www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/0HicC8qG0fPO2VW5cMfmH5?domain=r20.rs6.net
Effective URL:
https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&...
Submission: On February 04 via api (February 4th 2022, 6:08:52 am UTC) from ZA — Scanned from GB

Summary HTTP 158 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 22 domains to perform 158 HTTP transactions. The main IP is 151.101.65.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 5529.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	195.130.217.73 195.130.217.73	42427 (MIMECAST-UK) (MIMECAST-UK)
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
33	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
8	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
27	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
11	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
4	52.222.236.49 52.222.236.49	16509 (AMAZON-02) (AMAZON-02)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:0:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	54.165.183.227 54.165.183.227	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	18.194.68.138 18.194.68.138	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.86 108.157.4.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	99.83.246.13 99.83.246.13	16509 (AMAZON-02) (AMAZON-02)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:ef:... 2a02:26f0:ef:288::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.227.0 35.244.227.0	15169 (GOOGLE) (GOOGLE)
6	13.32.121.66 13.32.121.66	16509 (AMAZON-02) (AMAZON-02)
158	36

2 195.130.217.73 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-49.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:0:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.183.227 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-183-227.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.68.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-68-138.eu-central-1.compute.amazonaws.com

prod-m-node-3113.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.246.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: a488b146b5a2f7293.awsglobalaccelerator.com

de2-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-96-113.fra56.r.cloudfront.net

ad.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef:288::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.227.0 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 0.227.244.35.bc.googleusercontent.com

a-reporting.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.121.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-66.fra60.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 5529 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8544 a.et.nytimes.com — Cisco Umbrella Rank: 8432 als-svc.nytimes.com — Cisco Umbrella Rank: 11418 myaccount.nytimes.com — Cisco Umbrella Rank: 11597 dd.nytimes.com — Cisco Umbrella Rank: 11812 meter-svc.nytimes.com — Cisco Umbrella Rank: 11629 purr.nytimes.com — Cisco Umbrella Rank: 11275 a.nytimes.com — Cisco Umbrella Rank: 10644 mwcm.nytimes.com — Cisco Umbrella Rank: 11904 a-reporting.nytimes.com — Cisco Umbrella Rank: 33017	2 MB
23	nyt.com g1.nyt.com — Cisco Umbrella Rank: 10279 static01.nyt.com — Cisco Umbrella Rank: 5726 a1.nyt.com — Cisco Umbrella Rank: 9506 typeface.nyt.com — Cisco Umbrella Rank: 29770	953 KB
19	google.com news.google.com — Cisco Umbrella Rank: 5085 adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13 play.google.com — Cisco Umbrella Rank: 39	69 KB
12	googlesyndication.com c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124 pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	57 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 13165	159 KB
6	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 695	17 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 9356 iteratehq.com — Cisco Umbrella Rank: 8367	274 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	129 KB
3	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 624 de2-bid.adsrvr.org — Cisco Umbrella Rank: 38074 ad.adsrvr.org — Cisco Umbrella Rank: 2337	172 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1253 c.go-mpulse.net — Cisco Umbrella Rank: 542	51 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com — Cisco Umbrella Rank: 35441	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	38 KB
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 776	17 KB
1	truste.com choices.truste.com — Cisco Umbrella Rank: 679	9 KB
1	yahoo.com prod-m-node-3113.ssp.yahoo.com — Cisco Umbrella Rank: 17774	176 B
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 10202	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277	14 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5034	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	96 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 6989	467 B
0	akamaihd.net Failed trial-eum-clientnsv4-s.akamaihd.net Failed trial-eum-clienttons-s.akamaihd.net Failed
158	22

