www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Submission: On February 12 via api (February 12th 2022, 4:34:49 pm UTC) from CH — Scanned from DE

Summary HTTP 163 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 17 domains to perform 163 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2791.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
11	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
23	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
8	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:58c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.236.85 52.222.236.85	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:b000:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	54.198.123.195 54.198.123.195	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::6815:24db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	95.101.27.26 95.101.27.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.101.27.37 95.101.27.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7d0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
163	30

61 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:58c::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd32a.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-85.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:b000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.123.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-123-195.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:24db (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.26 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-26.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.37 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-37.deploy.static.akamaitechnologies.com

yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c1 (Russian Federation) 1 redirects

ASN50952 (DATAIX-AS Peering Ltd., RU)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7d0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2791 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8038 a.et.nytimes.com — Cisco Umbrella Rank: 7547 als-svc.nytimes.com — Cisco Umbrella Rank: 9888 myaccount.nytimes.com — Cisco Umbrella Rank: 10383 dd.nytimes.com — Cisco Umbrella Rank: 9988 meter-svc.nytimes.com — Cisco Umbrella Rank: 9885 purr.nytimes.com — Cisco Umbrella Rank: 9713 a.nytimes.com — Cisco Umbrella Rank: 9275 mwcm.nytimes.com — Cisco Umbrella Rank: 10267 static.nytimes.com — Cisco Umbrella Rank: 26146	2 MB
26	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9180 static01.nyt.com — Cisco Umbrella Rank: 6043 a1.nyt.com — Cisco Umbrella Rank: 8973 mwcm.nyt.com — Cisco Umbrella Rank: 16208	799 KB
20	google.com news.google.com — Cisco Umbrella Rank: 5027 adservice.google.com — Cisco Umbrella Rank: 59 play.google.com — Cisco Umbrella Rank: 32 www.google.com — Cisco Umbrella Rank: 2	70 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 11082	158 KB
9	googlesyndication.com ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	252 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7694 iteratehq.com — Cisco Umbrella Rank: 7120	274 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	129 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1865 yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1862 eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1150 c.go-mpulse.net — Cisco Umbrella Rank: 549	51 KB
1	akstat.io 684dd32a.akstat.io — Cisco Umbrella Rank: 55720	202 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	38 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 8914	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 607	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	96 KB
163	17

	Domain	Requested by
22	samizdat-graphql.nytimes.com	www.nytimes.com
20	a.et.nytimes.com	www.nytimes.com
18	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
18	www.nytimes.com	www.nytimes.com
8	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
7	play.google.com	www.gstatic.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
4	static01.nyt.com	www.nytimes.com
3	mwcm.nyt.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	static.nytimes.com
2	a.nytimes.com	www.nytimes.com mwcm.nyt.com
2	adservice.google.de	securepubads.g.doubleclick.net
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	684dd32a.akstat.io	s.go-mpulse.net
1	www.google.com	tpc.googlesyndication.com
1	eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	c.go-mpulse.net	s.go-mpulse.net
1	fonts.gstatic.com	news.google.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s.go-mpulse.net	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
163	42

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
youtu.be
www.nytreprints.com
static.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-01-18` - `2022-04-18`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Frame ID: B7A8FB56C985C0C339E9E3A570DAAEF9
Requests: 118 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 510B242AEC728DE8A4FB5AAA0558BF0A
Requests: 3 HTTP requests in this frame

Frame: https://ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2526B1D1578B25A904830F603D93486D
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456856&publicationId=nytimes.com
Frame ID: 08399C11427094500096BCC6D0FDE128
Requests: 13 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html
Frame ID: EE8EF29E0622B4F620257E23171605B9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7vNmLUWt9ikuIAXrHUARpXPkPo_oPfFOlpnzj1nAsu-Pqlto14XidDmc1zXYEHak1g9A6O3xGe59NJgoICujyRQJnVeL3lo1pRg6DGhS5NWQahpMZa9UjYGynSRHmajdi06evMwQ0ELEFJBWXSuPmVHAtYxURBSSGA8htr-v4ylFh3lP1hkSceleMsfUwhJouWOHWeidcfemi7Vjw6DHC1lB21E7AFLBcDuXmx5nnYJfZfNEJAsNRNxFGsT8Gnw3N4wznHVE4ThyudOIEd2Zr6QNVsM0ItVJ8wCA7OEYTk3SolPQ6hlNiu-TraboryVgPBkkE0-4Tclr8RoQZE1cJKzq7MK2gCZwFTQ&sig=Cg0ArKJSzOjP6mY3msEMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 433A275DAE5CB94188E1743A55CDF36F
Requests: 5 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html
Frame ID: 6199EB9F14F1C8C0CE0AA74F44D66681
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 918D62092D8D500349880FB357F93A6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 301EA9512D92C31BD5BA3A44DAFBF94E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Stranger Returned His Lost Lottery Tickets. Then He Won $273 Million. - The New York TimesThe New York Times: Digital and Home Delivery Subscriptionsplus-iconcheck

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

163
Requests

99 %
HTTPS

65 %
IPv6

17
Domains

42
Subdomains

30
IPs

3
Countries

3612 kB
Transfer

9578 kB
Size

31
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2019%252F03%252F08%252Fnyregion%252Fnj-lottery-winner-mike-weirsky.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html%3Fsmid%3Dfb-share&name=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.%20https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html%3Fsmid%3Dtw-share&text=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.

Search URL Search Domain Scan URL

URL: https://youtu.be/un8yRTmrYMY
Title: told reporters on Thursday

Search URL Search Domain Scan URL

URL: http://www.nytreprints.com/
Title: Order Reprints

Search URL Search Domain Scan URL

URL: https://static.nytimes.com/email-content/NA_sample.html
Title: See the latest

Search URL Search Domain Scan URL

URL: https://static.nytimes.com/email-content/AH_sample.html
Title: See the latest

Search URL Search Domain Scan URL

URL: https://static.nytimes.com/email-content/NN_sample.html
Title: See the latest

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=1281e5fc-d028-11ea-a072-340cee6a52b6&campaignId=9WJRH
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel
Title: Cancellation and Refund Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html

Request Chain 141

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pq9gw3aet HTTP 302
https://yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 142

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pq9gw3aet HTTP 302
https://eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 143

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html

163 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request nj-lottery-winner-mike-weirsky.html Show response
www.nytimes.com/2019/03/08/nyregion/ 257 KB
63 KB 738ms
688ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a4698fc003d2b80ae473b488652e1a4e42721c026f7067785e4874aae902f0f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-b3-traceid: 775d6aa9ddb249b78f412845a06abc27
x-nyt-data-last-modified: Sat, 12 Feb 2022 16:34:42 GMT
last-modified: Sat, 12 Feb 2022 16:34:42 GMT
x-scoop-last-modified: 2019-03-10T05:27:42.529Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1644683682.168628,VS0,VE5
x-origin-time: 2022-02-12 16:34:42 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:42 GMT
age: 0
x-served-by: cache-lga21947-LGA, cache-hhn4051-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1644683682.168628,VS0,VE680
vary: Accept-Encoding, Fastly-SSL
x-datadome: protected
x-nyt-app-webview: 0
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-nyt-edge-cache: MISS-MISS
content-length: 62863

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 34ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Sat, 12 Feb 2022 16:34:42 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 10507916
x-guploader-uploadid: ADPycdvM_HxElX7psfISEsaNQfEgnO2Zgx5cmB4AGrFveWBc7tmn1KIO6XBFRxV4kkQJuoRY7wL5yZmwCuWxcKNne2c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4051-HHN
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:42:47 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1644683683.902609,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 18976

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 8ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 748344
x-guploader-uploadid: ADPycdug3EL0swpnPp5BiaAYBroOQkQOc8ROASgv_MUPlIaD6A-dSndbPMsDnouDGt400k8eaoulTVvf0Vupxk27tg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 00:42:19 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.876021,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19261
date: Sat, 12 Feb 2022 16:34:42 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Thu, 03 Feb 2022 22:41:46 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1643067836219382
expires: Sat, 04 Feb 2023 00:42:19 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-9cd9aa2ae2d6a53c40af.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-9cd9aa2ae2d6a53c40af.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

51b78847fc20f97854556c421abeefae11b13e7627270e2c6ca78cfef3a90075

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 692308
x-guploader-uploadid: ADPycds74h-eb3hVAituRVSB68QOrIuLRCoV-sZYppX_Yohb1MIWQwexvK55lCyhBelrLqC-jXS6LKhecitp6rW1jcyvC0WukA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:15 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.886958,VS0,VE1
etag: "3eb9e94bc6201c263e6f1ad4947a291c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9cd9aa2ae2d6a53c40af.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 24622
date: Sat, 12 Feb 2022 16:34:42 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7237
last-modified: Fri, 04 Feb 2022 16:09:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=W68SaQ==, md5=PrnpS8YgHCY+bxrUlHopHA==
x-goog-generation: 1643990978080103
expires: Sat, 04 Feb 2023 16:16:14 GMT
x-gdpr: 1
x-goog-stored-content-length: 20494
accept-ranges: bytes

GET
H2 200 08xp-lottery-jumbo.jpg
static01.nyt.com/images/2019/03/10/nyregion/10xp-lottery-p1/ 31 KB
32 KB 28ms
9ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2019/03/10/nyregion/10xp-lottery-p1/08xp-lottery-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c244645916870ba90a2e4743816d47e7dbbbea1c841b678255985a408d686f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 577416
x-guploader-uploadid: ADPycduWkGW4VKv8dd8X8PBie6j7GwsxiM-z0eWDGJ1id5yywI3mhex1V73XfKTuwqtqVwbImlFx2B_qF8OtwSqxGJ46SK8CuA
x-cache: HIT, HIT
fastly-io-info: ifsz=97912 idim=1024x601 ifmt=jpeg ofsz=32236 odim=1024x601 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 32236
x-served-by: cache-iad-kjyo7100026-IAD, cache-hhn4051-HHN
server: UploadServer
x-timer: S1644683683.916614,VS0,VE1
etag: "CV4bb04hCMi/7XiCFp564C73Ac5V9OKnRfeFeMAyQ9M"
vary: Accept
x-goog-hash: crc32c=JchCIw==, md5=vaSgdrNJ+1+gb9AeptG9FA==
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 30 Jan 2022 00:10:58 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 vendor-6dabc659e9ccac9b6f00.js Show response
www.nytimes.com/vi-assets/static-assets/ 252 KB
77 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 838486
x-guploader-uploadid: ADPycdsGwRF5kq0rhNUW7IMlp4xMe6nYlktsNLaUKsHIGrS6d5-xShPNVUcy0Q_jhi5eHJSr5xvAjErzw8Det3cc6fA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 23:39:56 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.910962,VS0,VE1
etag: "8fc82adba8f7a20303f839ab3c923991"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 26571
date: Sat, 12 Feb 2022 16:34:42 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 77827
last-modified: Wed, 02 Feb 2022 23:34:48 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Aei76Q==, md5=j8gq26j3ogMD+DmrPJI5kQ==
x-goog-generation: 1643649050257546
expires: Thu, 02 Feb 2023 23:39:56 GMT
x-gdpr: 1
x-goog-stored-content-length: 258452
accept-ranges: bytes

