www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Submission: On July 07 via api (July 7th 2022, 7:31:23 am UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 15 domains to perform 147 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2405.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:400e:810::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
23	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	52.222.236.105 52.222.236.105	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2	52.207.181.173 52.207.181.173	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3 6	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2240:600:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:79b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.203.58.48 34.203.58.48	14618 (AMAZON-AES) (AMAZON-AES)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
147	31

34 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400e:810::2013 (Ireland)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-105.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-181-173.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:79b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.58.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-58-48.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2405 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 9316 a.et.nytimes.com — Cisco Umbrella Rank: 7073 als-svc.nytimes.com — Cisco Umbrella Rank: 12092 myaccount.nytimes.com — Cisco Umbrella Rank: 14191 dd.nytimes.com — Cisco Umbrella Rank: 12267 meter-svc.nytimes.com — Cisco Umbrella Rank: 12788 a.nytimes.com — Cisco Umbrella Rank: 8446 purr.nytimes.com — Cisco Umbrella Rank: 11535 mwcm.nytimes.com — Cisco Umbrella Rank: 12892	1 MB
38	nyt.com g1.nyt.com — Cisco Umbrella Rank: 10798 static01.nyt.com — Cisco Umbrella Rank: 8040 a1.nyt.com — Cisco Umbrella Rank: 9594 mwcm.nyt.com — Cisco Umbrella Rank: 19551	1 MB
19	google.com news.google.com — Cisco Umbrella Rank: 4503 adservice.google.com — Cisco Umbrella Rank: 92 play.google.com — Cisco Umbrella Rank: 46 www.google.com — Cisco Umbrella Rank: 8	102 KB
15	googlesyndication.com bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	87 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 10193 ad.doubleclick.net — Cisco Umbrella Rank: 189	179 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	127 KB
4	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7562 iteratehq.com — Cisco Umbrella Rank: 6648	31 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3262 collector.brandmetrics.com — Cisco Umbrella Rank: 3578	16 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7658	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 594	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1217	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7751	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	105 KB
147	15

	Domain	Requested by
24	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
14	a.et.nytimes.com	www.nytimes.com
11	www.nytimes.com	www.nytimes.com bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
8	mwcm.nyt.com	www.nytimes.com
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
8	samizdat-graphql.nytimes.com	www.nytimes.com static01.nyt.com
7	pagead2.googlesyndication.com	tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
7	play.google.com	www.gstatic.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com www.googletagservices.com
6	tpc.googlesyndication.com	bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
5	static01.nyt.com	www.nytimes.com
4	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.gstatic.com	news.google.com www.gstatic.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	ad.doubleclick.net	1 redirects bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a.nytimes.com	www.nytimes.com mwcm.nyt.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
147	37

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
nyt.qualtrics.com
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
a.nytimes.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Frame ID: B80E1DF14459766171795ED259815489
Requests: 94 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: BA03ED3D858F27A6C819E89BE5A8D11A
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460327&publicationId=nytimes.com
Frame ID: 0B1AAF22FC6D2CEB5F0CA673FB3CF8B0
Requests: 13 HTTP requests in this frame

Frame: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0930C4EE375B8B7923989C0A82CC7220
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html
Frame ID: 3086F58E865DED3DBDA8836D63EF3E53
Requests: 2 HTTP requests in this frame

Frame: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6CB5D9F8301067BE2E0BEF7DBF9BFB6
Requests: 9 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-682179-INYT_EvergreenCore/flex
Frame ID: 9868CCABAAF6064339343329E36BF22A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0807CEB7C6E0FDB8E587B2A9BD445AC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6F99C99390DE8FE7D2F1D5AD99E90A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C9CD25433FC5D03FF765599B64AF451
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html
Frame ID: BCA475D199F6683FE8A01F48625B1D5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

6 Podcasts About the Dark Side of the Internet - The New York TimesThe New York Times: Digital and Home Delivery Subscriptionsplus-iconcheck

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

147
Requests

99 %
HTTPS

60 %
IPv6

15
Domains

37
Subdomains

31
IPs

4
Countries

3298 kB
Transfer

8025 kB
Size

28
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=1281e5fc-d028-11ea-a072-340cee6a52b6&campaignId=9WJRH
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancellation
Title: cancel.

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

URL: http://nyt.qualtrics.com/jfe/form/SV_6xph8FSrgDdOgap?link=DL&mtc=1&src=https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html&agt=A1ALvIWsfURDDvZ60I6p1a&gwlp=2
Title: Tell us why

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html

Request Chain 92

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CM3P1ZKh5vgCFUPBuwgdBdwHdA;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 136

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html

147 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dark-web-podcasts.html Show response
www.nytimes.com/2022/05/24/arts/ 211 KB
66 KB 628ms
500ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

392c78d5eb9c746d7b25ffcc9cf69f4c6ceb214d092cf2d9a50f91e901a38d93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 65373
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 07 Jul 2022 07:31:17 GMT
fastly-restarts: 1
last-modified: Thu, 07 Jul 2022 07:31:16 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/05/24/arts/dark-web-podcasts.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: a18da053136f42a3b4cff0a29c3b4749
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cloud-trace-context: 8be3552a64808589bc508464e1bc1c93/2385388270942144708;o=1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1657179077.645356,VS0,VE5
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Thu, 07 Jul 2022 07:31:16 GMT
x-nyt-edge-cache: MISS-MISS
x-nyt-route: vi-story
x-origin-time: 2022-07-07 07:31:17 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2022-05-25T19:49:36.680Z
x-served-by: cache-lga21962-LGA, cache-fra19161-FRA
x-timer: S1657179077.645356,VS0,VE493
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 70ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 5570357
x-guploader-uploadid: ADPycdtp3zlyaGMN2P4BAxclCfyXuB6ZGUbngiI4XI-StnQTUKe4_0pdwKBamc4qOAlXujd1lYDKsHNHb1XpELDrqDSz6HS1J58y
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10629
via: 1.1 varnish
x-served-by: cache-fra19161-FRA
accept-ranges: bytes
expires: Wed, 03 May 2023 20:12:00 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1657179077.222577,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149653041
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9789
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2429

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 8ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 13358881
x-guploader-uploadid: ADPycdsSoNrnpIIAO3KSlsJB1RKp_ZFzNH7PHrSxlTMXoCOqo0yCW6fud4EEpIwxOtZzlEgB1tma57v5imQVKurCueo
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:18 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179077.160261,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2307
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Wed, 02 Feb 2022 16:43:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1643820183725633
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-a9e6a3ecb1754594c71c.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
8 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-a9e6a3ecb1754594c71c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bfdf97ef9fac3beccaedad6efdfbf3e2fcbf5612ac4d535dbe9eed5779420e3d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 59856
x-guploader-uploadid: ADPycduel_W-UPvVxjo_sPICUx4F5yC0x2eMnyLAqN6hk40B5mP1shHbMZenqtUV1HMZ6P_Voumguxu5EdCfjhjuhs-Taw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 14:53:41 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179077.177637,VS0,VE1
etag: "58a5f685591134976cf55487dd88ce65"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-a9e6a3ecb1754594c71c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1874
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7396
last-modified: Wed, 06 Jul 2022 14:32:19 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=39IXKQ==, md5=WKX2hVkRNJds9VSH3YjOZQ==
x-goog-generation: 1657045303237607
expires: Thu, 06 Jul 2023 14:53:41 GMT
x-gdpr: 1
x-goog-stored-content-length: 21003
accept-ranges: bytes

GET
H2 200 29podcasts-superJumbo.jpg
static01.nyt.com/images/2022/05/29/arts/29podcasts/ 358 KB
359 KB 32ms
20ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/05/29/arts/29podcasts/29podcasts-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9dc060393119417d209cbef98c239cf23ce449e8236d26b46cf2b2d27f3d1d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/webp
age: 239802
x-guploader-uploadid: ADPycdvyjMeEtbTfB35eYNInPVdybiZM_H_Sq6LWVhTmUJ9IEvhndNFzTEaUhgoPYGmpQBDhYzSQ5STBkN8twvci6mX9PrLaPOoX
x-cache: HIT, HIT
fastly-io-info: ifsz=892525 idim=2048x2048 ifmt=jpeg ofsz=366890 odim=2048x2048 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 366890
x-served-by: cache-iad-kcgs7200025-IAD, cache-fra19161-FRA
server: UploadServer
x-timer: S1657179077.266179,VS0,VE3
etag: "WHZ5/Jmx1zJQgskkzIyjMCm8tEdNHr94FuFnO+Ql7zY"
vary: Accept
x-goog-hash: crc32c=1tol3A==, md5=x7WejeR0qQ6FXQk8IYUnOg==
x-goog-generation: 1653404406484920
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 12:54:35 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 892525
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 style.css
static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/ 240 B
572 B 175ms
102ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/style.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e2dc688bd38e8f376361b1da0dbfbf225790269bb9efdce60d5b92d4d5c670ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
content-type: text/css
age: 4
x-guploader-uploadid: ADPycduSWK0nhK4aivTZYy0OeuNv8XtGdJ95H0e2WtCXdH7tMcYKcN98SYZrsM9F1Eq6YwQcsb549siPP_gMx8oTC7HgcXVktwhd
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 177
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000141-IAD, cache-fra19161-FRA
last-modified: Wed, 02 Mar 2022 19:25:23 GMT
server: UploadServer
x-timer: S1657179077.266021,VS0,VE92
etag: "79444193eed5faa1b8ce07e79aabaa2b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=xK4XeA==, md5=eURBk+7V+qG4zgfnmquqKw==
x-goog-generation: 1646249123165606
access-control-allow-origin: *
expires: Tue, 05 Jul 2022 15:58:01 GMT
cache-control: max-age=5
x-goog-stored-content-length: 240
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 build.js Show response
static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/ 496 KB
119 KB 130ms
96ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/build.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 075295faceecadf409a94dc9c2b22298249d9647d60c504bf1622cf5703eff39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
age: 4
x-guploader-uploadid: ADPycduHhSQGbOn3cdb2nP7H3gvB6A2sXG-zLPZbfRJrQWrvoKKz4kZYmEAENHYR-4EggdMIwZCeixRGAKrRBhb49M1a
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
content-length: 121734
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100155-IAD, cache-fra19161-FRA
last-modified: Wed, 02 Mar 2022 19:25:23 GMT
server: UploadServer
x-timer: S1657179077.266187,VS0,VE88
etag: "0f2886d7e6ea01cb6a0a93238d9dd917"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=abN6Xg==, md5=DyiG1+bqActqCpMjjZ3ZFw==
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 21 Jun 2022 09:33:51 GMT
cache-control: max-age=5
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 vendor-6590b33d4cb850db967c.js Show response
www.nytimes.com/vi-assets/static-assets/ 214 KB
64 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1248397
x-guploader-uploadid: ADPycdvtOBkH-JjTMFxCAdROUYsBpzEFYF6A6NC6SAeEaNQfWsuE78xhw-e5ulUJ4mmaHbRSGVQKptLdS2nCvi6aOXCmew
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-22 20:44:40 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179077.255066,VS0,VE1
etag: "b75822cbef7de86ec44450c02f1a5b75"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3025
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 64035
last-modified: Wed, 22 Jun 2022 20:31:02 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Z9tGOA==, md5=t1giy+996G7ERFDALxpbdQ==
x-goog-generation: 1655929861916886
expires: Thu, 22 Jun 2023 20:44:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 219560
accept-ranges: bytes

