svref
Value: https%3A%2F%2Ft.co%2F
.nytimes.com/ Name: nyt-cmots
Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2NTUyMjE3NDgsInNjIjoxNjU1MjIxNzQ4LCJjYSI6MTY1NTIyMTc0OH19fX0=
.nytimes.com/ Name: iter_id
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MmE4YWRmNjY2ZDZjOTAwMDE3OGRkMDAiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjU1MjIxNzUwfQ.FXSQ1CuWwWGLPUjpdEoBXbz8uSTdqFWrdGt3zLVVzvQ

3 Console Messages

Source Level URL
Text
security error URL: https://myaccount.nytimes.com/auth/prefetch-assets
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c59d6a636c5bfd0b8c8f481553969680.safeframe.googlesyndication.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
nyti.ms
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
t.co
tpc.googlesyndication.com
trib.al
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
104.244.42.5
142.250.186.134
143.204.215.30
151.101.1.164
172.217.23.98
2600:9000:2057:8e00:18:1fcd:351:7bc1
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:4001:830::2013
2a06:98c1:3120::3
3.217.69.250
3.94.97.242
35.241.35.241
35.244.188.62
52.207.181.173
52.223.40.198
67.199.248.12
03bf118c08cfb059c85df4e10cfe6428e5e633e4ba476b1abd8a056884bf2e92
03e951eb3f8359688b095995984caf5bdf3dca99ab5d25c250c00c0dbcf02385
03efc2c33b01f7c7b16a5b6cb06734ee6dcfb42169f6fcbf139e29829e10c8ed
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09
0fcec2cb0900bbedf0010a1cd7e66e6cd863d36f6206097d2810a2036cafe96c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386
1d491ae46218ebe5acdc0b3c286d4248e4f3f9f800bc9979e25e7de7d00e7d95
1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
2576cc790941273183052e88bf3060fc1d4460c7fc25ecd259473d15707f05bb
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2f3cbc6f586b4c8c94e93c787b07e3a462f93407b0a8d61dd5132f88042516bd
34b00a09f0db58119a4b4eef9ad6bc9114c0665b5a1fc22884d593a30a2c843d
357f254831a4fce17b7bbd40d5e4108c172a26b8e0b92dd369886404cd204bfb
3962ae8f930422b5460501e7aa49ce92f8abfc1b588ee07a95ecd526216951bd
3a94f1da3143b2f5313a735fec6251738fd911b8bf6e998453b61f8030d3cdd0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ce733e1c9cedefd832ff0b571555695fb7f8dbff7a066d3de45c446e44bb45
46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512b43de4d19dff885bc55bd40b41522cf043b5560f256bcc32ed96c92e9e977
519edd34769f517c65562ac3e600616c95e7121a0d736242a1eff9b943866036
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c4e9c3b00e2ab7b4320be10f61cf71f34131de582759ce746fbf0d728b30a6
582e67e05045637ec690eafa3fb041e13085aec2413c6bd3878a20aa3960dfcb
5a30e0a93378ad4c43c402f2703dd8669375265eede6eb3f3974f55ac2343c41
5f1e48f808f07b9c49500cde59c3d6e41e9731fa764a9239649f6008ad4daf26
603f09a8999c7d7bbcb7e7be1a162317c9f83528ce3473b38f0692c96c30d834
6104464d660e92b0ea49624d94c48ad74a444c3874a16772d0d3669276d70931
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66787a9a5da5ff7866e357d11259ac4346af3ac439c1d9b93abc6b011303c318
689923abc1f31fa49595a39a01daf31ede12944c26a32fd588e037c594948e2a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75d32980d33cc4c724a7281e2c490968fc2e4bd09219ad925ac1bb561947d3b0
7ade0d63de839a8d599ec7c7b550dbd83589a2cf1a02126080953b046e24467c
7e132fba60b14e081862c737de908dcadbf54157568a789162731530746b5e57
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872d9920504bf7d3df13ab8a907db0b07563c5a951e56c46eb9e9b98c8e02061
8994f3cb2bc6dd75c2f0bd67b04968f17415df55f4eae7b9d26e9fb788f55eb4
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8ad973399e73715bc9ba12b1ce1799200494829cfdf85355c26083e19b199166
8cc3d3a654a9213d135840165eeaca5af27226e5f0b129b0c98bd52dc21178a6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcc7809445f9f5bb3319e06e9e8dcde4244bbbbbb3bfb18f8a83a940c60ff14
92a76cac3a3fb15c24c3de481254af320cfb87e746cc66905399b42d150ed094
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
9baae4f16aeec8d6c608031c3f410e54b902ae5820455577cf0031cae6209088
a02f87f4291e3d37c53043865e18e842a9653e85d10ab892b7b241abfe0aa31d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ade179d1e0d2cba2c301ef6a3e9a92dff2bcdf5b64b77d33bc42d83a82d74bdb
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
befbf0f6202f9f489535a148c97f0b132bf221eecc63add620e94ec7bf2dc444
c26d8658199fcd8c06274696a9e0cfa4bb79fcfbbedde0930e93c0daf9405fc8
c468f68b02f140930dae78c628db4af7d373a340fb50c33739d95d8e31895ae3
c64aa642326899b3cb49229ca25cc278327d54151a7a54897866323f42ef2bcf
c6bbe74bfedd3197e14660b61e116dbe7e171dcb2c821dfd41d6fd91f114e76c
c78e6d3b998ed0099a984c42400dbce8b15fec687d65aa588de87dc1d1e36780
cc49996658507fab7a30a2e9cf53cfb8ddd903d86ad652d776fd5fc08e2938f8
ccf8f45ae31db79f524df4cf6623816dd643847e7b2f7eb744aa7ff2d9c56076
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
daf7d49b86563eea41f1e5a1288991818c6c51c2c513754205877b45212605d8
e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
ecde91d8c12af674c6f198b48f55fe2aedfd881ee2f9fd238a489c2b7988266d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8a441a81425af322de7a248850c416984ad3ede09f0675f4bac0cce49810933
f90832f2498fa3f721dbe70e0887cf160cf78e4a7e14efc329863de89bd8dc6a