GET
H2 200 story-d917cb6aca65ac6ceb40.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
297 KB 15ms
15ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8f896b2bcc9fbfa73d461c2acc7517e1c1f472ab09863784a5943e139aabb7fa

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 171978
x-guploader-uploadid: ADPycdtD6XzyawkDSrcn3eCl0qaKXJfyQbZ4pMZlzc0W5oaSH5K89TJHf_ir3Cm-dvmtODVGGGVlR-t2DAcxwur5p2Y
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-10 16:48:25 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.927116,VS0,VE1
etag: "6e40e1d5a63b60ce336038244d398685"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-d917cb6aca65ac6ceb40.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 53
date: Sat, 12 Feb 2022 16:34:42 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 303478
last-modified: Thu, 10 Feb 2022 16:26:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=cMOlbQ==, md5=bkDh1aY7YM4zYDgkTTmGhQ==
x-goog-generation: 1644510398081186
expires: Fri, 10 Feb 2023 16:48:25 GMT
x-gdpr: 1
x-goog-stored-content-length: 1142793
accept-ranges: bytes

GET
H2 200 main-c5ae748151e1a510711c.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
361 KB 9ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

adf2af53724fd422bf12f2c7793a5ecf4d2094a23a5ce34084f1a2af70c9a300

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 245336
x-guploader-uploadid: ADPycdvCm2ovyJHKEQtrI6khn_95ZJoYiM13h7ucI7aRgSm13Y7rRDlC0Ci5ZVWwgLKmUWgF5YO7TaIxNueIgRUhZSc
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 20:25:46 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.927203,VS0,VE1
etag: "b0791eb5affc086cfda65dd3904d59fb"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-c5ae748151e1a510711c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 336
date: Sat, 12 Feb 2022 16:34:42 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 368467
last-modified: Wed, 09 Feb 2022 20:23:36 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=quEuRA==, md5=sHketa/8CGz9pl3TkE1Z+w==
x-goog-generation: 1644438216282658
expires: Thu, 09 Feb 2023 20:25:45 GMT
x-gdpr: 1
x-goog-stored-content-length: 1268174
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 360 KB
96 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a47c9c36707b75ab588f9f7a25bba3d52b726d893616d6bc89ee113a818704e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:42 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97886
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 45ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:42 GMT
age: 812
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: b2223e4f59bd3639
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 42
x-timer: S1644683683.958731,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 160ms
103ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
827 B 8ms
7ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:42 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 1cb9285c2c318627-2b2b2eb9d9fd6d10-0
age: 47
x-cache: HIT
samizdat-x-instance: 24dcfc59
x-samizdat-query-field-errors: 0
x-cache-hits: 5
x-samizdat-query-exe-id: f372f0c510cc3eaf
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644683683.966586,VS0,VE1
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 1cb9285c2c318627-2b2b2eb9d9fd6d10-0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 143 KB
45 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45355
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 18:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 17:05:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 43ms
20ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

d5421861b46595d7fc19b106d2478cdfe2c5b05664a0f9e4562770ed2c0d1d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27141
x-xss-protection: 0
server: sffe
etag: "1129 / 591 of 1000 / last-modified: 1644620926"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Feb 2022 16:34:42 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
2 KB 463ms
412ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F6b3146f7-96c7-5e71-9ed2-0f5c15e36492&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 2de12e5be7c985ea1e81b2dfe2c4a22207ded70413721ea1c3f5098801781386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1963

GET
H2 200 icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
2 KB 18ms
18ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 863485
x-guploader-uploadid: ADPycdtcWi95J9FFULKih-12kcMa009LHfRmLsgkwjO9nqGo0WhHgdDqzMXK8C2FRtvJqjeav_7wGzjTJOsaIejqORA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:17 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.934652,VS0,VE1
etag: "f5e6ba8f0613f5244e1e8ba2c4f8dd1a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
content-type: image/svg+xml
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11731
date: Sat, 12 Feb 2022 16:34:42 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 645
last-modified: Wed, 02 Feb 2022 16:43:04 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=GTQy+Q==, md5=9ea6jwYT9SROHouixPjdGg==
x-goog-generation: 1643067836495501
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 1162
accept-ranges: bytes

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 33ms
11ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11119947
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683683.959256,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 56791

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 32ms
11ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2215920
x-guploader-uploadid: ADPycdufpJt9uHnzke8zHacBbB_kWYwBiP0odq5m8QvVK12i_S1IokydXEaAh27TGY6E4j-B9qf2IxeDkaD-kFaECMs
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Wed, 18 Jan 2023 01:02:42 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683683.959408,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 56090

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 31ms
11ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8091621
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683683.959447,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 38883

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 31ms
10ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7489506
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1644683683.959577,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23845

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 30ms
10ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2220966
x-guploader-uploadid: ADPycdthArV4L3K0iNxxJTb_sc9ZZXcs7Ofy9K6kGmSauVHZg2n7pfqstYxWbvvewLWDeYj7xgogYci0g4bj5Ew_7SFy54BTmA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:38:36 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683683.959764,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 48736

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 30ms
10ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2220905
x-guploader-uploadid: ADPycduqaMXBgRcn7MaFE0xauF1LRpBsw12QO0GlqFvN8l8TjEYXxEFWI2i9FV13QZWYXeF0729D8DVFmoxY7aqUiOCBWzXN7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:39:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683683.959669,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23390

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 43ms
22ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Sat, 12 Feb 2022 16:34:42 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8686622
x-guploader-uploadid: ADPycdsPgT4lcseauEpJLQy0Zsg30Moickqr1VqZgSIgCB1QoXGXeqKooxxgUjtaoY-NEecarL-ob9XvEbblsldRDB3zOZzgsw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Fri, 04 Nov 2022 03:37:39 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683683.959925,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984460387
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 54013

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 51ms
13ms Script
application/javascript 2a02:26f0:1700:58c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:58c::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: br
last-modified: Mon, 17 Jan 2022 19:36:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 510B 393 B
709 B 14ms
7ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

94193096daf7c70d7589d5e6ec9720a2cc53fa953fcc0e51f441ae7d48ff835c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

x-powered-by: Express
x-datadog-trace-id: 4037008806992425249
x-datadog-parent-id: 4037008806992425249
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-nyt-backend: lire-ui
content-encoding: gzip
x-cloud-trace-context: 685539aec10cf2d16ac900fd57acf809
server: Google Frontend
cache-control: public, max-age=600
etag: W/"189-FZQuefnmRjgB45y+BAIEbCHSQlE"
content-type: text/html; charset=utf-8
x-datadome-timer: (null),VE18
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:43 GMT
via: 1.1 varnish
age: 161
x-served-by: cache-hhn4051-HHN
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
x-api-version: F-X
content-length: 276

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 16:52:50 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 7ms
6ms Other
image/svg+xml 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 16:59:52 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 510B 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-api-version: F-X
age: 118
x-cache: HIT
x-envoy-upstream-service-time: 31
content-length: 1252
x-served-by: cache-hhn4051-HHN
expires: Sat, 12 Feb 2022 14:37:36 GMT
server: envoy
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: daadd57061a71c786280e1b316e460ec
cache-control: public, max-age=600
x-datadome-timer: (null),VE706
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 3

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 510B 410 KB
139 KB 7ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=e0b3e20
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-api-version: F-X
age: 161
x-cache: HIT
x-cache-hits: 6
content-length: 141763
x-served-by: cache-hhn4051-HHN
server: Google Frontend
etag: "RVze5g"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 443f0d6830ec80b540ab9900512a7b64
cache-control: public, max-age=600
x-datadome-timer: (null),VE159
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 09 Feb 2022 18:45:36 GMT

GET
H3 200 pubads_impl_2022020901.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 23ms
8ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 14:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122359
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 Feb 2023 14:29:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
371 B 31ms
16ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
expires: Sat, 12 Feb 2022 16:34:43 GMT

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js Show response
www.nytimes.com/vi-assets/static-assets/ 46 KB
15 KB 10ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4680da4b91fb39d747e566e471e11aaec1119bc6885b51ae8e4617387f08af7b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 692286
x-guploader-uploadid: ADPycdsK1WQUDy5ebEZtwlD0t4tsFZsUMvs1f-sHsS620M55dTgIFvc4JC2Sv7Tep6xoQQkR5ORBDhjny4vdTdMCuXiFuILAjg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:36 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.169768,VS0,VE1
etag: "22fb86dadd1d1e60c94bffe9c522a94a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-dd21123f5275891a7fd9.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 23285
date: Sat, 12 Feb 2022 16:34:43 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14705
last-modified: Fri, 04 Feb 2022 16:09:40 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=dcN4NQ==, md5=IvuG2t0dHmDJS//pxSKpSg==
x-goog-generation: 1643990980186724
expires: Sat, 04 Feb 2023 16:16:36 GMT
x-gdpr: 1
x-goog-stored-content-length: 47594
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 839692
x-guploader-uploadid: ADPycdtBBf_OSyY7bysAkS1rifPEa2-gTy4OfYk-p7B9pbQISLIQ7hYq839o8BshJnCL2UizT7Cfgcl2bg7gQR4jf0jI-0h69g
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 23:19:51 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.169878,VS0,VE1
etag: "46159ad0cb7de89c83fc59e9dc0d61f9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 21117
date: Sat, 12 Feb 2022 16:34:43 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13291
last-modified: Wed, 02 Feb 2022 21:41:29 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=goxv5A==, md5=RhWa0Mt96JyD/Fnp3A1h+Q==
x-goog-generation: 1643776222051335
expires: Thu, 02 Feb 2023 23:19:51 GMT
x-gdpr: 1
x-goog-stored-content-length: 68853
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 10ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 750792
x-guploader-uploadid: ADPycduR2i6M9IKfAnA4bh01qx_PvWNw9kSUTVIsRB-AJ1XWhcowHcqh3JmM2YrerIQPHGB6T7OSic4YtOVZqpqgLlk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 00:01:31 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683683.169977,VS0,VE1
etag: "e4469edf0dfca6f7845a13a7b325dd05"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 21867
date: Sat, 12 Feb 2022 16:34:43 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5012
last-modified: Thu, 03 Feb 2022 22:41:48 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=uxXxow==, md5=5Eae3w38pveEWhOnsyXdBQ==
x-goog-generation: 1643756617957502
expires: Sat, 04 Feb 2023 00:01:31 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
57 B 92ms
91ms Fetch
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
108ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 234 KB
43 KB 89ms
7ms Script
text/javascript 52.222.236.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-85.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