GET
H2 200 story-037d1a9cd76001bc0a59.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
293 KB 10ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-037d1a9cd76001bc0a59.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f2471a85489ab0a53ccac104ef34b7c11ca0b59e5f4f501e7b261cbc6c82ac17

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 49088
x-guploader-uploadid: ADPycduaUj0u-RZQY1QJTd8DFDlgy1sv-069yHEKRPROEfr434MKiMH5PvCRb1ndkd4mUR2nOjgMOj19_f3kFOPeKiIkvw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 17:53:09 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179077.255051,VS0,VE1
etag: "6fb71c4b704488787476f15fcd2e5131"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-037d1a9cd76001bc0a59.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 186
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 299097
last-modified: Wed, 06 Jul 2022 17:45:15 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=9VQmwg==, md5=b7ccS3BEiHh0dvFfzS5RMQ==
x-goog-generation: 1657129514970275
expires: Thu, 06 Jul 2023 17:53:09 GMT
x-gdpr: 1
x-goog-stored-content-length: 1143752
accept-ranges: bytes

GET
H2 200 main-c5fd1df52ae12b0c7740.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
365 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2bc1132677d2090650fdee3f2d32d194f97cfe66d3d8e094067c4146b6865c3d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 49087
x-guploader-uploadid: ADPycdt0Rjjvqg7Zgw2RRLl2Ip2ola4pN8tjjyPOodiiouE_wYhMpfR0eYMH7o5DqB-aCs25gMOw-qsrHqRzp7ydVk0h
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 17:53:10 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179077.255155,VS0,VE1
etag: "ea84e3afc1053d588b48aca55faf730f"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 686
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 372800
last-modified: Wed, 06 Jul 2022 17:47:34 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=J2uguQ==, md5=6oTjr8EFPViLSKylX69zDw==
x-goog-generation: 1657129654743725
expires: Thu, 06 Jul 2023 17:53:09 GMT
x-gdpr: 1
x-goog-stored-content-length: 1300540
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 389 KB
105 KB 100ms
34ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

085191e8680d60417061da585f73bb335eaf79a08e0fec653ba14c1f8c6fe913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106799
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 79ms
9ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 27
cache-control: max-age=30
content-length: 0
date: Thu, 07 Jul 2022 07:31:17 GMT
samizdat-x-canary: false
samizdat-x-instance: 3d78937a
server: samizdat-graphql-b9e633e
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5cba63f5f0d0ec44-3db1d2c49e046e50-1
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: 5cba63f5f0d0ec44-3db1d2c49e046e50-1
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BB
x-samizdat-query-exe-id: 923d7da724c1e6f8
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19121-FRA
x-timer: S1657179077.315537,VS0,VE1

POST
H2 200 track
a.et.nytimes.com/ 0
0 216ms
125ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
758 B 17ms
15ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 509c4526bc8866e7-91d5d4d995fa8dc-1
age: 16
x-cache: HIT
samizdat-x-instance: 28b08960
x-samizdat-query-field-errors: 0
x-cache-hits: 1
x-samizdat-query-exe-id: dfa2fb3a5e53c009
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-b9e633e
x-timer: S1657179077.332868,VS0,VE1
x-nyt-region: BB
x-served-by: cache-fra19161-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 509c4526bc8866e7-91d5d4d995fa8dc-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
46 KB 99ms
27ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32631137cb18af4b5944c3ff1d0413b357f1ea91b4b0d1c819d3e99db57913f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46002
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 18:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 08:17:19 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 948 B
1 KB 212ms
135ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F61fa3946-a922-5829-b2f9-5a1ac9eb9cf3&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 1275a9bb204dcc911a442a8e938c7c5ae95f8c5cbc634a475ac7122a1bb7d5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 948

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 52ms
22ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 6702159
x-guploader-uploadid: ADPycdslCkX-ykRwNlstBtNVl1g0K0zeH9JvGn8pRHuodjoMmHWLEqiWJ9nrgJAOv4ckjYOJX3ojlQO2nEwOvscoon-XEw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1657179077.304730,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180561781
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19816
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 28925

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 41ms
11ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 6702159
x-guploader-uploadid: ADPycduEtqAI3BIksnb04NCNVhDBaeBU7Z-r9hxl5u1ll7LAAtl2wIBB8vM6JlXaNssSzuyhr1j2gbv_2RZ3LziXjH-6Lb3am3Vo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1657179077.304587,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180610251
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 28913

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 41ms
12ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9702170
x-guploader-uploadid: ADPycdtCqsPnOyDqaY5AVVQFDUtW2hEoiPNf3Sdz27mHUZQ7LcrqJbc2HECo03yFFNZRkcjjM4mGA0B70g9GvXhd2Zk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:28:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1657179077.304578,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 24056

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 43ms
14ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 19984898
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1657179077.304504,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 19483

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 41ms
12ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 23010191
x-guploader-uploadid: ADPycdsE-CaQEzBGz1w0IiKXNYq4w0QMTVURjDXuhbSHJqxrRtu0z4QxRukgZfN-rYYhfPRiwLZOJQaRALIygOJniZU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 13 Oct 2022 23:48:06 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1657179077.304543,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982884098
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12803

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 60ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-a9e6a3ecb1754594c71c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

aee53271c11d3c48817bb0f4f1f5d6f4b2c2fb9c1ce28c848e158095f7238f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27999
x-xss-protection: 0
server: sffe
etag: "1266 / 436 of 1000 / last-modified: 1657145230"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Jul 2022 07:31:17 GMT

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 9ms
8ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9614342
x-guploader-uploadid: ADPycds58qZNM4wO6zEUOdFY1OFY8wCVPYBNlzDei9iLQHGRhrJBQrqhr5fn1GB1OJ3LkHa4rMJY2HKMY2sSfncbR9QzZ7z_IA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:52:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1657179077.386919,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982612741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 21273

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 14ms
13ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 19987629
x-guploader-uploadid: ADPycdujO_lEKeKnl2kv2kfTdn-yFlbu_HRTBBnw3dPqmkA8asN5-R_Yx_Hnv6mzAXfXWOpkCfRb_9CsWoSF5H_YQH4ZPLv3Sw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 17 Nov 2022 23:24:07 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1657179077.387213,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 22626

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 13ms
12ms Font
font/woff2 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: font/woff2
age: 2356376
x-guploader-uploadid: ABg5-Uz3hE8t7c7KmBAPaa9SFjDOLTRqROzLa__9wr3zN8V5NVQVhY3Y8FLTTFTOPGqoE8SQ-1jh0U4weO-DT15uiEzm9-uuSA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:58:17 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1657179077.387196,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513818473
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 28638

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 11ms
10ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 6702160
x-guploader-uploadid: ADPycdspT8rIN4vkjGzaGOB5bwEqcGSSBW8RL763kc7zsPM6G7kuF77gAwS-3Ov1nE0VpoWcreDk85YgMgBIjnAknK7nkNmJ7HIG
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1657179077.387154,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180541296
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 26463

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame BA03 393 B
1 KB 41ms
7ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

c9ddd01050c3162ee6185b78d3ee887bba48f34dee1d0107aecc2e9bcb5ac47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35
cache-control: public, max-age=600
content-encoding: gzip
content-length: 276
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 07 Jul 2022 07:31:17 GMT
etag: W/"189-R9SdldbtU+zRNBVgn0TtWfu8TTE"
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-cloud-trace-context: 2f6875ae4d48f1cb91fc335714149214
x-content-type-options: nosniff
x-datadog-parent-id: 1144475566472815988
x-datadog-sampled: 1
x-datadog-sampling-priority: 1
x-datadog-trace-id: 8424821398118027816
x-envoy-upstream-service-time: 5
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-fra19161-FRA

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
22 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 06:45:24 GMT
x-content-type-options: nosniff
age: 2753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:35:24 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 14ms
14ms Other
image/svg+xml 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 06:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:48:30 GMT

GET
H2 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 0B1A 25 KB
9 KB 77ms
77ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=460327&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b6065792014ed67fc67656a46d1a85eff5cf9f0ef8b259cb39db3127e6f9909

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-mOobP54A1DjY0nbzP5DCgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-mOobP54A1DjY0nbzP5DCgA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-mOobP54A1DjY0nbzP5DCgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-mOobP54A1DjY0nbzP5DCgA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Thu, 07 Jul 2022 07:31:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-8b1605872cc2ca531708.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
14 KB 12ms
11ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-8b1605872cc2ca531708.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