	Domain	Requested by
24	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
12	g1.nyt.com	www.nytimes.com g1.nyt.com
12	www.nytimes.com	www.nytimes.com
10	samizdat-graphql.nytimes.com	www.nytimes.com static01.nyt.com
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
8	static01.nyt.com	www.nytimes.com
7	play.google.com	www.gstatic.com
6	choices.trustarc.com	choices.truste.com choices.trustarc.com
6	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
6	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	dd.nytimes.com	www.nytimes.com dd.nytimes.com myaccount.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	iteratehq.com	platform.iteratehq.com
2	typeface.nyt.com	myaccount.nytimes.com
2	www.google.com	c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com tpc.googlesyndication.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
2	a.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	protect-eu.mimecast.com	2 redirects
1	a-reporting.nytimes.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	myaccount.nytimes.com
1	www.googletagservices.com	c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
1	ad.adsrvr.org	www.nytimes.com
1	de2-bid.adsrvr.org	www.nytimes.com
1	cdn.js7k.com	www.nytimes.com
1	choices.truste.com	www.nytimes.com
1	prod-m-node-3113.ssp.yahoo.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	r20.rs6.net	1 redirects
0	trial-eum-clienttons-s.akamaihd.net Failed	s.go-mpulse.net
0	trial-eum-clientnsv4-s.akamaihd.net Failed	s.go-mpulse.net
158	47

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
cn.nytimes.com
tibetnetwork.org
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-01-18` - `2022-04-18`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-02` - `2022-05-04`	3 months	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
a-reporting.nytimes.com GTS CA 1D4	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Frame ID: 01E59E963136EEAC5EA1CA1153F760C4
Requests: 91 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 0572F26BFA0501F8A8F9CBA980B203A4
Requests: 3 HTTP requests in this frame

Frame: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 835A4228CE9E562A9990D012CA21AE15
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456654&publicationId=nytimes.com
Frame ID: 31644324AD95E045017329EE4D41A322
Requests: 13 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter
Frame ID: B4A34A2CEEFA621F098BE84BF3586304
Requests: 2 HTTP requests in this frame

Frame: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 08B5C9DF9F54C3BA2A98BF95BDABD27E
Requests: 18 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: FBF80BBCDB7CED0C5AB766D0147E0B05
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B432200AAC3775604A93202FFE10D7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 342E18196008F1C772A8C108C5F4E018
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 52280E10E0CEE7747F917001F843AB54
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ahead of Winter Olympics, Beijing Moves to Quash Dissent - The New York Times

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/0HicC8qG0fPO2VW5cMfmH5?domain=r20.rs6.net HTTP 307
https://protect-eu.mimecast.com/redirect/eNqtV2lTIlkW_SsGH_pTQb19McaZQtQClKUULbXtIN4KKSSJmYmKHfXf5yZqd7n0dE-... HTTP 307
https://r20.rs6.net/tn.jsp?f=001ZX3HTdbUIKqmMNOmZAhMxoiNJu8dAzTIYYGZN9lEUlYdz1rw_IgMKTxEudvhAlr0... HTTP 302
https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Sign... Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

158
Requests

98 %
HTTPS

51 %
IPv6

22
Domains

47
Subdomains

36
IPs

3
Countries

3642 kB
Transfer

10309 kB
Size

31
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&asset=masthead
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Fsmid%3Dfb-share&name=Ahead%20of%20Winter%20Olympics%2C%20Beijing%20Moves%20to%20Quash%20Dissent&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Ahead%20of%20Winter%20Olympics%2C%20Beijing%20Moves%20to%20Quash%20Dissent%20https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Fsmid%3Dtw-share&text=Ahead%20of%20Winter%20Olympics%2C%20Beijing%20Moves%20to%20Quash%20Dissent

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/china/20220204/winter-olympics-crackdown/
Title: 阅读简体中文版

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/china/20220204/winter-olympics-crackdown/zh-hant/
Title: 閱讀繁體中文版

Search URL Search Domain Scan URL

URL: https://twitter.com/hu_jia/status/1481552501879246850?s=21
Title: criticize state security agents