392c6aafee7e281e0a53cb50a51d3e36947bb6ffe267894ccab29cb191398668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3a691-5d7bab413e379-gzip"
age: 1574
x-cache: Hit from cloudfront
content-length: 43241
access-control-allow-origin: *
last-modified: Fri, 11 Feb 2022 09:29:28 GMT
server: Apache
date: Sat, 12 Feb 2022 16:08:30 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: jiXRwP37SAMTzqWsrNTw9BpJlWyqpqlLtVcCc9FmyvnrE-TJQCXA4Q==
expires: Sat, 12 Feb 2022 17:08:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 69ms
32ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 56ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
258 B 205ms
204ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3161738646515673&correlator=2454838583364514&output=ldjh&eid=31063378%2C31064838%2C44756431&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220212&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D405&cust_params=als_test_clientside%3Dempty_empty_empty_empty_empty_20220212163443%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644683682401%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dnewjersey%26des%3Dlotteries%26auth%3Dliamstack%26coll%3Dnewyork%252Cusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000006402132%26pt%3Dnt1%252Cnt11%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt5%252Cnt9%252Cpt17%26gscat%3Dneg_mastercard%252Cgs_entertain%252Cneg_bp%252Cgs_entertain_gambling%252Cgs_event_music_festival%252Cgs_business%252Cgs_tech%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_disp_incr_0_control%252Cdfp_prebid_0521_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%26sov%3D2%26page_view_id%3DVK6MUBkrig7G_WTK7YRW6Wk7%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D_3TXuwCbik_r3q5JzlY0fU&cookie_enabled=1&bc=31&abxe=1&dt=1644683683269&lmt=1644683682&dlt=1644683682855&idt=391&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=76&adks=4262024170&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=2072495570.1644683683&ga_sid=1644683683&ga_hid=587754095&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1d7a48aa348375489dade91d95085b32a09bb2cd408fd4be128a51e8a63de27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2526 6 KB
4 KB 66ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 12 Feb 2022 16:34:43 GMT
expires: Sun, 12 Feb 2023 16:34:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:43 GMT
age: 813
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 85fd1a6a8e97e7cb
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 43
x-timer: S1644683684.630428,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:43 GMT
age: 813
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: a90c70d9b70cebba
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 44
x-timer: S1644683684.651583,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:43 GMT
age: 813
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 916b900e6251c579
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 45
x-timer: S1644683684.678280,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
767 B 113ms
113ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 2f26516c55788550-88f2dcd4953e63f-1
x-cache: MISS
samizdat-x-instance: 7b9ef077
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 6712611fdb622ad2
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: BW
server: samizdat-graphql-d2257a7
x-timer: S1644683684.639403,VS0,VE106
x-nyt-continent: EU
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 2f26516c55788550-88f2dcd4953e63f-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 649 B
1 KB 236ms
194ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&pageviewID=VK6MUBkrig7G_WTK7YRW6Wk7
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: b5c24fd02fefc3e71a64c00c43c0c58a3ca1d6fd6c14f7c9b6d2ec0416d0b4e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 649

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
271 B 111ms
110ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: fe2eacf787b06af-1fe33a01022f1bc4-1
age: 0
x-cache: MISS
samizdat-x-instance: bb7e734f
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 3100499562859dbf
content-length: 77
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-d2257a7
x-timer: S1644683684.660144,VS0,VE104
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: fe2eacf787b06af-1fe33a01022f1bc4-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 176ms
175ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 8a341b71a554a4cce9df222ea181a2eeb41b5e11db6fa86df22014f479a616ef

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 6690abec61dd1d54-1a7df28d94ffb7de-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 1f2d4961
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 868b85324d367ad4
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sat, 12 Feb 2022 16:34:43 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644683684.687578,VS0,VE168
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 6690abec61dd1d54-1a7df28d94ffb7de-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-0aca512b1f6ff9f3d6fe.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
15 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-0aca512b1f6ff9f3d6fe.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e17919e8a49111b87e1c6cd882899c91d61d6ee5114c7b19cce0db412f96bc5c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 824223
x-guploader-uploadid: ADPycduGtdbsWKsV2AGbtwyTCIJT3mQefJwryX7IVC65ja8_EZjxPVwMq7V11DYoDvBwpji7ztMA3fauaJHOjffY0ss
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-03 03:37:40 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.680456,VS0,VE1
etag: "e4e464994e06176f291d228ccbd82979"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-0aca512b1f6ff9f3d6fe.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19260
date: Sat, 12 Feb 2022 16:34:43 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14990
last-modified: Tue, 01 Feb 2022 15:32:52 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Vzeurw==, md5=5ORkmU4GF28pHSKMy9gpeQ==
x-goog-generation: 1643389437608740
expires: Fri, 03 Feb 2023 03:37:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 51109
accept-ranges: bytes

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 155ms
115ms Fetch
text/html 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: b03dcf531229384136eeac14585781f6
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Sat, 12 Feb 2022 16:34:43 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 264ms
226ms XHR
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&jkcb=1644683683693
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8842b6c1710190868d51dbaf1bb3665308efe1813bb513ea4b0610ca0d4ea172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 9b666d54850e822a7576e48e351cc4d5
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 830
expires: Sat, 12 Feb 2022 16:34:43 GMT

GET
H2 200 clientSideCapsule-79e485ceec7cdfe371c5.js Show response
www.nytimes.com/vi-assets/static-assets/ 432 KB
107 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-79e485ceec7cdfe371c5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f2ddb8ea968e8f1e19b013e4dfaa670fdee1bd4b47c9ab94f7e0957e22c45574

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 261368
x-guploader-uploadid: ADPycdvvM7qkzcPSWkNf3JnOha96YeB7Q8y9yxoQxFjwtTYQvVA_0z0kclb1RvOfc068EEFC5pCKhE5SdF4PtQnh-A
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 15:58:35 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.713009,VS0,VE1
etag: "cc050f54d232d4e3be39fb987fd2c9ea"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-79e485ceec7cdfe371c5.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4830
date: Sat, 12 Feb 2022 16:34:43 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 108857
last-modified: Wed, 09 Feb 2022 15:46:09 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=OgGciQ==, md5=zAUPVNIy1OO+OfuYf9LJ6g==
x-goog-generation: 1644421569217991
expires: Thu, 09 Feb 2023 15:58:35 GMT
x-gdpr: 1
x-goog-stored-content-length: 442149
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 117ms
116ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
111ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 414 B
246 B 43ms
43ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3161738646515673&correlator=2454838583364514&output=ldjh&eid=31063378%2C31064838%2C44756431&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220212&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D837&cust_params=als_test_clientside%3Dempty_empty_empty_empty_empty_20220212163443%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644683682401%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dnewjersey%26des%3Dlotteries%26auth%3Dliamstack%26coll%3Dnewyork%252Cusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000006402132%26pt%3Dnt1%252Cnt11%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt5%252Cnt9%252Cpt17%26gscat%3Dneg_mastercard%252Cgs_entertain%252Cneg_bp%252Cgs_entertain_gambling%252Cgs_event_music_festival%252Cgs_business%252Cgs_tech%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_disp_incr_0_control%252Cdfp_prebid_0521_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%26sov%3D2%26page_view_id%3DVK6MUBkrig7G_WTK7YRW6Wk7%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D_3TXuwCbik_r3q5JzlY0fU&cookie_enabled=1&bc=31&abxe=1&dt=1644683683941&lmt=1644683682&dlt=1644683682855&idt=391&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2023797970&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&ga_vid=2072495570.1644683683&ga_sid=1644683683&ga_hid=587754095&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

68a745cb58fe779c2375d92db2ab5cc040db482ae95c732b96df678692e42122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
111ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 0839 24 KB
8 KB 74ms
74ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=456856&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ea822434760711bddfbb0031237b1b8957b04727e9bb51dbdc5c0b7ddc7edf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-FBd/BAQ0VTVDQnqDIJnhig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-FBd/BAQ0VTVDQnqDIJnhig' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Feb 2022 16:34:44 GMT
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-FBd/BAQ0VTVDQnqDIJnhig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-FBd/BAQ0VTVDQnqDIJnhig' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 863885960ab39771
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 46
x-timer: S1644683684.016179,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 11 KB
3 KB 158ms
158ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 79992b2d838aa04b37edcd2d59b098d97176ee0973b1aa19e75be2d8d77613e1

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 7340b439e0a3c0f1-4252bae43be64d46-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: fa27d9a3
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 2aa9ab1186903f71
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sat, 12 Feb 2022 16:34:44 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644683684.024245,VS0,VE151
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 7340b439e0a3c0f1-4252bae43be64d46-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 76 KB
16 KB 522ms
514ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ab2f1db1c3a106cd4877802072a53738dc61d6020da2a8b100209ce708bd1aa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4051-HHN
expires: Sat, 12 Feb 2022 16:34:44 GMT
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_all_Monthly-Sale-dock","gateway":"MAG_web_nonsub_all_monthly-sale","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1644683684.076759,VS0,VE508
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 67d19fdb14a1a883936baa0ec216d78a
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1792
date: Sat, 12 Feb 2022 16:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 12 Feb 2022 18:04:52 GMT

GET
H3

200

activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fn... Show response
5290727.fls.doubleclick.net/ Frame EE8E
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2F...