26d0730099fa056c49029fa46a2d3a87235ad22739651eee3846a66fa99462fa

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 59856
x-guploader-uploadid: ADPycdsVIEs1r8ACAUDXLoejHbuXdRV9hG-qll2-qfH4Iy0NmIIgVOUTl6UhKn3DFJmT1PTzNx0NjOGaCRL5CI925ciPIiyxlJRg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 14:53:42 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179078.701921,VS0,VE1
etag: "fc3bc2f52639bdf5c76227d49a3a7e1c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-8b1605872cc2ca531708.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1857
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13817
last-modified: Wed, 06 Jul 2022 14:32:21 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=ynP8Cw==, md5=/DvC9SY5vfXHYifUmjp+HA==
x-goog-generation: 1657117941021187
expires: Thu, 06 Jul 2023 14:53:42 GMT
x-gdpr: 1
x-goog-stored-content-length: 44104
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2909428
x-guploader-uploadid: ADPycduYP-ZEbnhok842CZobXl2S7g5AvWoPWGOAkwpDTtWykuiYZXz1KgwlLppxirswxLTOGJ5yaxt_yDdBKDq99oRxfvqgCl6c
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-03 15:20:49 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179078.701905,VS0,VE1
etag: "31ae068f9753c44599fc91cfeeeead54"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2603
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13353
last-modified: Fri, 03 Jun 2022 15:14:32 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=sxH6MA==, md5=Ma4Gj5dTxEWZ/JHP7u6tVA==
x-goog-generation: 1654269272247723
expires: Sat, 03 Jun 2023 15:20:48 GMT
x-gdpr: 1
x-goog-stored-content-length: 68978
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 12ms
12ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1859885
x-guploader-uploadid: ADPycdsxdhqzJpq6_tlpbzhzwcKDOshbx-llb5-w19jt6Xzn2J8ghkG9OIdiH62a0gapGultE4sfoXaaLgFREiG6OL_KsQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-15 18:53:11 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179078.701902,VS0,VE1
etag: "e10a051414b80d3f4e5fcadfc8657375"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2606
date: Thu, 07 Jul 2022 07:31:17 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5017
last-modified: Wed, 15 Jun 2022 18:51:16 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=PVfhtw==, md5=4QoFFBS4DT9OX8rfyGVzdQ==
x-goog-generation: 1655319075953589
expires: Thu, 15 Jun 2023 18:53:11 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 45ms
15ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 06:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Jul 2023 06:18:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
375 B 50ms
22ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
expires: Thu, 07 Jul 2022 07:31:17 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
59 B 67ms
66ms Fetch
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.nytimes.com
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 0B1A 0
27 B 34ms
34ms Other
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-mtCNCuZ7xQN7jnf7ZE_BJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-mtCNCuZ7xQN7jnf7ZE_BJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460327&publicationId=nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
date: Thu, 07 Jul 2022 07:31:17 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-mtCNCuZ7xQN7jnf7ZE_BJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-mtCNCuZ7xQN7jnf7ZE_BJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
109ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
109ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 210 KB
43 KB 109ms
8ms Script
text/javascript 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-105.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

dcd066edb12535f685ada864e87e2ee7ab67a925605eedadfbe4e274887f3d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "348b7-5e1a154db1940-gzip"
age: 1427
x-cache: Hit from cloudfront
content-length: 43851
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 09:25:13 GMT
server: Apache
date: Thu, 07 Jul 2022 07:07:30 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront), 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2, FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 6zExNsqQz94fHIg5zhFjx8o3o4mAO_FKWNoHiV5aL5vn6fi_lEVVJQ==
expires: Thu, 07 Jul 2022 08:07:30 GMT

GET
H2 404 index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame BA03 0
0 9ms
8ms Script
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
via: 1.1 varnish
x-api-version: F-X
age: 0
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 18
content-length: 308
x-served-by: cache-fra19161-FRA
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: text/html; charset=UTF-8
x-cloud-trace-context: 2d8922b5e93d5db6de9b7cc1ce8ce75f
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame BA03 431 KB
143 KB 113ms
112ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=d112e1a

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:17 GMT
content-encoding: gzip
x-api-version: F-X
age: 15
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 4
x-cache-hits: 1
content-length: 146164
x-served-by: cache-fra19161-FRA
server: envoy
etag: "Op9ysw"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 17fe422bde1c18d553a31ca10ac8a302
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 06 Jul 2022 16:26:21 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 0B1A 21 KB
21 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460327&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 06:45:24 GMT
x-content-type-options: nosniff
age: 2753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:35:24 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/am=GQAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5p... Frame 0B1A 167 KB
59 KB 61ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/am=GQAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5pbtwaa2BsL0CxrbcvS_M5liFQ_w/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460327&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5091640ae45c50e6ae0bd44aab47b41b385f9d6df6cf7b2bb53c37cf6311bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 19:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59893
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 23:54:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 19:55:34 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 28
cache-control: max-age=30
content-length: 0
date: Thu, 07 Jul 2022 07:31:18 GMT
samizdat-x-canary: false
samizdat-x-instance: 3d78937a
server: samizdat-graphql-b9e633e
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5cba63f5f0d0ec44-3db1d2c49e046e50-1
x-cache: HIT
x-cache-hits: 2
x-datadog-trace-id: 5cba63f5f0d0ec44-3db1d2c49e046e50-1
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BB
x-samizdat-query-exe-id: 98f9a6e23a53de9e
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19121-FRA
x-timer: S1657179078.083701,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 28
cache-control: max-age=30
content-length: 0
date: Thu, 07 Jul 2022 07:31:18 GMT
samizdat-x-canary: false
samizdat-x-instance: 3d78937a
server: samizdat-graphql-b9e633e
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5cba63f5f0d0ec44-3db1d2c49e046e50-1
x-cache: HIT
x-cache-hits: 3
x-datadog-trace-id: 5cba63f5f0d0ec44-3db1d2c49e046e50-1
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BB
x-samizdat-query-exe-id: 9ebd6e9324ec3946
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19121-FRA
x-timer: S1657179078.123637,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
785 B 108ms
107ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 704ca6ae0cb057e7-73099caa64f17981-1
x-cache: MISS
samizdat-x-instance: dd00ebf4
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 30074b754676661c
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: BB
server: samizdat-graphql-b9e633e
x-timer: S1657179078.091976,VS0,VE101
x-nyt-continent: EU
x-served-by: cache-fra19161-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 704ca6ae0cb057e7-73099caa64f17981-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 649 B
1 KB 343ms
204ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&pageviewID=e6orFq0OUGo6rec5r1HlEdSB
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 8aacead3b96571e7209917f89c2cdf9e35e00f995e6622d8ddc9d2e65a951ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
274 B 117ms
117ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 2f558d97e69f7f84-4fe4eab46cb07dda-1
age: 0
x-cache: MISS
samizdat-x-instance: 8adcbb74
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 1b6f09bb8c0fec09
content-length: 77
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-b9e633e
x-timer: S1657179078.131611,VS0,VE110
x-nyt-region: BB
x-served-by: cache-fra19161-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 2f558d97e69f7f84-4fe4eab46cb07dda-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-2b400f7fd910fd25efcb.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-2b400f7fd910fd25efcb.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7fced283905ba08a854f7176a4c57a89d9359c58c5cda63b062218f87a9f0537

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 59854
x-guploader-uploadid: ADPycdudYReB3AiNRQUKIMAxYsx8dWyvHKpZHASyS0sla2emO28DaHeJVjPZ0IYQiPXjy2XeN19t7CILpUoNQiR62-W3kbZv37nx
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-06 14:53:43 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179078.153038,VS0,VE1
etag: "252169e5e3bd67dd3159e720fea39f4f"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-2b400f7fd910fd25efcb.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1643
date: Thu, 07 Jul 2022 07:31:18 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15168
last-modified: Wed, 06 Jul 2022 14:32:20 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=bqNNnQ==, md5=JSFp5eO9Z90xWecg/qOfTw==
x-goog-generation: 1657045303244299
expires: Thu, 06 Jul 2023 14:53:43 GMT
x-gdpr: 1
x-goog-stored-content-length: 51638
accept-ranges: bytes

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 360ms
133ms XHR
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&caller_id=nyt-vi&jkcb=1657179078167&referrer=&sourceApp=nyt-vi
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 836f5195290d33d1bc922ca3769ee33607fe370377d0f3fe4410b2f4333efc3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 44b503bd5b362bf263aa8319972a2414
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 38
access-control-allow-headers: Content-Type, x-requested-by
expires: Thu, 07 Jul 2022 07:31:18 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 635ms
589ms Fetch
text/html 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: d1399ac08ab593a015537eebaa893951
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 07 Jul 2022 07:31:18 GMT

GET
H2 200 style.css
static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/ 240 B
704 B 124ms
123ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/style.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e2dc688bd38e8f376361b1da0dbfbf225790269bb9efdce60d5b92d4d5c670ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
content-type: text/css
age: 0
x-guploader-uploadid: ADPycduSWK0nhK4aivTZYy0OeuNv8XtGdJ95H0e2WtCXdH7tMcYKcN98SYZrsM9F1Eq6YwQcsb549siPP_gMx8oTC7HgcXVktwhd
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 177
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000141-IAD, cache-fra19161-FRA
last-modified: Wed, 02 Mar 2022 19:25:23 GMT
server: UploadServer
x-timer: S1657179078.413347,VS0,VE117
etag: "79444193eed5faa1b8ce07e79aabaa2b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=xK4XeA==, md5=eURBk+7V+qG4zgfnmquqKw==
x-goog-generation: 1646249123165606
access-control-allow-origin: *
expires: Tue, 05 Jul 2022 15:58:01 GMT
cache-control: max-age=5
x-goog-stored-content-length: 240
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 116ms
116ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 58ms
22ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 160ms
160ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2159372124683055&correlator=2239546099910364&eid=31068337%2C44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Carts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=3503959228&sfv=1-0-38&ecs=20220707&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1366&cust_params=als_test_clientside%3Dweb_none_none_20220707073117%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1657179076777%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dfanningelle%26des%3Dcyberattacksandhackers%252Cmovies%252Cpodcasts%252Cfraudsandswindling%252Ccomputersecurity%26auth%3Demmadibdin%26coll%3Darts%252Ctechnology%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Darts%26si_section%3Darts%26id%3D100000008358786%26pt%3Dnt1%252Cnt10%252Cnt11%252Cnt12%252Cnt15%252Cnt16%252Cnt18%252Cnt20%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt21%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_ms_safe%252Cneg_ibm%252Cneg_capitalone%252Cneg_mastercard%252Cneg_mtb%252Cneg_orep%252Cneg_google%252Cneg_bp%252Cneg_hearts%252Cneg_chanel%252Cgs_tech%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_crime%252Cgs_tech_computing%252Cgs_entertain%252Cneg_bofa%252Cneg_debeer%252Cdashlane%252Cneg_msft%252Cggl_wrk_collab%252Cgs_entertain_movies%252Cgs_tech_social%252Cgs_t%26tt%3D22%26mt%3DMT5%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3De6orFq0OUGo6rec5r1HlEdSB%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DA1ALvIWsfURDDvZ60I6p1a%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1657179078540&lmt=1657179076&dlt=1657179077148&idt=1345&biw=1600&bih=1200&adxs=0&adys=132&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=2125053438.1657179079&ga_sid=1657179079&ga_hid=1539923740&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