560 B
405 B

54ms
39ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

b133ff7796067394717d00a028a3540dcee1c188e32ff9f21e34e2d3e00be6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Feb 2022 16:34:44 GMT
expires: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Feb 2022 16:34:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 57ms
7ms Script
application/x-javascript 2600:9000:223c:b000:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:b000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 15:04:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 5430
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: JA8z7W3XCQvoROxD02z1a1i6eAalE_YFo2y0ObvGBXWFsWfo7rAHKw==
expires: Sat, 12 Feb 2022 17:04:14 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
668 B 19ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
content-type: application/javascript
age: 45366
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4051-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1644683684.134916,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2952

POST
H2 200 track
a.et.nytimes.com/ 0
0 118ms
118ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 107ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1897168945
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
564 B 25ms
11ms XHR
application/json 52.222.236.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-85.fra56.r.cloudfront.net
Software: DataDome /
Resource Hash: 63aff75a7499c36caab2a576f5950f31ad57d7e8f3b7d57e665cd51ac089f5a4

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: fb9Fv5Ru2rW1WjpvxQJQmxL2t4jp0Tv-URTcB1QVyh0Yp0XIpa0Hhw==
expires: 0

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 0839 0
22 B 27ms
26ms Other
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-FPyH0TOTr4HquYmjnfgF5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-FPyH0TOTr4HquYmjnfgF5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456856&publicationId=nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-FPyH0TOTr4HquYmjnfgF5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-FPyH0TOTr4HquYmjnfgF5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
34ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 266ms
266ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3161738646515673&correlator=2454838583364514&output=ldjh&eid=31063378%2C31064838%2C44756431&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&npa=1&sc=1&sfv=1-0-38&ecs=20220212&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dbottom%26pos%3Dbottom%26request_time%3D1327&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-21.441422221900562248_20220212163443%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1644683682401%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dnewjersey%26des%3Dlotteries%26auth%3Dliamstack%26coll%3Dnewyork%252Cusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000006402132%26pt%3Dnt1%252Cnt11%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt5%252Cnt9%252Cpt17%26gscat%3Dneg_mastercard%252Cgs_entertain%252Cneg_bp%252Cgs_entertain_gambling%252Cgs_event_music_festival%252Cgs_business%252Cgs_tech%252Cgv_safe%252Cgs_t%26abra_dfp%3Ddfp_disp_incr_0_control%252Cdfp_prebid_0521_0_control%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%26sov%3D2%26page_view_id%3DVK6MUBkrig7G_WTK7YRW6Wk7%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D_3TXuwCbik_r3q5JzlY0fU%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26typ_materials%3D%2523news%2523&cookie=ID%3D47988ef94bf9c083%3AT%3D1644683683%3AS%3DALNI_MYjlkdT922PaoWbM8cBbluszaVigQ&bc=31&abxe=1&dt=1644683684185&lmt=1644683682&dlt=1644683682855&idt=391&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1095&adks=568693896&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2072495570.1644683683&ga_sid=1644683683&ga_hid=587754095&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b544f3774ca6e4ff8d32adc941e322030cc495f3e4cc002772b042134ac064c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9304
x-xss-protection: 0
google-lineitem-id: 5890860952
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378365079
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~footerBlock-6a1453ea27ad5c491c1e.js Show response
www.nytimes.com/vi-assets/static-assets/ 42 KB
14 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~footerBlock-6a1453ea27ad5c491c1e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bdc567349ecc3e136c8c9484fbf28b6cb2ad0f6f6462c649486869c6a2256098

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 863470
x-guploader-uploadid: ADPycdvxqzRrb99ztdWz--XZury56y9W2pgryIcwo-nxYfLIumvDBxUuZTuU0gVYj5kUDqSQeM6VFkvsCX5uzUXdWpk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:34 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.194272,VS0,VE1
etag: "f947ce91be99a027029a70a5f7d2af1b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~footerBlock-6a1453ea27ad5c491c1e.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10772
date: Sat, 12 Feb 2022 16:34:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 12797
last-modified: Tue, 01 Feb 2022 15:32:53 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=0bwiFQ==, md5=+UfOkb6ZoCcCmnCl99KvGw==
x-goog-generation: 1643729573072208
expires: Thu, 02 Feb 2023 16:43:34 GMT
x-gdpr: 1
x-goog-stored-content-length: 43361
accept-ranges: bytes

GET
H2 200 footerBlock-bd40f01fcb3d3fc0686d.js Show response
www.nytimes.com/vi-assets/static-assets/ 16 KB
6 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/footerBlock-bd40f01fcb3d3fc0686d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

238706e50a3262bdfed3478c304e79d60c18d98cdc1855e252ca7be2ca3bc4e8

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 692266
x-guploader-uploadid: ADPycdvMUe5B_wVoSVWqV4j94TEcA84pVQBvDd7yLeT3mlETJwlW9zs9MoU_OrZARQsGslm37PNLoN375xtF9tuSSJk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:17:07 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.194627,VS0,VE1
etag: "c77f1a399bb4a59336a69dab4e1ce3fb"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/footerBlock-bd40f01fcb3d3fc0686d.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11709
date: Sat, 12 Feb 2022 16:34:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5280
last-modified: Fri, 04 Feb 2022 16:09:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=/Of0DA==, md5=x38aOZu0pZM2pp2rThzj+w==
x-goog-generation: 1643990978090061
expires: Sat, 04 Feb 2023 16:16:58 GMT
x-gdpr: 1
x-goog-stored-content-length: 16763
accept-ranges: bytes

GET
H2 200 related-coverage-chunk-584c69572ee263ba66f2.js Show response
www.nytimes.com/vi-assets/static-assets/ 9 KB
4 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/related-coverage-chunk-584c69572ee263ba66f2.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f6ec8a41172aa73d11df23b199df2189680b2354bb2f4ca31a2d502f50427eba

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 863470
x-guploader-uploadid: ADPycdvERS46kxghuo6P8iGdwHCkGGXyAvkW3nmfVwODNLEF1XkBwfu7TugIJJlN7odO8w6E2iNqt3DRY2wf9jAjNGE
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:34 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.194938,VS0,VE1
etag: "2920e7d2e7297a69cf415ae880b94a9b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/related-coverage-chunk-584c69572ee263ba66f2.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11918
date: Sat, 12 Feb 2022 16:34:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 2751
last-modified: Tue, 01 Feb 2022 15:32:52 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=UJ1ZUA==, md5=KSDn0ucpemnPQVrogLlKmw==
x-goog-generation: 1643729572812632
expires: Thu, 02 Feb 2023 16:43:34 GMT
x-gdpr: 1
x-goog-stored-content-length: 8798
accept-ranges: bytes

GET
H2 200 vendors~emailsignup~newsletter~newsletters~recirculation-51205fdb9df28e5d0d83.js Show response
www.nytimes.com/vi-assets/static-assets/ 64 KB
16 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-51205fdb9df28e5d0d83.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b2a1143cf67ba22fd0cc98146c3cb028245f6e91e7d0d036944ac2183044aead

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 92078
x-guploader-uploadid: ADPycdsO8NtIY3a1nIsKku0hO1c4SdtDJm2L0c8nf5Ikna0Prys7h6ACxfLMZtHxVQch2PAxDS6er_dpYgMsW10TVnE
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-11 15:00:05 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.198421,VS0,VE1
etag: "e91656585f60955d59c71c4bb3fefd20"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-51205fdb9df28e5d0d83.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2235
date: Sat, 12 Feb 2022 16:34:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15583
last-modified: Fri, 11 Feb 2022 14:39:28 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=EJUr2w==, md5=6RZWWF9glV1ZxxxLs/79IA==
x-goog-generation: 1644590368835739
expires: Sat, 11 Feb 2023 15:00:05 GMT
x-gdpr: 1
x-goog-stored-content-length: 65224
accept-ranges: bytes

GET
H2 200 getstarted~newsletter~recirculation~welcomesubscriber-fe40085a09d83e0d7168.js Show response
www.nytimes.com/vi-assets/static-assets/ 26 KB
8 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/getstarted~newsletter~recirculation~welcomesubscriber-fe40085a09d83e0d7168.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0934260fab178d75295c8aedbf316b2bce7015986c1db92990550a96c8e9104c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 692308
x-guploader-uploadid: ADPycdsuKq8DQ1WEgzMAryCrxfQ6P_ByXLnkqqmUp3P4vkDRDplVW7mVp6giA18Mg6cWpfHx7VAF-CFT70NbNpYn0P8
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-04 16:16:16 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.198523,VS0,VE1
etag: "030a195d57b0763d2f6c834252d32260"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/getstarted~newsletter~recirculation~welcomesubscriber-fe40085a09d83e0d7168.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 13435
date: Sat, 12 Feb 2022 16:34:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7913
last-modified: Fri, 04 Feb 2022 16:09:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=t+XVPg==, md5=AwoZXVewdj0vbINCUtMiYA==
x-goog-generation: 1643990978012893
expires: Sat, 04 Feb 2023 16:16:16 GMT
x-gdpr: 1
x-goog-stored-content-length: 26716
accept-ranges: bytes

GET
H2 200 recirculation-0e9f57906c1bb0d2c7ef.js Show response
www.nytimes.com/vi-assets/static-assets/ 124 KB
34 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/recirculation-0e9f57906c1bb0d2c7ef.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5f21e4306187c7589ea3323fbe380d8e54adbff57f3775d44385c3745ca44a95

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 233960
x-guploader-uploadid: ADPycdtKhBv0Di0bC5CfWmA1bV98bh-I_zqYhDSK1Z2wZKh_DFMjDr-GF2Dmecwa-xHjmjfwJ7XqeeY84Do3J9xZcCx3UHHdPA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-09 23:35:24 UTC
x-served-by: cache-hhn4051-HHN
x-timer: S1644683684.198608,VS0,VE1
etag: "2c4c20e9acd61d493856bc3c746c6554"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/recirculation-0e9f57906c1bb0d2c7ef.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4721
date: Sat, 12 Feb 2022 16:34:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 34709
last-modified: Wed, 09 Feb 2022 23:22:22 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=CQcf2w==, md5=LEwg6azWHUk4Vrw8dGxlVA==
x-goog-generation: 1644448942128642
expires: Thu, 09 Feb 2023 23:35:24 GMT
x-gdpr: 1
x-goog-stored-content-length: 126708
accept-ranges: bytes

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 0839 21 KB
6 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456856&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 16:52:50 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 0839 162 KB
57 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6kDDAJOsqwPx0hvpO8tE0GJrPsjQ/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456856&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e876fe3f68a6232e713b43dc97f51f2de9b821691321bd05cf1759164a069b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58029
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:36 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 299ms
97ms Image
image/gif 54.198.123.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&u=CzOIohcfmXvzM-qJ&d=nytimes.com&g=16698&g0=nyregion%2Cmetro_desk&g1=LIAM%20STACK&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2102&t=C4r2DrBLWmTmCPp-NhCLS5eOBoF5Sf&V=129&i=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&tz=0&_acct=anon&sn=1&sv=C94ugd7UrEyCIXa7EDBVoS8CM-Qrh&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.123.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-123-195.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=587754095&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&dr=&ul=en-us&de=UTF-8&dt=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1990486550&gjid=1676195179&cid=2072495570.1644683683&tid=UA-58630905-2&_gid=539703024.1644683684&_r=1&gtm=2wg290P528B3&cg1=nyregion&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd3=&cd4=New%20York&cd9=9&cd10=null&cd13=null&cd14=metro_desk&cd15=earned&cd16=referring_links&cd17=100000006402132&cd18=LIAM%20STACK&cd19=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&cd20=&cd21=Article&cd23=New%20York&cd26=2019&cd27=2019-03-08-22&cd28=Friday&cd29=22&cd30=1552195663000&cd32=New%20York%2CU.S.%20News&cd33=SECTION&cd34=NEWS&cd36=08xp-lottery&cd37=837&cd38=Express&cd42=nyt-vi&cd43=Lotteries&cd46=New%20Jersey&cd48=March&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Express&cd54=metro_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=_3TXuwCbik_r3q5JzlY0fU&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=_3TXuwCbik_r3q5JzlY0fU&z=755077706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0839 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456856&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 364599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 11:18:05 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 9d83ef40c77b5711
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 47
x-timer: S1644683684.251007,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 4 KB
1 KB 203ms
202ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 67b1921b57db12149d069ccfb32f120bd9c8997034256cdd9ec02e1e04157dc5