365b7ecb5e6767a410385b2b92531d3360f7df30beab4c2668ba3f523fe8040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9928
x-xss-protection: 0
google-lineitem-id: 5874317211
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138396786173
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 427 B
257 B 51ms
50ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2159372124683055&correlator=2239546099910364&eid=31068337%2C44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Carts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&ifi=2&adks=1829455684&sfv=1-0-38&ecs=20220707&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1368&cust_params=als_test_clientside%3Dweb_none_none_20220707073117%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1657179076777%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dfanningelle%26des%3Dcyberattacksandhackers%252Cmovies%252Cpodcasts%252Cfraudsandswindling%252Ccomputersecurity%26auth%3Demmadibdin%26coll%3Darts%252Ctechnology%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Darts%26si_section%3Darts%26id%3D100000008358786%26pt%3Dnt1%252Cnt10%252Cnt11%252Cnt12%252Cnt15%252Cnt16%252Cnt18%252Cnt20%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt21%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_ms_safe%252Cneg_ibm%252Cneg_capitalone%252Cneg_mastercard%252Cneg_mtb%252Cneg_orep%252Cneg_google%252Cneg_bp%252Cneg_hearts%252Cneg_chanel%252Cgs_tech%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_crime%252Cgs_tech_computing%252Cgs_entertain%252Cneg_bofa%252Cneg_debeer%252Cdashlane%252Cneg_msft%252Cggl_wrk_collab%252Cgs_entertain_movies%252Cgs_tech_social%252Cgs_t%26tt%3D22%26mt%3DMT5%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3De6orFq0OUGo6rec5r1HlEdSB%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DA1ALvIWsfURDDvZ60I6p1a%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1657179078547&lmt=1657179076&dlt=1657179077148&idt=1345&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=2125053438.1657179079&ga_sid=1657179079&ga_hid=1539923740&ga_fc=false&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7feda74a9a3bf3637be6edce84a928786e2fef6ff1c691cdb9c9248ba3660a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0930 6 KB
4 KB 117ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:18 GMT
expires: Fri, 07 Jul 2023 07:31:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 114ms
113ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B1A 15 KB
16 KB 57ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460327&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 159193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Jul 2023 11:18:05 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
564 B 30ms
13ms XHR
application/json 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-105.fra56.r.cloudfront.net
Software: DataDome /
Resource Hash: e0e36a172b71990e2d7c52f3cc97fe5ffd3ee9bcc7579febc3635ff931901b2c

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:18 GMT
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: X9GLaeaT0A-7h0PC_99R1eXHvk50jEkgzNPlg9to_kENuQFVziwwMA==
expires: 0

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1... Frame 0B1A 132 KB
44 KB 65ms
15ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1.O/am=GQAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5hjrMytvDqEAAdf65gvDbsNdufuw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/am=GQAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5pbtwaa2BsL0CxrbcvS_M5liFQ_w/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ade716824e2958ce29c33275050bb8526d1961ea2c5111cc46f293c0c5f7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45497
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:16:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 09:21:35 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 55 KB
13 KB 399ms
381ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 916a33c04e52a1ef643b6c012b048a59b412ba760297f2ba4115eb50216da27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-envoy-upstream-service-time: 280
x-served-by: cache-fra19161-FRA
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale_1","gateway":"MAG_web_nonsub_all_monthly-sale_1","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1657179079.763775,VS0,VE375
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-user-status, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 6c41bbc77a6772574fd46467e492c573
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
12ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2554
date: Thu, 07 Jul 2022 06:48:44 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 07 Jul 2022 08:48:44 GMT

GET
H3

200

activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Fa... Show response
5290727.fls.doubleclick.net/ Frame 3086
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2F...

526 B
397 B

60ms
32ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

cafed63e17cc87457089503fb90400d5a0dcb8e7bb204526e1fe4b80eeada31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 372
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:18 GMT
expires: Thu, 07 Jul 2022 07:31:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 25ms
8ms Script
application/x-javascript 2600:9000:2240:600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 05:44:04 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:40:38 GMT
server: nginx
age: 6434
etag: W/"62b51616-9200"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: VZmBmJ7DUFFXsXWxH5YvUR4Dy2ZTTT866t853s29LuN9SIAZ36l7kQ==
expires: Thu, 07 Jul 2022 07:44:04 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
580 B 94ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
content-type: application/javascript
age: 40268
x-guploader-uploadid: ADPycdsGlzOhH_m2LyphPMn6GJaIpiYRji7U66VvBudBoCNwLMK8o0SJFwvVLj2-r0SepiIrpfCun_snBgs3hdsCppTP5nSClg
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-fra19161-FRA
accept-ranges: bytes
expires: Fri, 01 Oct 2021 00:34:40 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1657179079.889321,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1045

POST
H2 200 track
a.et.nytimes.com/ 0
0 128ms
126ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 35ms
14ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8f653cafd04ab5db661928b4c87574e6ef6b02dc3d43217532bbd681269076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 06:37:36 GMT
server: cloudflare
age: 3222
cf-polished: origSize=4800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Layfk8EHrqq7ogE64iiSQgAZ94PvvPV8vvJsF79WkWP%2BAogfGCvAxCSeABvFa%2BmX9wLokcVF2rHU4G8aBAUsWCJ8xym38%2BBwFD8R27oE2dvnp6RogrzupecAAToeeyuHrylz5uE%2F%2FJx9b0rsIWmxwmNs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726ee13aafe391e4-FRA
cf-bgj: minify

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 96ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1415896418
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 container.html Show response
bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6CB 6 KB
3 KB 68ms
15ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:18 GMT
expires: Fri, 07 Jul 2023 07:31:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 110ms
109ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 303ms
97ms Image
image/gif 34.203.58.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&u=DXSDtGDNwiUMdFnS7&d=nytimes.com&g=16698&g0=arts%2Cculture_desk&g1=Emma%20Dibdin&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2339&t=CCkwntCP3XWcDqMzGjChW7oFLAq2B&V=135&i=6%20Podcasts%20About%20the%20Dark%20Side%20of%20the%20Internet&tz=0&_acct=anon&sn=1&sv=2427FQ2hOUBUBi_f_zJkpR4oFw&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.58.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-58-48.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:19 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 46 KB
14 KB 28ms
28ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0568742dc8493998d1f816824f5c0bec595ec0837ffd963aea17006a6461de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 06:37:38 GMT
server: cloudflare
age: 3220
cf-polished: origSize=47227
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dyDENHEy95N9v0lMMgKLHNpMpKhpgncjGIou693lLr%2BwiS%2BvPuRnJWkR1OEmrLAIjw0Kat%2FgxeDKCSipPBKj4%2BYIjJYpeEXw1GdA%2BbDqt7ooOJ72u5seWA0D%2FeLjK54YhYzjG2Rh6agJjmMLbr4tUzq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726ee13ad83691e4-FRA
cf-bgj: minify

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 51ms
16ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1539923740&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&dr=&ul=en-us&de=UTF-8&dt=6%20Podcasts%20About%20the%20Dark%20Side%20of%20the%20Internet%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=145469183&gjid=283229606&cid=2125053438.1657179079&tid=UA-58630905-2&_gid=1311333270.1657179079&_r=1&gtm=2wg6t0P528B3&cg1=arts&cg2=null&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&cd3=&cd4=Arts&cd9=9&cd10=null&cd13=null&cd14=culture_desk&cd15=earned&cd16=referring_links&cd17=100000008358786&cd18=Emma%20Dibdin&cd19=6%20Podcasts%20About%20the%20Dark%20Side%20of%20the%20Internet&cd20=&cd21=Article&cd23=Arts&cd26=2022&cd27=2022-05-24-11&cd28=Tuesday&cd29=11&cd30=1653508176680&cd32=Arts%2CTechnology&cd33=SECTION%2CSECTION&cd34=FEATURE&cd36=29podcasts&cd37=833&cd38=Arts%26Leisure&cd42=nyt-vi&cd43=Cyberattacks%20and%20Hackers%2CMovies%2CPodcasts%2CFrauds%20and%20Swindling%2CComputer%20Security&cd45=Fanning%2C%20Elle&cd48=May&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Arts%26Leisure&cd54=culture_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=A1ALvIWsfURDDvZ60I6p1a&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=A1ALvIWsfURDDvZ60I6p1a&z=1272561058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1... Frame 0B1A 1 KB
716 B 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1.O/am=GQAQ/d=1/exm=COQbmf,DfBslb,DsXBRb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_r,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5hjrMytvDqEAAdf65gvDbsNdufuw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b21c7fcd79763d466de7cf3e82a80aa311223482f5421b2b259a1c636962a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 19:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 690
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:16:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 19:55:45 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 0B1A 438 B
330 B 50ms
50ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=5753789031580622464&bl=boq_subscribewithgoogleclientserver_20220627.09_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=27079&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a4762eccdd9ee6b1dc02e8a64a60e0dc9e568af67a81bf31e4e5a62acaca085

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 134ms
18ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=19014
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F6CB 22 KB
7 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
URL: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Jul 2023 10:13:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6CB 138 KB
43 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
URL: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:31:18 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1... Frame 0B1A 18 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1.O/am=GQAQ/d=1/exm=COQbmf,DfBslb,DsXBRb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_r,_tp,aurFic,blwjVc,bm51tf,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5hjrMytvDqEAAdf65gvDbsNdufuw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0290af29fe4c6b10c5388580fbae990b8635720e9f0e52426b0ecdfb9a2625b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 19:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:16:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 19:55:45 GMT