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 3b42dbe977910519-590f770dc4adcd2-1
age: 0
x-cache: MISS
samizdat-x-instance: ef4ae80c
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: e21dd970d8aa8c5e
content-length: 1363
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sat, 23 Jan 2021 17:35:05 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644683684.259629,VS0,VE196
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 3b42dbe977910519-590f770dc4adcd2-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 958a607c40982d0b
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 48
x-timer: S1644683684.262239,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 2 KB
2 KB 152ms
151ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: a9d79bda0f121f5a0dd7c652045f95fe6486e01e11a4816a27b7d5d0361ef267

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 3b42dbe977910519-590f770dc4adcd2-1
age: 0
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: b5dba0d2961163ae
samizdat-x-canary: false
x-graphiti-gateway: 5497761c
x-nyt-country: DE
x-timer: S1644683684.270808,VS0,VE141
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BW
x-cloud-trace-context: 633f181f9e26cf6afd7bb56918785777/16999862715271182715;o=1
cache-control: max-age=30, public
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: ef4ae80c
content-length: 1097
last-modified: Wed, 02 Feb 2022 21:58:31 GMT
server: samizdat-graphql-d2257a7
x-served-by: cache-hhn4051-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 3b42dbe977910519-590f770dc4adcd2-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 9044bac75f94c333
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 49
x-timer: S1644683684.293133,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 206 KB
29 KB 217ms
216ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: f37b79335721e676450a88147487eaf2e3036944c7e58fc65790557db5a19595

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 1fc1ea748fe4b318-16a1c088f8aa6565-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 24dcfc59
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: a861638046624503
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sat, 12 Feb 2022 16:34:44 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644683684.301574,VS0,VE210
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 1fc1ea748fe4b318-16a1c088f8aa6565-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1... Frame 0839 37 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1.O/am=GgAg/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI76QEtM2jKPrr4bTja6AWocpUlM2g/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6kDDAJOsqwPx0hvpO8tE0GJrPsjQ/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c5b42f5de966f4b7f36b27553ff14509dcfe996fd80069c52cd8e80e56edbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:42 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
111ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: bbe9a6b14d949d22
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 50
x-timer: S1644683684.339592,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 205 KB
29 KB 243ms
243ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 9ea426903e100c362441db7e9a0d79ecf2454bb5cc95c23feb959adb4c4f6e22

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 4bd412df13edd176-35e51aaa1e180bbd-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 4beac781
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 17f9fd00bb062d52
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sat, 12 Feb 2022 16:34:44 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644683684.348496,VS0,VE235
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 4bd412df13edd176-35e51aaa1e180bbd-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 6 KB
2 KB 59ms
29ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=www.nytimes.com&t=5482279&v=1.720.0&sl=0&si=0dcded3b-feb2-4c23-b37c-aea266e6f3d8-r77a1u&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 74a8b7cdeb83227f3c9c02eadb2b143ac9caeed4c14b4d95304d067f888cb412

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 16:34:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1563

GET
H3 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1... Frame 0839 104 KB
35 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1.O/am=GgAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI76QEtM2jKPrr4bTja6AWocpUlM2g/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b58ce0d8820debb831fac3c6c34accc5176f22dd4cc6b85630d1196a6b1519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36048
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:42 GMT

GET
H3 200 dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mi...
adservice.google.com/ddm/fls/z/ Frame EE8E 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CL61jZbM-vUCFSNBHQkdkf8ODQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4777646333540;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 0839 422 B
318 B 35ms
35ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=-1497334232486874318&bl=boq_subscribewithgoogleclientserver_20220210.11_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=59685&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

748eed6903836fd9a33cfe7d6b1909f1acf4b2c09d29c89bdd826d5b32ded63c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1... Frame 0839 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.5WASvdyN3uk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.I-Lyu8ZQ8Is.L.B1.O/am=GgAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI76QEtM2jKPrr4bTja6AWocpUlM2g/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550d600e503aeee5863408aaf3c4495dee30466665e9789b91d3a020d0ffca68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7250
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 01:51:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 20:45:43 GMT

POST
H2 200 log Show response
play.google.com/ Frame 0839 131 B
672 B 49ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 12 Feb 2022 16:34:44 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0839 131 B
155 B 33ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 12 Feb 2022 16:34:44 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 12 Feb 2022 16:34:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0839 131 B
155 B 32ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 12 Feb 2022 16:34:44 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 12 Feb 2022 16:34:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0839 131 B
155 B 31ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 12 Feb 2022 16:34:44 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 12 Feb 2022 16:34:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 433A 0
0 41ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7vNmLUWt9ikuIAXrHUARpXPkPo_oPfFOlpnzj1nAsu-Pqlto14XidDmc1zXYEHak1g9A6O3xGe59NJgoICujyRQJnVeL3lo1pRg6DGhS5NWQahpMZa9UjYGynSRHmajdi06evMwQ0ELEFJBWXSuPmVHAtYxURBSSGA8htr-v4ylFh3lP1hkSceleMsfUwhJouWOHWeidcfemi7Vjw6DHC1lB21E7AFLBcDuXmx5nnYJfZfNEJAsNRNxFGsT8Gnw3N4wznHVE4ThyudOIEd2Zr6QNVsM0ItVJ8wCA7OEYTk3SolPQ6hlNiu-TraboryVgPBkkE0-4Tclr8RoQZE1cJKzq7MK2gCZwFTQ&sig=Cg0ArKJSzOjP6mY3msEMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 433A 124 KB
38 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 16:34:44 GMT

GET
H2 200 11888870046749205293
tpc.googlesyndication.com/simgad/ Frame 433A 213 KB
214 KB 30ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11888870046749205293?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85c46afd74b3ec1967842de43cfbafe825b1877e1260988f70fc06e8cf0fcf11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:18:07 GMT
x-content-type-options: nosniff
age: 339397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217972
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 16:21:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 18:18:07 GMT

GET
H2 200 cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 7ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=zgCcGg==, md5=oirj7R53XOkM7Rbxgi9N3A==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 3328758
x-guploader-uploadid: ADPycduMIQkYPsY4GcH_gTOnDXUeimbEtU-mqFcrXPrg6B6L0U-0zCXlmVgYlw2r2DxW5Rfkk3ag7m_LM9UHRrnk9QM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28604
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Thu, 05 Jan 2023 03:55:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683684.494385,VS0,VE0
etag: "a22ae3ed1e775ce90ced16f1822f4ddc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982701673
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28604
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 24349

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 433A 0
0 43ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-yvrywOJ6RmeUn6hxYKPn7WK-dpMCXU--_yk5X90xvrdSLetGO_MNBN52oNSWQ34_jAPcEgO2d0KPC7dWfDhELBJ5BErzSYdW5KOlX5k2VJF8YYYZcHi-FOKpkiCmaeggPr8AwRLRCtufySBJlm8D3gSsLuiXBWZABqhHMJD-DcTxAzoTArDNZxR8bVR5XbxD8rVHPTeY48nNwVdo4atYCiyjCwZx59zxHeoyokxX8eeHYPycOI82y2Nw_tK6PMUaSntqoDMEYWVU1_fpmO_-3cA8sXZddRRH7iW5BnoJnNIXmayI4JwurP7mOoUGp9A&sig=Cg0ArKJSzBWNPLcleX-gEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 12 Feb 2022 16:34:44 GMT

GET
DATA 200
OK truncated
/ Frame 433A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a442df6eb72df1b4eeb363123519a1b74d1c50c172c434fa051aa65558496ed5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 .status
a.et.nytimes.com// 0
0 101ms
101ms Fetch
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 43ms
21ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42565118dc15245af7c2014417f5c3a34bccb35dad1286b739c60b454cbb37e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9851
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 141ms
60ms Script
application/javascript 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: G6FJE2Y7TFVA5Q0G
x-amz-id-2: ebPmRWT1CcOfDRLE1YrpVJD0d3oJuWgCMsYvHtWL2bav3bL0retvGkp6MuyYCxVbyBIB09sOP0o=
last-modified: Tue, 21 Dec 2021 18:11:17 GMT
server: cloudflare
etag: W/"851a8e8d3ce808a979323f763dc260b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVXydrpN2Z5J7UNILLWo9jqUWv5m%2FtCdLVN2rLTovUNye4zYqAWOIlzyUItD84j2mOuO9BsONuGWIPJa8wimJZVmojyq4Vkq8N%2F%2BHzNlFyhbwvR1ahpMdc3SYBXpxKH4IucXfTLoK8xuOPi1oiRRJcy6p5Eg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6dc739e55a443b4f-CDG

GET
H2 200 08xp-lottery-jumbo.jpg
static01.nyt.com/images/2019/03/10/nyregion/10xp-lottery-p1/ 31 KB
32 KB 7ms
7ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2019/03/10/nyregion/10xp-lottery-p1/08xp-lottery-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c244645916870ba90a2e4743816d47e7dbbbea1c841b678255985a408d686f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 577418
x-guploader-uploadid: ADPycduWkGW4VKv8dd8X8PBie6j7GwsxiM-z0eWDGJ1id5yywI3mhex1V73XfKTuwqtqVwbImlFx2B_qF8OtwSqxGJ46SK8CuA
x-cache: HIT, HIT
fastly-io-info: ifsz=97912 idim=1024x601 ifmt=jpeg ofsz=32236 odim=1024x601 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 32236
x-served-by: cache-iad-kjyo7100026-IAD, cache-hhn4051-HHN
server: UploadServer
x-timer: S1644683685.617033,VS0,VE0
etag: "CV4bb04hCMi/7XiCFp564C73Ac5V9OKnRfeFeMAyQ9M"
vary: Accept
x-goog-hash: crc32c=JchCIw==, md5=vaSgdrNJ+1+gb9AeptG9FA==
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 30 Jan 2022 00:10:58 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/ 103 KB
14 KB 17ms
8ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 709adf3ed6f6e51676824119a625e3ecd57fade61baa60443089cde1ac7b3800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
age: 246645
x-cache: HIT
content-length: 14691
x-served-by: cache-hhn4051-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 19:09:49 GMT
server: nginx
x-timer: S1644683685.625385,VS0,VE0
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 429