POST
H2 200 log Show response
play.google.com/ Frame 0B1A 131 B
672 B 74ms
23ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 07 Jul 2022 07:31:19 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0B1A 131 B
155 B 60ms
29ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 07 Jul 2022 07:31:19 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
20ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: Thu, 07 Jul 2022 07:31:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B1A 131 B
155 B 57ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 07 Jul 2022 07:31:19 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
21ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: Thu, 07 Jul 2022 07:31:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B1A 131 B
155 B 60ms
29ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 07 Jul 2022 07:31:19 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
21ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: Thu, 07 Jul 2022 07:31:19 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~...
adservice.google.com/ddm/fls/z/ Frame 3086 42 B
63 B 93ms
65ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNrIzZKh5vgCFS0XBgAds6sPkA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4887597799695;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6CB 0
0 54ms
53ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbJt4qjPDdi4EuLD6J_7cv84NFSaCxGKqbp0_D6KZuQLkX_EVFM1s87a7hugPT-uRwgQ0chvNGhPN-l9W__yaiJ22OjZ3tNQWTZmGcquCDf7wThILYTRA3YMEYS0pq5990RT4vdTFef6brF4-mSR4RRtAvWvZ8JpAtuUUk4Bj_c0PsJcKInaE1oXgrxikHOGh3TVObV4o_030BABlBQarLMem2jojRj4fvOFiBR3mR7BNteiFt1o3O055P_FwvIcVPmw8KSOityja7q2UB9cpl7Z8hdJJQjOrmrk68Ag-isDCBdXjqyMZYgSW6i8RUxWj4n9gggbqPyedbj3teUuto61t5tb0L2Ndj80xuBVVn&sai=AMfl-YRbyOMfYMl8gPP6n93M8-AMsLJDDpQlxRb8UyxYb1nh0SF5BVmMVDNWCKEJ32O45NUQuht-llVs-i2JdqblNWaLru77Z5dqnZ3MU6Qhu3MH57QNGbsD1S-cvnU4Nss&sig=Cg0ArKJSzBSRJ-thWHc9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
URL: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 07:31:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 flex Show response
www.nytimes.com/subscription/ads/MON-682179-INYT_EvergreenCore/ Frame 9868 3 KB
2 KB 9ms
8ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/subscription/ads/MON-682179-INYT_EvergreenCore/flex

Requested by

Host: bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
URL: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fbdb89362f445075903571e549c01d853643912a7959874d22ceeffe4c42e4e3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
age: 179
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1109
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html;charset=UTF-8
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: 0
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-682179-INYT_EvergreenCore/flex
pragma: no-cache
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding,x-nyt-country, x-nyt-continent, X-NYT-Currency, Fastly-SSL
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-envoy-upstream-service-time: 21
x-gdpr: 1
x-magnolia-vary: x-nyt-country, x-nyt-continent, X-NYT-Currency
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
x-nyt-route: mwcm-banner-ads
x-origin-time: 2022-07-07 07:28:19 UTC
x-served-by: cache-fra19161-FRA
x-timer: S1657179079.999154,VS0,VE1

GET
H3

200

B27033638.325107308;dc_pre=CM3P1ZKh5vgCFUPBuwgdBdwHdA;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame F6CB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CM3P1ZKh5vgCFUPBuwgdBdwHdA;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rd...

14 KB
11 KB

46ms
45ms

Script
text/javascript

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CM3P1ZKh5vgCFUPBuwgdBdwHdA;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
URL: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bcf2df6fcde156e3f709071e757043f5d0891e55df269a702a7465cd38f5507c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10905
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_pre=CM3P1ZKh5vgCFUPBuwgdBdwHdA;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main_flex.css
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/ Frame 9868 190 KB
20 KB 28ms
8ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/main_flex.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-682179-INYT_EvergreenCore/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 0e3ebc10e91f50f02730273e9c2733df2472c8bc7952a480268ef78092ff7215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 475885
x-cache: HIT
x-envoy-upstream-service-time: 7
content-length: 20597
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 19:13:26 GMT
server: envoy
x-timer: S1657179079.037322,VS0,VE0
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 128

GET
H2 200 wordmark-Master-large-optimised-BLK.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/images/ Frame 9868 6 KB
3 KB 27ms
7ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/images/wordmark-Master-large-optimised-BLK.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-682179-INYT_EvergreenCore/flex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 57c4e9c3b00e2ab7b4320be10f61cf71f34131de582759ce746fbf0d728b30a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 194017
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 2330
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 19:13:19 GMT
server: envoy
x-timer: S1657179079.037311,VS0,VE0
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 166

GET
H2 200 cheltenham-normal-300.woff
g1.nyt.com/fonts/family/cheltenham/ Frame 9868 35 KB
35 KB 7ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/main_flex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=b2NKXw==, md5=gst5XYxXu+Nn0P++uojrUw==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1930325
x-guploader-uploadid: ADPycdv0jt5yOX0alNakpsXiTCtOpE_M1HsrvvK5BGMBoGkSUvwFHsKkaB6gkUMq_gP39OD5Y5SE6XM3bM3F-dDXWm6elA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35940
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Wed, 14 Jun 2023 23:19:12 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1657179079.061615,VS0,VE0
etag: "82cb795d8c57bbe367d0ffbeba88eb53"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149678277
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 35940
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 86

GET
H2 200 franklin-normal-600.woff2
g1.nyt.com/fonts/family/franklin/ Frame 9868 20 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/main_flex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 452039
x-guploader-uploadid: ADPycduN9Kf2DB9BcaVTunVB1GLXCW2YEls3Za8ss5lU22LcsOTIAAE00SiWhPBJeHziw7EGYI3IvW1AlWC9eE8Ci0aNx8AiOVn_
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Sun, 02 Jul 2023 01:57:20 GMT
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1657179079.063242,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598151050702
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20196
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ Frame 9868 27 KB
28 KB 12ms
11ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/main_flex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=44i2vg==, md5=oZLbMQk12KiCgy4syD8hGQ==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11602371
x-guploader-uploadid: ADPycdvdviIGyrKuBYoucp09ewWIx1ErzXqGQfqr8VdtJ9PeFJ-fqyZaij4QMjmPkB8C4ZIu3N-dyY4T5dj5oxZkPEM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27688
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 23 Feb 2023 00:38:29 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1657179079.063498,VS0,VE0
etag: "a192db310935d8a882832e2cc83f2119"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984103192
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27688
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 85

GET
H2 200 franklin-normal-500.woff2
g1.nyt.com/fonts/family/franklin/ Frame 9868 19 KB
20 KB 11ms
10ms Font
font/woff2 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/main_flex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: font/woff2
age: 457232
x-guploader-uploadid: ADPycdsU-Xw4eNzUXNP7qtGG1NJU-ftCehtRmYmbbol4JLGxDvyWGLy-bB4aEDgMt7g4983PmaLNYbJx56Fa1tnXYTDXffDpe7Wh
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Sun, 02 Jul 2023 00:30:46 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1657179079.063462,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921545758
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 95

GET
H2 200 cheltenham-normal-700.woff
g1.nyt.com/fonts/family/cheltenham/ Frame 9868 36 KB
37 KB 7ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.woff
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-682179-INYT_EvergreenCore/lib/css/main_flex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=Zk8RaA==, md5=c4YIcn/HxXl4ieF3iFCLJg==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 3206529
x-guploader-uploadid: ADPycdsEDVFCbx27NElQv7l8dO4MkyNAG68Vjl-whxYxCkympC-zsRHX2S9rPdjBO4HiRqWOrrudryTK7dG29VEhh0z98AmL3WbS
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37340
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Wed, 31 May 2023 04:49:10 GMT
last-modified: Tue, 03 May 2022 17:15:50 GMT
server: UploadServer
x-timer: S1657179079.070020,VS0,VE0
etag: "738608727fc7c5797889e17788508b26"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149876133
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 37340
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 326

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F6CB 41 KB
15 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27033638.325107308;dc_trk_aid=517224503;dc_trk_cid=164198354;ord=204847121;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6CB 0
0 50ms
50ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7hgG6UZ-60Hqkk0zk88xnr2odPL0dWq2WY_4crFHLtV9ckVUSQwYSs41NBO8o-sFQgcvVqxVohILC6h_pxnbGhY1uy7fbvr0a1y6ojEfModSdFM9YaZ1CSNiZpS8CNQZlMzCdCj7zHuwymab63qX7uiESpUQ7IbpILXMEh2Gz44zr38H-g6UtrdWQ7w3VwozDxvc3dUwZAra8h6bom_b5P1Wr4fB6dLASsJMJlNWIo9tlIPOYz6AoDRq4TZpT4mKjVxe-Um2FxuGduUaixU4ofEk984eBnpR3_sR8kheYpWy-Sb2wXEnjIsZVoZMcA0boQs-nFA&sai=AMfl-YQcXStu2-YyVVokILxJpzafbi6jG0CcR7j3BwiL3OviJqeofQ9FgYgHaN-08Qa691SmFVX0ThvWV0jh-VIvg_Yyvl2sF7XN5ePuXYbS8-5y_rPtnsMBf2PgYSW154A&sig=Cg0ArKJSzMYWlwLbQJ9-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 07:31:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 07 Jul 2022 07:31:19 GMT

GET
DATA 200
OK truncated
/ Frame F6CB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d648837dff36ad82f7531eb539fe96fdab2efca0ba0db2cadd864aece639b5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0807 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0807 35 KB
14 KB 68ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 06:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 06:33:13 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 10ms
10ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 4512
cache-control: max-age=30
content-length: 0
date: Thu, 07 Jul 2022 07:31:19 GMT
samizdat-x-canary: false
samizdat-x-instance: 888bbc3b
server: samizdat-graphql-b9e633e
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5f1fcde94d0c6fab-9cf2b1cb705a618-1
x-cache: HIT
x-cache-hits: 1
x-datadog-trace-id: 5f1fcde94d0c6fab-9cf2b1cb705a618-1
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BB
x-samizdat-query-exe-id: 81672cede353d725
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19121-FRA
x-timer: S1657179079.176786,VS0,VE1

GET
H2 200 .status
a.et.nytimes.com// 0
0 111ms
110ms Fetch
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 166 B
831 B 109ms
108ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: static01.nyt.com
URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/182814ee71d4a621f160ccbe2730ec5b89440096/build.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-b9e633e /
Resource Hash: 9d8f66c9a96e5d8647470da2b8c34337355168669d1ca1be32a375d862e64d8e

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
nyt-app-type: project-vi
Content-Type: text/plain;charset=UTF-8

Response headers

x-samizdat-query-sup-code
date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 4200b53e516c7d0d-3bb471aa92634e3a-1
age: 0
x-cache: MISS
samizdat-x-instance: dd00ebf4
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 1c90a3c092f57aa0
content-length: 136
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-b9e633e
x-timer: S1657179079.187888,VS0,VE100
x-nyt-region: BB
x-served-by: cache-fra19161-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 4200b53e516c7d0d-3bb471aa92634e3a-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
28ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b897e2f2e092e9d57f1da1941550c8eb19bd29e3f58d582d655dff8727701f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10713
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 58ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b121a70a6fafad37e5861814516ad633ff0067aa706942fc71eb0248dc97414

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YKVJX6MNJN392V43
x-amz-id-2: Xzkvk/sQ9FTIqn/xbrv/8QRaqLBYgGQsQ5mREpm4BTPnyfuKNAlq9HlTrj1FL25MQMwPJCvySKY=
last-modified: Wed, 29 Jun 2022 20:29:56 GMT
server: cloudflare
etag: W/"ad9ead1e1048c529ef38622f66a96747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F22IXbV4FKIz681fRzC%2BLMf2wkBy1NWWyVO2a65WaXpQl5TcaI8Z7rGOl%2BF9r2zx2Mi%2FQH1%2F6GKZy6pG5E1qFAL0XfVgR2TO23WNFGQT2rOW12OM3ak2nCQFjvrH94ja5jClPWO1RIBKKjS%2BtEREt8jxVga"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 726ee13d1cda993f-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:31:19 GMT

GET
H2 200 29podcasts-superJumbo.jpg
static01.nyt.com/images/2022/05/29/arts/29podcasts/ 358 KB
359 KB 8ms
8ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/05/29/arts/29podcasts/29podcasts-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9dc060393119417d209cbef98c239cf23ce449e8236d26b46cf2b2d27f3d1d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/webp
age: 239804
x-guploader-uploadid: ADPycdvyjMeEtbTfB35eYNInPVdybiZM_H_Sq6LWVhTmUJ9IEvhndNFzTEaUhgoPYGmpQBDhYzSQ5STBkN8twvci6mX9PrLaPOoX
x-cache: HIT, HIT
fastly-io-info: ifsz=892525 idim=2048x2048 ifmt=jpeg ofsz=366890 odim=2048x2048 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 366890
x-served-by: cache-iad-kcgs7200025-IAD, cache-fra19161-FRA
server: UploadServer
x-timer: S1657179079.282774,VS0,VE0
etag: "WHZ5/Jmx1zJQgskkzIyjMCm8tEdNHr94FuFnO+Ql7zY"
vary: Accept
x-goog-hash: crc32c=1tol3A==, md5=x7WejeR0qQ6FXQk8IYUnOg==
x-goog-generation: 1653404406484920
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 12:54:35 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 892525
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/ 101 KB
14 KB 8ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 633bf0deb9ed1763fb4c6f585c190b39d822ae7fa1746bbb43b1441b25ab4080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 48050
x-cache: HIT
x-envoy-upstream-service-time: 5
content-length: 14261
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 16:04:50 GMT
server: envoy
x-timer: S1657179079.282763,VS0,VE0
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 729

GET
H2 200 untitled5
mwcm.nyt.com/dam/LP/payment-methods/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 190074
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 1081
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:54:12 GMT
server: envoy
x-timer: S1657179079.283665,VS0,VE0
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 untitled2
mwcm.nyt.com/dam/LP/payment-methods/ 6 KB
3 KB 11ms
10ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 187437
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 2844
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:54:12 GMT
server: envoy
x-timer: S1657179079.283935,VS0,VE0
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 untitled4
mwcm.nyt.com/dam/LP/payment-methods/ 790 B
504 B 12ms
11ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 199336
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 383
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:54:11 GMT
server: envoy
x-timer: S1657179079.283913,VS0,VE0
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 135 KB
40 KB 7ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 0b819165d0aebefee404eec582bc9aaa41ebee06e655f21c2ac31d40291aa4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 48050
x-cache: HIT
x-envoy-upstream-service-time: 8
content-length: 40659
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 16:04:50 GMT
server: envoy
x-timer: S1657179079.310373,VS0,VE0
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 760

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/ 19 KB
5 KB 7ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5fd1df52ae12b0c7740.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: cbe98f9cdafd815da89483144bb0833102e42e687f6ec6965f4b0cd077abcb41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
age: 48050
x-cache: HIT
x-envoy-upstream-service-time: 4
content-length: 4664
x-served-by: cache-fra19161-FRA
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 16:04:50 GMT
server: envoy
x-timer: S1657179079.310674,VS0,VE0
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 730

POST
H2 200 track
a.et.nytimes.com/ 0
0 118ms
118ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
111ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 match-prod-765a805e29312476b6b7.js Show response
platform.iteratehq.com/ 82 KB
29 KB 28ms
18ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-765a805e29312476b6b7.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f80dd0c80beb2588e41c4351f06635883ac109b8d345eca9b8b1dae9dc5f293

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 644433
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GJH2MPV5RX3W38M7
x-amz-id-2: 61Kkw4FhQpdpkAOsFXUI3u2JsAQDlOiCQG5GQkufFW+RK0m/Ew6ML/dav9c2GL2a05Xg8/bq17w=
last-modified: Wed, 29 Jun 2022 20:29:52 GMT
server: cloudflare
etag: W/"793c5da990c5b92f6d7a953b65d6b06b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BL%2FC2BNCdlWJm0Zcs%2BgXRSNykriJ%2FbkXRSRyan5Sca2lQOqAlzKRTD3cYIWvqOBliS%2Fwp2fmucLwrv2pJtD6WqBEL3PZUJLSIrfu0q9O3Kc2jGGuRbJvCH8Y6enrEmGt2iPicqeIFrwH5r7T5o0TMDsiXbmS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 726ee13ddf4e9076-FRA

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9619481
x-guploader-uploadid: ADPycdsXeoKh0SndThJmQ_TcO-7zR2jmF9RgrBR4oUSkvRqF5W7scU152QiMipnp7j5UYTUMJwetZfRdxouLcBPgWbSZN6TVVA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:26:38 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1657179079.332538,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1207

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 19984762
x-guploader-uploadid: ADPycduDT18OMzqKfKbRt_NpAMCLo5M-PjyqVQMFsoWTgUubwJIsgNLotq6OOpNtP05FClIq1WeovfORsNEtvsv7jfKCDIbLRg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:11:57 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1657179079.333687,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1217

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 8ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9702172
x-guploader-uploadid: ADPycdtCqsPnOyDqaY5AVVQFDUtW2hEoiPNf3Sdz27mHUZQ7LcrqJbc2HECo03yFFNZRkcjjM4mGA0B70g9GvXhd2Zk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:28:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1657179079.336697,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 24057

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 9ms
8ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1325416
x-guploader-uploadid: ADPycdupVAknaLAbZyLXtoF3zZHu6ewRVhws0-s0nXBPPnp5o7FJIFFmxtoVc8z92GcT8flqPn_-tfL0Hz9XeZzq4L179A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:21:02 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1657179079.337193,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1214

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 9ms
8ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 27556116
x-guploader-uploadid: ADPycdsymaZ_hVarZRSMz9oRK8fzyiLWiVS0bijlw2WBVKbJ2Fv_EVC8acP2DFTQMKE85im75spxQ0P0zydZPaEXg2ZWybq_7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Mon, 22 Aug 2022 09:02:48 GMT
last-modified: Wed, 21 Jul 2021 17:23:54 GMT
server: UploadServer
x-timer: S1657179079.337175,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888234420447
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 21113

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 10ms
10ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 23010193
x-guploader-uploadid: ADPycdsE-CaQEzBGz1w0IiKXNYq4w0QMTVURjDXuhbSHJqxrRtu0z4QxRukgZfN-rYYhfPRiwLZOJQaRALIygOJniZU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 13 Oct 2022 23:48:06 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1657179079.337582,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982884098
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12804

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 8ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9614344
x-guploader-uploadid: ADPycds58qZNM4wO6zEUOdFY1OFY8wCVPYBNlzDei9iLQHGRhrJBQrqhr5fn1GB1OJ3LkHa4rMJY2HKMY2sSfncbR9QzZ7z_IA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:52:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1657179079.341722,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982612741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 21274

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 9ms
8ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 19987631
x-guploader-uploadid: ADPycdujO_lEKeKnl2kv2kfTdn-yFlbu_HRTBBnw3dPqmkA8asN5-R_Yx_Hnv6mzAXfXWOpkCfRb_9CsWoSF5H_YQH4ZPLv3Sw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 17 Nov 2022 23:24:07 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1657179079.341846,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 22627

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C6F9 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 06:50:30 GMT
expires: Fri, 07 Jul 2023 06:50:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7C9C 783 B
1 KB 58ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d8a035f3a5b7b9e735fe8d5862243872e424549124ce6c675a9a9d1de040d4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u4sxwHC9eJvJMEpwJnUwLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-u4sxwHC9eJvJMEpwJnUwLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: Thu, 07 Jul 2022 07:31:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
26 KB 9ms
9ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
date: Thu, 07 Jul 2022 07:31:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 19985897
x-guploader-uploadid: ADPycdtTxdzDN3ak1n9dTfl4TixCXRbSxXC2cGEaBcr5R3lVRp0xIw1fkSK1M1xexCFErz6-4IYSadIAomIZEGjAWzk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-fra19142-FRA
accept-ranges: bytes
expires: Thu, 17 Nov 2022 23:53:02 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1657179079.403427,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984530255
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 25680
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8809

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 126ms
114ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-765a805e29312476b6b7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ef922f8d0f301c739db6c1498af0778396aaa335aa18f284621ca435528162

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwAEmy1jSH1jc2o014fTeAiFjkbokhaYA7b6UM9OlGG8vv9tcHU%2FcPxW8ogT57jADLxHDxiDQET%2F8iz7Cfm2XW4NKllEEx082PCEbhrIAlrMxKyLeyN88ZIbqXDkkwMslAsmw5WuLwSF5Vqj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 726ee13f7e2ebb83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 138ms
112ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 726ee13ea8c09004-FRA
content-length: 0
date: Thu, 07 Jul 2022 07:31:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGlK7bKDw009d7zzy8zXLVslokMfUjcOpAibGzI8VV1MthT9qBVX1hH4S%2FjnLZdLb7hCeuGu%2FeY4xbuZx1rRBreIReDPAjfGVAOtCOOzcYztZT1p3VQcIlCj7U7eKtuMFhpzDugnJrGmJPFE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 928 B
936 B 136ms
135ms XHR
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 7f51ad67bc5b7850c041ca83a942e90337c597d3887817f883eb83f0f5724f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 3c324fc55411b8e130c0e0bf9f73094a
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
access-control-allow-headers: Content-Type, x-requested-by
expires: Thu, 07 Jul 2022 07:31:19 GMT

GET
H3

200

activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Fa... Show response
5290727.fls.doubleclick.net/ Frame BCA4
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2F...