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 221 KB
69 KB 14ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fa610fbd867d1e4543bccfafd96ab08601f001cd3251c6649a6aaab54bc54f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
age: 246645
x-cache: HIT
content-length: 70572
x-served-by: cache-hhn4051-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 19:09:49 GMT
server: nginx
x-timer: S1644683685.625495,VS0,VE0
x-origin-server: mwcm-pub-est09.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1314

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/ 23 KB
6 KB 13ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d09b7b0c955ad436b296c77df5c697479e1ca306619ba3e065fcc9a1342bcc7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
age: 246645
x-cache: HIT
content-length: 6090
x-served-by: cache-hhn4051-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 19:09:49 GMT
server: nginx
x-timer: S1644683685.625401,VS0,VE0
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 635

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
111ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: b8d7490f6e2db366
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 51
x-timer: S1644683685.653518,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: e6c6daa4b9b27a4a3b61ad2b484e4079/8724496207949634068
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Feb 2022 16:34:44 GMT
age: 814
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: BW
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: a0a0ceb7284d0673
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 52
x-timer: S1644683685.685310,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 9 KB
2 KB 166ms
166ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 5512385f1560a464532bdc96425346b8b6671879d8441486baf219f7d88f3f07

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 37afbabc463e043a-288495f174961465-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: f4dfcebd
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 67be2a66506d691a
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Sat, 12 Feb 2022 16:34:44 GMT
server: samizdat-graphql-d2257a7
x-timer: S1644683685.662714,VS0,VE158
x-nyt-region: BW
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 37afbabc463e043a-288495f174961465-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 data.json Show response
static01.nyt.com/storylines/storyline-of-storylines/ 402 B
817 B 133ms
132ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/storylines/storyline-of-storylines/data.json
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/recirculation-0e9f57906c1bb0d2c7ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0e653f468a894db64fd1f1ced01f57d2057d887feb188ec066900d23e0d0fb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish, 1.1 varnish
x-guploader-uploadid: ADPycdvCjB5_5F1hjCuCsrUl0RNVyKK_izydi6ahSqczTdaesbOV92rgSIHOz0XrYeRFcQw9XslhroX-brF6K_IvwtA
x-cache: MISS, MISS
x-goog-storage-class: STANDARD
x-cache-hits: 0, 0
content-length: 402
x-served-by: cache-iad-kiad7000114-IAD, cache-hhn4042-HHN
last-modified: Sat, 12 Feb 2022 16:30:01 GMT
server: UploadServer
x-timer: S1644683685.684426,VS0,VE126
etag: "b8e304d38faebb089b4a858dd5d37dac"
vary: Accept-Encoding
x-goog-hash: crc32c=mOdWKg==, md5=uOME04+uuwibSoWN1dN9rA==
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 16:34:44 GMT

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 128 B
888 B 127ms
127ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-c5ae748151e1a510711c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d2257a7 /
Resource Hash: 24b0af7517bd172c93373c015f9bdccdc36cdb3fe36690fae55a4b3a7487deb5

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-nyt-meridiem: PM
x-b3-traceid: 385c3d42b54639f6-5f6a5a49afb1a52-0
age: 0
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 23454854ebc53f56
samizdat-x-canary: false
x-graphiti-gateway: 5497761c
x-nyt-country: DE
x-timer: S1644683685.693216,VS0,VE120
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BW
x-cloud-trace-context: c39983526827bf31ad8cca2764946b93/2327817261913082538;o=1
cache-control: max-age=30, public
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: ef4ae80c
content-length: 128
last-modified: Sat, 12 Feb 2022 16:34:44 GMT
server: samizdat-graphql-d2257a7
x-served-by: cache-hhn4051-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 385c3d42b54639f6-5f6a5a49afb1a52-0
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 16:34:44 GMT

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
6ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2220968
x-guploader-uploadid: ADPycdthArV4L3K0iNxxJTb_sc9ZZXcs7Ofy9K6kGmSauVHZg2n7pfqstYxWbvvewLWDeYj7xgogYci0g4bj5Ew_7SFy54BTmA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:38:36 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683685.742232,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 48737

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2215921
x-guploader-uploadid: ADPycdufpJt9uHnzke8zHacBbB_kWYwBiP0odq5m8QvVK12i_S1IokydXEaAh27TGY6E4j-B9qf2IxeDkaD-kFaECMs
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Wed, 18 Jan 2023 01:02:42 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683685.744213,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 56091

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 7ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8091622
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683685.746149,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 38884

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11119948
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683685.746297,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 56792

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 8ms
8ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 5841122
x-guploader-uploadid: ADPycdsM45IrPMPivF_8h6yPPqhAyFMvBOlx58tkw04XZ1dsS0TrHJ4Aha5EF4VBAbdb2gnC4QSuS4CMfTd2fz7ImuFOJX9Eqg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Wed, 07 Dec 2022 02:02:42 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1644683685.746399,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984069574
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 24238

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 8ms
8ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2220906
x-guploader-uploadid: ADPycduqaMXBgRcn7MaFE0xauF1LRpBsw12QO0GlqFvN8l8TjEYXxEFWI2i9FV13QZWYXeF0729D8DVFmoxY7aqUiOCBWzXN7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:39:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683685.747069,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23391

GET
H2 200 cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 7ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=zgCcGg==, md5=oirj7R53XOkM7Rbxgi9N3A==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 3328758
x-guploader-uploadid: ADPycduMIQkYPsY4GcH_gTOnDXUeimbEtU-mqFcrXPrg6B6L0U-0zCXlmVgYlw2r2DxW5Rfkk3ag7m_LM9UHRrnk9QM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28604
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Thu, 05 Jan 2023 03:55:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683685.751311,VS0,VE0
etag: "a22ae3ed1e775ce90ced16f1822f4ddc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982701673
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28604
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 24350

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 7ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2220922
x-guploader-uploadid: ADPycdsiYgaeMkCbqnFh7Mf5jDAeXmqASMX_LpB4aolaV90gPjulJmpoSS2yFElQnV79J54BKs0bepO2wB1L9TzIkcs8yLhiyA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Tue, 17 Jan 2023 23:39:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683685.775186,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 33520

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 915 B
933 B 698ms
697ms XHR
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4c0b0fba1c1e991f177e258828d0ad5ed3004fedd6a79534dfb67c39badbbcfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:45 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 17b20cbe332023f8de9b7f9f0ae2e339
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 464
expires: Sat, 12 Feb 2022 16:34:45 GMT

GET
H/1.1

200
OK

results.txt Show response
yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pq9gw3aet
https://yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

57ms
7ms

XHR
text/plain

95.101.27.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.27.37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-37.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 16:34:44 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Sat, 12 Feb 2022 16:34:44 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pq9gw3aet
https://eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

345ms
84ms

XHR
text/plain

2a03:5f80:a::b212:e7d0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a03:5f80:a::b212:e7d0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 16:34:45 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net/eum/results.txt
Date: Sat, 12 Feb 2022 16:34:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3

200

activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fn... Show response
5290727.fls.doubleclick.net/ Frame 6199
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2F...

560 B
405 B

38ms
38ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

417da05f9da78c7ee1fa4b7dd300bfcd2a41a233763675113397d6cabbe24889

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Feb 2022 16:34:44 GMT
expires: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 12 Feb 2022 16:34:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 114ms
113ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=587754095&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&dr=&ul=en-us&de=UTF-8&dt=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gateway&ea=impression&el=MAG_web_nonsub_all_monthly-sale&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=2072495570.1644683683&tid=UA-58630905-2&_gid=539703024.1644683684&gtm=2wg290P528B3&cg1=nyregion&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd3=&cd4=New%20York&cd9=9&cd10=null&cd13=null&cd14=metro_desk&cd15=earned&cd16=referring_links&cd17=100000006402132&cd18=Liam%20Stack&cd19=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&cd20=&cd21=Article&cd23=New%20York&cd26=2019&cd27=2019-03-08-22&cd28=Friday&cd29=22&cd30=2019-03-10T05%3A27%3A42.529Z&cd32=New%20York%2CU.S.%20News&cd33=SECTION&cd34=NEWS&cd36=08xp-lottery&cd37=837&cd38=Express&cd42=nyt-vi&cd43=Lotteries&cd46=New%20Jersey&cd48=March&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Express&cd54=metro_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=_3TXuwCbik_r3q5JzlY0fU&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=_3TXuwCbik_r3q5JzlY0fU&z=1354529993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:27:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79610
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk-prod-1d3c7a55760b4dff36c9.js Show response
platform.iteratehq.com/ 895 KB
260 KB 83ms
67ms Script
application/javascript 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4573406
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F8GCS1G01DQCBN5C
x-amz-id-2: 5Zz3+rWvRU6iIyAoyC2zBOA+kYX/ZJiMfT2VK8cKiETcdQxntSVLO0JR5QEVgyhqlLZr/T8SOWQ=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"1e60912655a5240d8ec79d1ef3a8098e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lPh8Gc0gGCj%2F6JGshgZ6IMi6Q%2BdZv0jk3HXLTAWZHYyQK%2FRenhIL3Aqxfo23lRghcFiUI7vJmyyreWPwMqwLH1Oqlxivn7u2C1%2By703deVen7UVFBcOiTM8NXoDLUCvHzr47YzwCw6Mv8KMBdWnRi3bAgAj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6dc739e6abdc5c62-FRA

GET
H3 200 style-2bdbffb0210cc2e386f1.css
platform.iteratehq.com/ 130 KB
12 KB 70ms
54ms Stylesheet
text/css 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1589396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RJF4SBDZ510QF9WH
x-amz-id-2: eS+CIllTC0BpoPFQQfFpvwPVIpoTKwkBfaP6/OLfRarNQ1MUdVKzVSYfEBqKuLhKA2r9uomFr4M=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"4737fd744e2551cae9a2bc8884efd7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7JHwJqUZSj26G7QE%2BGGJ%2BtCIfewPDhp%2FBi%2B9e7SUcdlEcOwHmOtTktkJEqHEEK2BT2ttUQAF6i6P4lgFEZbXDLSl9GbfEI43xuZKcYsYyDe6Xo0y%2FbrgDRQoieQuoZkd%2FJiflvF9o%2Fuww63DQfTFj6WWtsT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6dc739e6abde5c62-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 918D 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Feb 2022 16:33:53 GMT
expires: Sun, 12 Feb 2023 16:33:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 51
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 301E 783 B
1 KB 40ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f160a1f01ec432b03affe2e605aface9efce204043dcadb406c18ba84ff5ae1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n9FfPYvyzMAVgp8oL29Pxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 12 Feb 2022 16:34:44 GMT
date: Sat, 12 Feb 2022 16:34:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-n9FfPYvyzMAVgp8oL29Pxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 7ms
7ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 3253938
x-guploader-uploadid: ADPycdsvf-PxJWITWPXQi62Shh06UPLVrGF8bZS6Iz1_mRncxp23rZaNoXJPHjj2dvOZjnmojwS9T1ghsknfnwaYkgc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-hhn4042-HHN
accept-ranges: bytes
expires: Fri, 06 Jan 2023 00:42:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1644683685.904982,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982612741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 30305

GET
H2 200 Breaking.png
static01.nyt.com/email-images/Newsletter%20Icons/ 218 KB
218 KB 9ms
8ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/email-images/Newsletter%20Icons/Breaking.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: be7480468093b9ccca0ad587dd65749efdf0ad30036643b3f0a79c4bbcab96df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 711
x-guploader-uploadid: ADPycduHiN4NsvenZET-5jEMweK-OTnKT9P_IXJUtPJEwFOkDTdcA8LKoPQk05idMQizjhmXg0HrKMn4AYdyoBNR8Z0hVSgqXA
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 222999
x-served-by: cache-iad-kcgs7200131-IAD, cache-hhn4051-HHN
last-modified: Fri, 01 Nov 2019 20:39:57 GMT
server: UploadServer
x-timer: S1644683685.947235,VS0,VE1
etag: "da82e90e90c02362524c7d9808d58e90"
x-goog-hash: crc32c=omtEmg==, md5=2oLpDpDAI2JSTH2YCNWOkA==
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 06:22:12 GMT

GET
H2 200 NYT-AtHome-Icon-NEW.png
static.nytimes.com/email-images/newsletters/AtHome/ 211 KB
211 KB 21ms
11ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nytimes.com/email-images/newsletters/AtHome/NYT-AtHome-Icon-NEW.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7ecfc6ff20329ce36c4faca8940a223994119a96a5b35c63c40a1be312d10be4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 3161
x-guploader-uploadid: ADPycds9BqIAFiDFroJq5Xx8ti-BB468Na4GjhXDowTMWzOx-ImgvAqLXX4i6mpo7NJ1gVYtGVeowbWQu-FM1F0__JWI96GLEQ
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 1, 1
content-length: 215745
x-served-by: cache-iad-kjyo7100035-IAD, cache-hhn4051-HHN
last-modified: Tue, 01 Jun 2021 21:45:29 GMT
server: UploadServer
x-timer: S1644683685.957609,VS0,VE1
etag: "059e407199b5413ad4d7e6e2ecd1543f"
x-goog-hash: crc32c=5w5n7Q==, md5=BZ5AcZm1QTrU1+bi7NFUPw==
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 08:41:05 GMT

GET
H2 200 TheMorning-Icon.png
static.nytimes.com/email-images/newsletters/TheMorning/ 167 KB
167 KB 19ms
9ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nytimes.com/email-images/newsletters/TheMorning/TheMorning-Icon.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9f44c48a83d1b20e3d9db961757c73a44c41bf4b7482fd8bf4fc8ac6fb0618ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:44 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 393
x-guploader-uploadid: ADPycdtadNhbEm5Y7VovbZ6LkwJcA_0UHJEPVQMZTdUPjjLfM_d-jq4lqASZeeqi6IxcDvsosOP-kQ7AkxXZOyifYA
x-cache: HIT, HIT, HIT, HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 170906
x-served-by: cache-bwi5134-BWI, cache-iad-kiad7000154-IAD, cache-bwi5162-BWI, cache-iad-kjyo7100134-IAD, cache-hhn4051-HHN
x-nyt-gcs-bucket: nyt-newsletter-assets-hamburger
last-modified: Thu, 30 Apr 2020 19:18:58 GMT
server: UploadServer
x-timer: S1644683685.957486,VS0,VE1
etag: "706e07f22a43883a1d68ed2715fe84be"
x-goog-hash: crc32c=bIyyKQ==, md5=cG4H8ipDiDodaO0nFf6Evg==
content-type: image/png
expires: Fri, 10 Dec 2021 06:21:55 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2, 1, 1, 1

GET
H3 200 dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mi...
adservice.google.com/ddm/fls/z/ Frame 6199 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIHPuJbM-vUCFdlCHQkdAJwD9w;src=5290727;type=remar0;cat=gatew0;ord=1;num=5763222308741;gtm=2wg290;auiddc=1441918397.1644683684;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 301E 0
0 87ms
72ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020901&jk=3161738646515673&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 918D 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 16:06:32 GMT

POST
H2 204 /
684dd32a.akstat.io/ 0
202 B 210ms
202ms Ping
image/gif 2a02:26f0:1700:58c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd32a.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:1700:58c::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:45 GMT
content-type: image/gif
access-control-allow-origin: https://www.nytimes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sat, 12 Feb 2022 16:34:45 GMT