526 B
396 B

34ms
33ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

4a50b412842fa3590168c6801a56979e2e567f91b1e198c6465ef7cbc1b7a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 373
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: Thu, 07 Jul 2022 07:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:31:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 117ms
117ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1539923740&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&dr=&ul=en-us&de=UTF-8&dt=6%20Podcasts%20About%20the%20Dark%20Side%20of%20the%20Internet%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gateway&ea=impression&el=MAG_web_nonsub_all_monthly-sale_1&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=2125053438.1657179079&tid=UA-58630905-2&_gid=1311333270.1657179079&gtm=2wg6t0P528B3&cg1=arts&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html&cd3=&cd4=Arts&cd9=9&cd10=null&cd13=null&cd14=culture_desk&cd15=earned&cd16=referring_links&cd17=100000008358786&cd18=Emma%20Dibdin&cd19=6%20Podcasts%20About%20the%20Dark%20Side%20of%20the%20Internet&cd20=&cd21=Article&cd23=Arts&cd26=2022&cd27=2022-05-24-11&cd28=Tuesday&cd29=11&cd30=2022-05-25T19%3A49%3A36.680Z&cd32=Arts%2CTechnology&cd33=SECTION%2CSECTION&cd34=FEATURE&cd36=29podcasts&cd37=833&cd38=Arts%26Leisure&cd42=nyt-vi&cd43=Cyberattacks%20and%20Hackers%2CMovies%2CPodcasts%2CFrauds%20and%20Swindling%2CComputer%20Security&cd45=Fanning%2C%20Elle&cd48=May&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Arts%26Leisure&cd54=culture_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=A1ALvIWsfURDDvZ60I6p1a&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=A1ALvIWsfURDDvZ60I6p1a&z=672200302

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 04:16:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11701
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7C9C 0
0 91ms
62ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=2159372124683055&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame C6F9 36 KB
14 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 22:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 22:28:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0807 0
20 B 60ms
51ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdaQNx4vGYuC3Ap2V3gOv1ZPgBwAAAAA4AeAEAg&bg=!5uWl5aHNAAaLlKKnq5Q7ACkAdvg8WmW02hQhvUH7gN_j9LWezzIM_EvXDtDS_DT147s4VMFnjOTX3gIAAAFCUgAAAAJoAQcKAFIsjT_hpicz9uW-gCpJ2bShyGob5z8KxjhX53B8K1dUWf1boWlsjMi_xo9rmWRoESx4Mi2OHySWhEOdktaXBhClBeOaXK1PnoRgKT8oMptFPFxAmQLtqj-5A1bWmttYeEQadIDmVzS_FszI1LVNXwfsQAACPtikCqD0ZS1Vc4PSkIaWczM0ihMRY8vGpDZCSYtsb22XnZXYK2Q279oWNKLn_UfMSGL7A1LTqByesufJAYmBje2gLSwYPqdQOujmnkFri93bee-g-9Wcz_pW6T9uKHWL8osXqkAyKn0anRTElKi9zzPE4fhDYziKVlGMdNXGMcFzmHVqz9JUGNxJPqR9u2CnbmP4RiTGrLRwkx3wghixTmUGOETt2ZJ8ylvLCsh-DRjlx9r7iI1GBZFegODq8FhxcjjVcVvICE0auROnOvGJwyXALfCj9QLGRfTyEnqrS5CMfubaDRIGriv-SnibaVKSE4oLybIfABqQvNoQ0BtOfjjMfX-srkLgkKfqTcYtdoVKM7xjHS8FYxvGAIRhcAo34uxXa_BxKfFFguaUq3bXhenMyc2oqPM61NnjCryURky678lMNxlKtTVjkOWmCRwh-TzqXxJ7eHGx9AcHLMrvRo_CfTKiFufPvemAvqFG9f0Be0uYhugQ7S7DF_A7048mUHqnplcHi26Sj_Y1QlrIDvA1KwtM1EtwXXV9i8oeMjcP7lzUSIXP8Kd-Vtx2XWaFlNptRhgHAs270AbfCcrQ5Vk2RF8nEnOj-drXOh_ruqM5Dl0TGv_ppkR4xyvkRFs1nDmFUk7ycj4dY8HiDVPPmJ7wwGQVKH_nJblo3jEgrs2RHSr77lP1BjaDwvNKKplK_2xvJ1rzwYWnN5GdC35_NHpYVjVTgGRZKJxab4wi5z1y2ZCenzNKp9RDVGILz5moMAfkTSImc5GMAGFO_4sQnBXPoH-f3q6KjQla2L8NezY47ozer_HiLE807JuHYRNZQvqcKHpnTto-bBA_97_CM9JEHUEJzzyI92tTtuGGzxRxF9i7JpWqqo32vidA82R2H4Qc1QUYqFgoG-mEfqL7sxBTtwPmL1ZnlgQSoTFX7h12WH5wZfTyXLORmsG-q-k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~...
adservice.google.com/ddm/fls/z/ Frame BCA4 42 B
63 B 58ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLTS9ZKh5vgCFZ8GBgAdXaMMVQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=9120763119337;gtm=2wg6t0;auiddc=1487369012.1657179079;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F05%2F24%2Farts%2Fdark-web-podcasts.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C6F9 0
9 B 14ms
13ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Gerylg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:31:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F6CB 42 B
64 B 76ms
48ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_d7VeBXbp44fsgvtNdE01cRAOrKC3gFZV4FXtuCDjkoGjoVdwsoU37XhqCKvr25OsIsoRDXR-6knAbI94_rK_R2NkG7-uayi8Kr_r1ySCFLx2wSYa&sig=Cg0ArKJSzOP7wKR5CRhyEAE&id=lidar2&mcvt=1000&p=149,0,423,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3503959228&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657179078818&rpt=277&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 07:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
81ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=2159372124683055&bg=!NTalNnLNAAaLlKKnq5Q7ACkAdvg8WnB93QLfQUZX2nOqH0uVt2cE7oWisgf2QEPvYfmh98EWRiIbmwIAAABYUgAAAAJoAQcKAIHVjQNAD7Ar1Wjw7kfDL2h2WMiQl7BB9_gg-iUP59_UbS4CSCJhuReHpD2_qbpTayp9n36oTqQrUnhYafotM7pCQSuq5HCfpTTBx5MmGJV2LaR1Dn5i_Q5bm_2lxun05dsXHWaL-EmlrU62AfhlrmwvtMmSQ9t-Kg919gKQDvHCkmOZAqNFU2tgYYrm852rh6NqXl88PJjKh35UaU2KwNcCsek0--D9BVoRC1V8NI40POodycPszGEDJ0_hYyZhu51ANF-E587XshJKuTlKCESG_WpZFfcMNksUCqS950r5p-rnej1X_paI6dcy202iJe8A6HbcNfbZpdFZ_X7Gk7psj_uHPCg6fUm2QU3fvNJNJydZFV6J86RCfceMfwcy5JMtEZyBpXLT5efeQbLWdtZl1Y2TsibV6ytWd9uUCvqa8tmU4iyRmQr0jHnS6itVo0YalsEd4cXIGnTHyV8ZB7KCDLTA3soRkEchys0XdFH49_p6RupmHmAWMKZAmah7rP1gkgNE1G0H9eiy1Uw4a7O2eRqXUzXZq8zeNik2MhqlgYFt-bg9tjxcyvSvCPr4MNTSn84Oh-zde4WZZNVSORF-XEis7q2xbJ3JhcIloCkz6qRxHULGFugt5ThqvPMLx0gPdmVffbz4NxDcGJN95HfRs4bgADTxI1t69lNW4GvtzP6gLliEzS3qb5wfX7ieLBc-HKQ3JExS3vnA9vWzT9PBIVy9H6cmEgoyVlqNz_R-av-r2-a5dYxfRmKKYuWv6VVCpYIsz1sFRphsrImI_08DZi8QmQiNexSszCNEXH6o1pVaxxGNb9f0OdVsYwGJPCJf3B_KJjNQdaiVcAGE7hHETGO74uVYs0QrnkvsvsPYWEQV5K6lg8zQegVBd0FTdenm9N1sEvOZ4YOSH2TIRA528ioaKZRiRXLGdpIe5wXeiEvapoCceqse8CtEQai19XirdG3C0RLnUW3erZykcKhutD9H_RMkhYVqw78c0JHgf5ez5kdLkLVerDSQLQQ4LN6hkX4oxAjFcHzrrA3GNxP-gl7FGwNgy1CxATLcTRtCjfVeuN8TCb0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 113ms
112ms Ping
application/json 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 13:05:15	Name: nyt-a Value: A1ALvIWsfURDDvZ60I6p1a
.nytimes.com/	1970-01-20 04:20:00	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 13:05:15	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 04:20:00	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 04:20:00	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: a18da053136f42a3b4cff0a29c3b4749
.et.nytimes.com/	1970-01-20 04:19:40	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 13:05:15	Name: sessionIndex Value: 1\|1657179077387\|A1ALvIWsfURDDvZ60I6p1a\|1657179077387
.et.nytimes.com/	1970-01-20 04:21:05	Name: et-ppvid Value: https://www.nytimes.com/2022/05/24/arts/dark-web-podcasts.html=e6orFq0OUGo6rec5r1HlEdSB
.google.com/	1970-01-20 08:43:10	Name: NID Value: 511=YNdfIaBEl-jyZ4E9lk4sMZ6uQ_OUkGA3AXSHNC8_eFwgBdDxfnnene9HY0TN_wndKxzzmIdwpMpeHjC_clDsw0im5TuYdV0NMAxnRrJ1TpXbdt6I0arSBZRiUbEbWDE9p5Z3mvQ0fvKm2B9hB7oHwaJvOKRN-1pwhAnq4am0WP8
.nytimes.com/	1970-01-22 00:09:05	Name: nyt-m Value: 5976C1EDDBD000F69686D37D81CFBAC9&ica=i.0&igf=i.0&cav=i.1&g=i.1&rc=i.0&fv=i.0&imu=i.1&prt=i.0&ira=i.0&n=i.2&ifv=i.0&imv=i.0&ird=i.0&s=s.core&ft=i.0&iub=i.0&igu=i.1&iue=i.0&vr=l.4.0.0.0.0&ier=i.0&igd=i.1&iga=i.0&e=i.1659340800&t=i.0&v=i.0&er=i.1657179078&iru=i.1&iir=i.0&uuid=s.e11e87b2-9496-4706-810e-0f2b9215f667&pr=l.4.0.0.0.0&vp=i.0
.nytimes.com/	1970-01-20 04:20:38	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.a.nytimes.com/	1970-01-20 13:05:15	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 04:20:38	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 06:29:15	Name: _gcl_au Value: 1.1.1487369012.1657179079
.nytimes.com/	1970-01-20 13:49:09	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-20 13:41:15	Name: __gads Value: ID=295cb6ac84225cc2-22156413c8cd00b6:T=1657179078:S=ALNI_MZblfCElRqcXxqEZWJN7IMwI2hsBg
.nytimes.com/	1970-01-20 13:05:15	Name: datadome Value: KZNZbzsAA.Nt1YqVnKfZ.c5h1lF48yEXidMVgE6z1sGIMDpDaQNvxkv_LroeVmA4uFFvPW8N9WzqsJnL.haqawdVDNiqEWp7VghIJZFOD8gm3i~Jq07RTR950f6~CHC
.nytimes.com/	1970-01-20 13:48:27	Name: _cb Value: DXSDtGDNwiUMdFnS7
.nytimes.com/	1970-01-20 13:48:27	Name: _chartbeat2 Value: .1657179078845.1657179078845.1.2427FQ2hOUBUBi_f_zJkpR4oFw.1
.nytimes.com/	1970-01-20 04:19:40	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 21:50:51	Name: walley Value: GA1.2.2125053438.1657179079
.nytimes.com/	1970-01-20 04:21:05	Name: walley_gid Value: GA1.2.1311333270.1657179079
.nytimes.com/	1970-01-20 04:19:39	Name: _gat_UA-58630905-2 Value: 1
.doubleclick.net/	1970-01-20 13:41:15	Name: IDE Value: AHWqTUn2FWTBUQ1X8zyE1mGOEpXCT-P8YJUc27OYdfxSXZm08lKs699IQ-p_UXPNxJg
.nytimes.com/	1970-01-20 13:05:15	Name: nyt-jkidd Value: uid=0&lastRequest=1657179079545&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1657179078454&isNew=0&pageIndex=2
.nytimes.com/	1970-01-23 19:55:39	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MmM2OGJjNzc5NDczODAwMDE2YjU2ZTkiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjU3MTc5MDc5fQ.h6G_Mjy03McDTmZxuMInx-1TsGUTzwuuzowT3hvWXEI

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
als-svc.nytimes.com
bf8ac448673015e31a68eda1cd3681e8.safeframe.googlesyndication.com
cdn.brandmetrics.com
collector.brandmetrics.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
142.250.186.162
15.197.193.217
151.101.1.164
151.101.129.164
151.101.65.164
172.217.16.198
20.50.2.28
2001:4860:4802:38::178
2600:9000:2240:600:18:1fcd:351:7bc1
2606:4700:20::681a:79b
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:801::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400e:810::2013
2a06:98c1:3120::3
2a06:98c1:3121::3
34.203.58.48
35.241.35.241
35.244.188.62
52.207.181.173
52.222.236.105
0290af29fe4c6b10c5388580fbae990b8635720e9f0e52426b0ecdfb9a2625b3
075295faceecadf409a94dc9c2b22298249d9647d60c504bf1622cf5703eff39
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
085191e8680d60417061da585f73bb335eaf79a08e0fec653ba14c1f8c6fe913
0b6065792014ed67fc67656a46d1a85eff5cf9f0ef8b259cb39db3127e6f9909
0b819165d0aebefee404eec582bc9aaa41ebee06e655f21c2ac31d40291aa4ed
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e3ebc10e91f50f02730273e9c2733df2472c8bc7952a480268ef78092ff7215
0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09
1275a9bb204dcc911a442a8e938c7c5ae95f8c5cbc634a475ac7122a1bb7d5db
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1e8f653cafd04ab5db661928b4c87574e6ef6b02dc3d43217532bbd681269076
1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
26d0730099fa056c49029fa46a2d3a87235ad22739651eee3846a66fa99462fa
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2bc1132677d2090650fdee3f2d32d194f97cfe66d3d8e094067c4146b6865c3d
32631137cb18af4b5944c3ff1d0413b357f1ea91b4b0d1c819d3e99db57913f9
365b7ecb5e6767a410385b2b92531d3360f7df30beab4c2668ba3f523fe8040b
392c78d5eb9c746d7b25ffcc9cf69f4c6ceb214d092cf2d9a50f91e901a38d93
3b21c7fcd79763d466de7cf3e82a80aa311223482f5421b2b259a1c636962a67
3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49
3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4a50b412842fa3590168c6801a56979e2e567f91b1e198c6465ef7cbc1b7a7d1
4b121a70a6fafad37e5861814516ad633ff0067aa706942fc71eb0248dc97414
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57c4e9c3b00e2ab7b4320be10f61cf71f34131de582759ce746fbf0d728b30a6
5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e
60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633bf0deb9ed1763fb4c6f585c190b39d822ae7fa1746bbb43b1441b25ab4080
6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7f51ad67bc5b7850c041ca83a942e90337c597d3887817f883eb83f0f5724f33
7fced283905ba08a854f7176a4c57a89d9359c58c5cda63b062218f87a9f0537
7feda74a9a3bf3637be6edce84a928786e2fef6ff1c691cdb9c9248ba3660a50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836f5195290d33d1bc922ca3769ee33607fe370377d0f3fe4410b2f4333efc3e
8a4762eccdd9ee6b1dc02e8a64a60e0dc9e568af67a81bf31e4e5a62acaca085
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8aacead3b96571e7209917f89c2cdf9e35e00f995e6622d8ddc9d2e65a951ddb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
916a33c04e52a1ef643b6c012b048a59b412ba760297f2ba4115eb50216da27f
93ef922f8d0f301c739db6c1498af0778396aaa335aa18f284621ca435528162
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
9d8a035f3a5b7b9e735fe8d5862243872e424549124ce6c675a9a9d1de040d4b
9d8f66c9a96e5d8647470da2b8c34337355168669d1ca1be32a375d862e64d8e
9dc060393119417d209cbef98c239cf23ce449e8236d26b46cf2b2d27f3d1d08
9f80dd0c80beb2588e41c4351f06635883ac109b8d345eca9b8b1dae9dc5f293
a0568742dc8493998d1f816824f5c0bec595ec0837ffd963aea17006a6461de6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
aee53271c11d3c48817bb0f4f1f5d6f4b2c2fb9c1ce28c848e158095f7238f30
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b897e2f2e092e9d57f1da1941550c8eb19bd29e3f58d582d655dff8727701f42
b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993
bcf2df6fcde156e3f709071e757043f5d0891e55df269a702a7465cd38f5507c
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bfdf97ef9fac3beccaedad6efdfbf3e2fcbf5612ac4d535dbe9eed5779420e3d
c7ade716824e2958ce29c33275050bb8526d1961ea2c5111cc46f293c0c5f7b2
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
c9ddd01050c3162ee6185b78d3ee887bba48f34dee1d0107aecc2e9bcb5ac47b
cafed63e17cc87457089503fb90400d5a0dcb8e7bb204526e1fe4b80eeada31f
cbe98f9cdafd815da89483144bb0833102e42e687f6ec6965f4b0cd077abcb41
cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d648837dff36ad82f7531eb539fe96fdab2efca0ba0db2cadd864aece639b5ee
dcd066edb12535f685ada864e87e2ee7ab67a925605eedadfbe4e274887f3d7b
e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1
e0e36a172b71990e2d7c52f3cc97fe5ffd3ee9bcc7579febc3635ff931901b2c
e2dc688bd38e8f376361b1da0dbfbf225790269bb9efdce60d5b92d4d5c670ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e5091640ae45c50e6ae0bd44aab47b41b385f9d6df6cf7b2bb53c37cf6311bf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2471a85489ab0a53ccac104ef34b7c11ca0b59e5f4f501e7b261cbc6c82ac17
fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3
fbdb89362f445075903571e549c01d853643912a7959874d22ceeffe4c42e4e3

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

99 %HTTPS

60 %IPv6

15 Domains

37 Subdomains

31 IPs

4 Countries

3298 kBTransfer

8025 kBSize

28 Cookies

16 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

99 %
HTTPS

60 %
IPv6

15
Domains

37
Subdomains

31
IPs

4
Countries

3298 kB
Transfer

8025 kB
Size

28
Cookies

147 HTTP transactions
1 data transactions