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 185ms
151ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc472ecee5f7bba331199c50d409e39365167c2176ae80af9a2b5db3e5b1dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Sat, 12 Feb 2022 16:34:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR%2BhHcGabNkNamcNlYSZXdFEVfnG%2F3y3XAfgQkLxXYdrHgg5wqAZnINhBmnawnK9oyxZyeBnx0v%2FALWjcvvy6HEbC6mlClHWGs%2Batkl%2F6lpG1Z8SC7C6FZwhQBm7Pk3kHzrisSPWZdD9EPEO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6dc739e948a23a11-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 207ms
134ms Preflight 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 12 Feb 2022 16:34:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Bloa2ix6JC1DvSAsqhO4rE9H%2FvbmnpXLNMlQU8kmnVYQHLXe9MUm8uuS59dnl13nIMHbGiGDSwOa4ZjkScjJrI3RCiVWFcnqYjuYZ%2FSPoTMAAGypcbe87TI595qmNX2tWEIa82Vcty3jMmS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6dc739e83f9175bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 918D 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xu-77g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 16:34:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020901&jk=3161738646515673&bg=!tbaltvLNAAbAtJCDwLQ7ACkAdvg8Ws047pJi6TLVJNxRCWQ2PDmsPBlfZ21tRXVnSiQ8riK8f3ZdFQIAAABRUgAAAANoAQeZAsDWNbKsN-nZ5x7OP8gLOeGevh0BvWx8e8KBXfWPZysFVnpFmj_eoP1KuuEi2bbdHpQ3y8XKqyKyp-OYnEznLZ5tm4TNKDXWS1FcKy93o6z4enkTsPVxxmVlweJPz-CSkPh8SpbjRDfsNhl6P_5iFmnmlVYChgYUrXAhHAhNCPToj55_db_LfpDMD0J-9Erslle0OXwY1Xe7AIw5okQlE-xvb93l7aoAuhpZWR0X4b6VJqhDI0Rk5s00DqhvVAtk6v0gXqQFRmzlA7p2ItZvKc6ihgtWfgcjA0BX3jGYdi7f75e1F9jIDEHsr295pY7LQ0wtdskmao4Cu0tCsAnGl8DC41qWEUBBJmBbBYAfv5-VMBwEzKHSp3xhUQborfp_irGJnJv1fzM7BXfdMuNEE8K9gS84XealdEaBBjZeARVTABD_Mw01wOnKufxAL_3LNiNPJSiFA1muJwQXthnFI9a2Cg7Ach-0lsHWFB4rW3N-Mi-LDOGlHyQ63YnVCQ5rEDuCO-rNyWlYE2HHCSsImJ3FUSwDhPowiVGk6Xu4DPeKQp5dvrpy74hQ8FP7__kWPjW7gN7QM7DYrbDvwyDe9zuImKyubUERsErDCJWnf_C6jwxT9YpNNOcoM8x84tmV1alGwZvOwwkJiKMEm9LEY2MdBDgkvwpRK9w4qHJ5pHCQwIG2bj3bIFv1p2G8rw_tsYivglqy9A4dLDgCjLHaxZSxiTSHDoZyjUw6jGK-riBzJ3Ng6W9jcw_fXmq_PP91FXDjzBrWXzul2FMQV4y6TOJO_ysAqoobzKr0ucfN5HpRZAJJ9J5ms7YdnDOglW6dcWu1ElKUepowXgSkEt-wM4waxl01LV4xvK_P4T_pL2B97uGprjUqmmEuRLoj-U9yxYPymBkosZtP5Ty51YHD_mckGdc3TjuTI870mHZHXY9Thw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Feb 2022 16:34:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
105ms Ping
application/json 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 09:36:59	Name: nyt-a Value: _3TXuwCbik_r3q5JzlY0fU
.nytimes.com/	1970-01-20 00:51:45	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 09:36:59	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 00:51:45	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 00:51:45	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 775d6aa9ddb249b78f412845a06abc27
.et.nytimes.com/	1970-01-20 00:51:25	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 09:36:59	Name: sessionIndex Value: 1\|1644683683020\|_3TXuwCbik_r3q5JzlY0fU\|1644683683020
.et.nytimes.com/	1970-01-20 00:52:50	Name: et-ppvid Value: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html=VK6MUBkrig7G_WTK7YRW6Wk7
.google.com/	1970-01-20 05:14:54	Name: NID Value: 511=RBy-yZQvmhWUX9qDklElru2JuTjg1oljNpthdIwLoSEeXs6SKx_5XV9fxYuXoA8z868kpftdQ4EQj-P1beGrGVVe7KJIv2IlbHhqbPLu9pJ8FwI6F88k8aH_KZuS0_WvGEH7ZaqmhbgqNN5ad9UdHkzHsPGDdwVFTosQ6bMYLyM
.nytimes.com/	1970-01-20 10:20:53	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-21 20:40:50	Name: nyt-m Value: 561E5297EE80E0CE64E8A6AF13BDB12E&iub=i.0&igf=i.0&er=i.1644683683&igu=i.1&iga=i.0&iir=i.0&pr=l.4.0.0.0.0&vp=i.0&cav=i.1&e=i.1646125200&n=i.2&rc=i.0&vr=l.4.0.0.0.0&iue=i.0&ifv=i.0&ird=i.0&ira=i.0&uuid=s.8c20fa8a-a1d7-49b0-9061-3894b24e2f36&t=i.0&g=i.1&ft=i.0&fv=i.0&imu=i.1&prt=i.0&ica=i.0&ier=i.0&igd=i.1&s=s.core&v=i.0&imv=i.0&iru=i.1
.nytimes.com/	1970-01-20 00:51:50	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.a.nytimes.com/	1970-01-20 09:36:59	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 00:51:50	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.doubleclick.net/	1970-01-20 10:12:59	Name: IDE Value: AHWqTUn5KUwxrEZhbbe_14zpDL21GHVs4ow8wGxlblTtaoH9Fy9ohxTkeHBFDpz6gg4
.nytimes.com/	1970-01-20 10:12:59	Name: __gads Value: ID=47988ef94bf9c083:T=1644683683:S=ALNI_MYjlkdT922PaoWbM8cBbluszaVigQ
.nytimes.com/	1970-01-20 03:00:59	Name: _gcl_au Value: 1.1.1441918397.1644683684
.nytimes.com/	1970-01-20 09:36:59	Name: datadome Value: ZG94VcIf2gyYXYxxulnQ1hrNtGYzJrNnxIs~oQFUwWjguCy63P_UtGqOzL2mZdaytUP3LGXs-igwPjdnKdSl4nm-5aEAmcV-MEPn.Ly8-XnCM9n.BrPtE1tjBiVPG74
www.nytimes.com/	1970-01-20 10:20:11	Name: _cb_ls Value: 1
www.nytimes.com/	1970-01-20 10:20:11	Name: _cb Value: CzOIohcfmXvzM-qJ
www.nytimes.com/	1970-01-20 10:20:11	Name: _chartbeat2 Value: .1644683684205.1644683684205.1.C94ugd7UrEyCIXa7EDBVoS8CM-Qrh.1
www.nytimes.com/	1970-01-20 00:51:25	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 18:22:35	Name: walley Value: GA1.2.2072495570.1644683683
.nytimes.com/	1970-01-20 00:52:50	Name: walley_gid Value: GA1.2.539703024.1644683684
.nytimes.com/	1970-01-20 00:51:23	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 01:01:28	Name: RT Value: "z=1&dm=nytimes.com&si=52ba7414-1a45-4cd0-a893-b9c44079ca35&ss=kzk2770h&sl=1&tt=1wj&bcn=%2F%2F684dd32a.akstat.io%2F&ld=1wl"
.nytimes.com/	1970-01-20 01:00:26	Name: nyt-cmots Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2NDQ2ODM2ODQsInNjIjoxNjQ0NjgzNjg0LCJjYSI6MTY0NDY4MzY4NH19fX0=
.nytimes.com/	1970-01-23 16:27:23	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MjA3ZTFhNTBjMWEyNzAwMDFkYjI4ZDUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQ0NjgzNjg1fQ.Y_Si8wRqlan_RgPTsA5X0Ikbyg73mmpVXq8S-fz4YAs
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1644683683789&isNew=0&pageIndex=2
.nytimes.com/	1970-01-20 09:36:59	Name: nyt-jkidd Value: uid=0&lastRequest=1644683685361&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'conversion-measurement'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 55) Message: Unrecognized feature: 'conversion-measurement'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
684dd32a.akstat.io
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c.go-mpulse.net
ca71d4075a8c1b9ea74ae3e5029c2b5e.safeframe.googlesyndication.com
dd.nytimes.com
eaaqvsaaeabqgkqdl6aaacqaabrapynf-pq9gw3-2d98ef3f2-clienttons-s.akamaihd.net
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.nytimes.com
static01.nyt.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
yenq4k27munruyqh4gsa-pq9gw3-907f5a0ea-clientnsv4-s.akamaihd.net
142.250.185.130
142.250.185.230
151.101.1.164
151.101.193.164
2600:9000:223c:b000:18:1fcd:34f:cdc1
2606:4700:3032::ac43:c7c7
2606:4700:3037::6815:24db
2a00:1450:4001:800::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2013
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a02:26f0:1700:58c::11a6
2a02:26f0:7100:59a::11a6
2a03:5f80:a::b212:e7c1
2a03:5f80:a::b212:e7d0
35.241.35.241
35.244.188.62
35.71.131.137
52.222.236.85
54.198.123.195
95.101.27.26
95.101.27.37
0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
0934260fab178d75295c8aedbf316b2bce7015986c1db92990550a96c8e9104c
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0e653f468a894db64fd1f1ced01f57d2057d887feb188ec066900d23e0d0fb13
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1d7a48aa348375489dade91d95085b32a09bb2cd408fd4be128a51e8a63de27f
238706e50a3262bdfed3478c304e79d60c18d98cdc1855e252ca7be2ca3bc4e8
24b0af7517bd172c93373c015f9bdccdc36cdb3fe36690fae55a4b3a7487deb5
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2cc472ecee5f7bba331199c50d409e39365167c2176ae80af9a2b5db3e5b1dc6
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2de12e5be7c985ea1e81b2dfe2c4a22207ded70413721ea1c3f5098801781386
392c6aafee7e281e0a53cb50a51d3e36947bb6ffe267894ccab29cb191398668
3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22
417da05f9da78c7ee1fa4b7dd300bfcd2a41a233763675113397d6cabbe24889
42565118dc15245af7c2014417f5c3a34bccb35dad1286b739c60b454cbb37e7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4680da4b91fb39d747e566e471e11aaec1119bc6885b51ae8e4617387f08af7b
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4c0b0fba1c1e991f177e258828d0ad5ed3004fedd6a79534dfb67c39badbbcfa
4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51b78847fc20f97854556c421abeefae11b13e7627270e2c6ca78cfef3a90075
53de41dade0c48c5c5a27ac21e50c416df01eaf924ba874fd5a1ccd8a4f5aeea
550d600e503aeee5863408aaf3c4495dee30466665e9789b91d3a020d0ffca68
5512385f1560a464532bdc96425346b8b6671879d8441486baf219f7d88f3f07
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87
5f21e4306187c7589ea3323fbe380d8e54adbff57f3775d44385c3745ca44a95
6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aff75a7499c36caab2a576f5950f31ad57d7e8f3b7d57e665cd51ac089f5a4
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
67b1921b57db12149d069ccfb32f120bd9c8997034256cdd9ec02e1e04157dc5
68a745cb58fe779c2375d92db2ab5cc040db482ae95c732b96df678692e42122
6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
6f160a1f01ec432b03affe2e605aface9efce204043dcadb406c18ba84ff5ae1
709adf3ed6f6e51676824119a625e3ecd57fade61baa60443089cde1ac7b3800
748eed6903836fd9a33cfe7d6b1909f1acf4b2c09d29c89bdd826d5b32ded63c
74a8b7cdeb83227f3c9c02eadb2b143ac9caeed4c14b4d95304d067f888cb412
79992b2d838aa04b37edcd2d59b098d97176ee0973b1aa19e75be2d8d77613e1
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7ecfc6ff20329ce36c4faca8940a223994119a96a5b35c63c40a1be312d10be4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c46afd74b3ec1967842de43cfbafe825b1877e1260988f70fc06e8cf0fcf11
8842b6c1710190868d51dbaf1bb3665308efe1813bb513ea4b0610ca0d4ea172
8a341b71a554a4cce9df222ea181a2eeb41b5e11db6fa86df22014f479a616ef
8a47c9c36707b75ab588f9f7a25bba3d52b726d893616d6bc89ee113a818704e
8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f896b2bcc9fbfa73d461c2acc7517e1c1f472ab09863784a5943e139aabb7fa
94193096daf7c70d7589d5e6ec9720a2cc53fa953fcc0e51f441ae7d48ff835c
94ea822434760711bddfbb0031237b1b8957b04727e9bb51dbdc5c0b7ddc7edf
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
9ea426903e100c362441db7e9a0d79ecf2454bb5cc95c23feb959adb4c4f6e22
9f44c48a83d1b20e3d9db961757c73a44c41bf4b7482fd8bf4fc8ac6fb0618ae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a442df6eb72df1b4eeb363123519a1b74d1c50c172c434fa051aa65558496ed5
a4698fc003d2b80ae473b488652e1a4e42721c026f7067785e4874aae902f0f1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d79bda0f121f5a0dd7c652045f95fe6486e01e11a4816a27b7d5d0361ef267
ab2f1db1c3a106cd4877802072a53738dc61d6020da2a8b100209ce708bd1aa9
adf2af53724fd422bf12f2c7793a5ecf4d2094a23a5ce34084f1a2af70c9a300
b133ff7796067394717d00a028a3540dcee1c188e32ff9f21e34e2d3e00be6a8
b2a1143cf67ba22fd0cc98146c3cb028245f6e91e7d0d036944ac2183044aead
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b544f3774ca6e4ff8d32adc941e322030cc495f3e4cc002772b042134ac064c1
b5c24fd02fefc3e71a64c00c43c0c58a3ca1d6fd6c14f7c9b6d2ec0416d0b4e9
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
bdc567349ecc3e136c8c9484fbf28b6cb2ad0f6f6462c649486869c6a2256098
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
be7480468093b9ccca0ad587dd65749efdf0ad30036643b3f0a79c4bbcab96df
c1c5b42f5de966f4b7f36b27553ff14509dcfe996fd80069c52cd8e80e56edbb
c244645916870ba90a2e4743816d47e7dbbbea1c841b678255985a408d686f86
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09b7b0c955ad436b296c77df5c697479e1ca306619ba3e065fcc9a1342bcc7f
d5421861b46595d7fc19b106d2478cdfe2c5b05664a0f9e4562770ed2c0d1d6a
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
e17919e8a49111b87e1c6cd882899c91d61d6ee5114c7b19cce0db412f96bc5c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e7b58ce0d8820debb831fac3c6c34accc5176f22dd4cc6b85630d1196a6b1519
e876fe3f68a6232e713b43dc97f51f2de9b821691321bd05cf1759164a069b34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ddb8ea968e8f1e19b013e4dfaa670fdee1bd4b47c9ab94f7e0957e22c45574
f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda
f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9
f37b79335721e676450a88147487eaf2e3036944c7e58fc65790557db5a19595
f6ec8a41172aa73d11df23b199df2189680b2354bb2f4ca31a2d502f50427eba
fa610fbd867d1e4543bccfafd96ab08601f001cd3251c6649a6aaab54bc54f67

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

99 %HTTPS

65 %IPv6

17 Domains

42 Subdomains

30 IPs

3 Countries

3612 kBTransfer

9578 kBSize

31 Cookies

24 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

99 %
HTTPS

65 %
IPv6

17
Domains

42
Subdomains

30
IPs

3
Countries

3612 kB
Transfer

9578 kB
Size

31
Cookies

163 HTTP transactions
1 data transactions