Search URL Search Domain Scan URL

URL: https://tibetnetwork.org/
Title: International Tibet Network

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/0HicC8qG0fPO2VW5cMfmH5?domain=r20.rs6.net HTTP 307
https://protect-eu.mimecast.com/redirect/eNqtV2lTIlkW_SsGH_pTQb19McaZQtQClKUULbXtIN4KKSSJmYmKHfXf5yZqd7n0dE-EEQaSb8v7zj333MPvtdwty9p27b7ITF5f5pmvh8UkLOrLaVJMk8Xki0_SsCiSbOFNaRouS2ufavPM1bbRp1oeXEiWZQlLattYMKo5k5ghVM3BseRTzZSlcXBQzOAtv189PcORZXFV2_4VRmIyD32TBni8qtnMrxvTMr2qfbqqFVODN6NMWRq0xRR7TQNnwkoZFFfGU2QkFYRaQwWLz7sIF5t9XgkhSSCeOxyi9oYyohTh0ipvlNYBI6Q0ghHnApUqSKeZ9ZSYSBS2bHNe6vnmMCeCd9QYgrFRHlmHUSBM-siZtvB_szjPsvLkowMAeEfr5SNAZbgvrz4DQvPHyyYP1TgTgqgfn95Fs4QNL9DEhGDvIJpoQlCaIfiGaaDcUqcwEoA2xEHlazSJdIxr5jE3kgujlXfSO0ypQ9YoIpQRhgjCA9YkIg9nMIoio85EIAbhL9CEZBKuAqVGYBcYMQYTZz0JKgqluXoPzY8J4C2ay7lJFj_DCUTT6C2cSWomQUpCiWpMkvgSVSkspFYqIgX2BmNnmYuSMUYoB6SZJdoiqclrVKVGFlseYlQeC4pEDFKEYAJ3HlMTBBFMw4kUbuWt0Thg4QhxBvjO_FOWnlHVVDLIIyZaGseAQIJKIJmjDDsOsb2H6scE8DOqG5yuPv8B0RNHITVvMS1zsyjSpKgUphGeWf0MqpdOIcgechppYYwNxFGvqNdCSS-NUAyUQZnXoHIRrBNAAcoj58JG6XGE_XAlEoMhRCLMJY3AdBYqqJCw3okIyysC2hegGoMMssgwR7TGHNLoCTNGOSYwiu5dqn5MAD-Dmoai2MCawysJqRflytrgX9JWIf4XKvBGU3WgwigoHYUF1LwOspIxKBrFFIsRQ_yOOuxeQ2vh7lorKZDESvigrCSRcOodcZIFbkkwVCsbI49MIUINi0LL6LgQBnH8ElrY4JEUgnounENEIAOBBQEXEbD9PWg_JoC_11SOCJJv0dw0xrGZh7wcJ5lbjm9xgza0ekve4CLjFKmoCNDAEIMlYiJ6gQOIF3ZY86iUV68Rdk4AexiC5goX5VozrKnQCDLkPXQHQIYrywgiLoLyWS6YdNACuVCO84BeIMw14sYKTK1XWnCGlQ7Qb6yiSFYveQ_hjwng_yUvY5T80xaGYiVAEtSKuqiQhCiYYZRFTwVyQlqKjeX-DXkVotCBhQk-Mu1BEkGaMQuCYxBvxAmrui5lUKhMa2swD4xauJ0XEjmLyAtoo_DgPcANBM-jtUKAGiEJGWeRRqig96D9mAD-SQtj0Al-_PYD3JpPwKdVJq-zgKdl4jfGbGnAw9VanDQpjJrNgtY0uNnp8dHjACgyjDWdg8ciNcUUniwxDDEoUqhcCvbLQIcxWESiCUfegBkDSmgmqy0Ln8OOPEyShZn7xnJqSnCZi_Bl4zCzZP7kJouVvYaFvw4Ho_3-qNM82hq2Oyft3w6-b2_t34Z8XVZGdKtTbJ0ufMi3WtmizLM57CzTspetFnCh2mpWhjzlMFg52j_9Jlw9WSY_2c3FM7P-0vJuYAypSeb_e91ba7zZ6bN0k4uqfb1d8JiSUFRZ4OCBiAZrIh7R-jPqP4I8DpPJemv4DN2r0P4G29fhvJlLlo_2GjckaxCEGxjTzcQ0K8rN1IOpF2m5rPswT6pU1GFFo-KfM0UJ5zQeoPf-eExFP_PwM6CGUJWFZAlfe08LtzpDGEqLSXXr2r-6_eaQSN7bRVxjsFN6j7fontynfFex5j7VBxQ67ZcXyxqXzYPqqTE8Huw1Bqejo8HgsNEa9P5dnfwoL2UBp4MqwR9wVCBOKfw2gPlVPoeZaVkui-2rz6BCBDXyQjQWAUqnXDSui-V_4g5C-PKctkfennYOb9Jef5BeNqe9-yzpd1fKNx9GnYuLr5d9Pd8_nV_4B5zfjTuT3uHofn_lb6fNeQ5ab8_VXjc71ax5Pvx-tOgOlnm3O3L8es_sOtL0ZTiU-8GldD3ujGZ7J2Pfb60ujvJJi0V9WW-eleksud894Ws-vjma6PEaobN-eZT1Hi5uxs00OU_W-9_a7mzYbQ3bN4N56_Lrntc9uXt7zwbL1UmxzO6diue358X6pNnNJneetPeHx6c6c3vhdv_b90PTTe6-H3xPL76j-vyEfyvO-_faLe6T_bw8m-PB0eVBWjbN6Wjm2oP5A61fzDrHu4t1QU7kMG0nA8eH7aLUpDv7Ck5wYGeH3Yu07evXqF6c9offevzbxax3eJ2Hs9jdpf26Uhd3g3ay_MXt4Nnd3B-p_eP1DNmH63J-hrK7604-WJ7dHfQeblYqZSftpN8778jzy8XMhqTXv9vZ-cVNdw58svp61D8ewlFk3jo8Wt_NRquwov1ZhvO0Q-c3U9Y5uDjdHXydofOH3tnh6eVkZ6equErfJmNXD-PVDOExxnx86-GzjscbERw_EQeP6fhJTOpA5TrnXAGbMBFwymS1YfBwNWrP5fCut2gVrZv-wXLPxv4E5t2qKLM05O6xFJ7VtarTjZiCipSgxfWw-rmI0tqP_wKyNque HTTP 307
https://r20.rs6.net/tn.jsp?f=001ZX3HTdbUIKqmMNOmZAhMxoiNJu8dAzTIYYGZN9lEUlYdz1rw_IgMKTxEudvhAlr08fbX8DJoU94AXPWLnJOprJJTc5jDaBc2AdteK7Eecm3y_ITkDS_dNCuYLrgC4f9Z-AVtmkixBS5y5_qLg9_y00VNtLoMzYq_AmiXiyEQHcVPJCPHqOlCZGDd9M7Bvx4OpuSspoxc8fXvXsySAJogwd2HEPRU9ocDevEQWKaJiwWFWmYW0-lS5QsXNx9cnxiErtVl1OLZFmtAaUTkcHOlz3-YkIRBnys2S7PmHiOc5PHst92JkGc22ObkKJYmHd-j0-sUNPQM5QYkMKjreVfJB3N-88YwOHip&c=1kwldL8ERyk0bzjtlV0owjIrOpVwFMzqu8m4SHiNMXI7XZnkbeiMNw==&ch=FdiuGLNRPHip2lCKLywkTueu3Nko1rmI3lqh4IFYUBOGk0XzMVKUZg== HTTP 302
https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter

158 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request winter-olympics-crackdown.html Show response
www.nytimes.com/2022/01/31/world/asia/
Redirect Chain

https://protect-eu.mimecast.com/s/0HicC8qG0fPO2VW5cMfmH5?domain=r20.rs6.net
https://protect-eu.mimecast.com/redirect/eNqtV2lTIlkW_SsGH_pTQb19McaZQtQClKUULbXtIN4KKSSJmYmKHfXf5yZqd7n0dE-EEQaSb8v7zj333MPvtdwty9p27b7ITF5f5pmvh8UkLOrLaVJMk8Xki0_SsCiSbOFNaRouS2ufavPM1bbRp1oeXEiW...
https://r20.rs6.net/tn.jsp?f=001ZX3HTdbUIKqmMNOmZAhMxoiNJu8dAzTIYYGZN9lEUlYdz1rw_IgMKTxEudvhAlr08fbX8DJoU94AXPWLnJOprJJTc5jDaBc2AdteK7Eecm3y_ITkDS_dNCuYLrgC4f9Z-AVtmkixBS5y5_qLg9_y00VNtLoMzYq_AmiXi...
https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

427 KB
88 KB

122ms
32ms

Document
text/html

151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

49e46fc0760a5e9f9ac390368889dd50f822c3364877cdb4a1642257d375c61b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-b3-traceid: 5d9ee60de8e4420ab52fe72f5763e1c2
x-nyt-data-last-modified: Fri, 04 Feb 2022 03:22:23 GMT
last-modified: Fri, 04 Feb 2022 03:22:23 GMT
x-scoop-last-modified: 2022-02-04T02:24:28.674Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1643944991.280337,VS0,VE6
x-origin-time: 2022-02-04 03:23:11 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:44 GMT
age: 9981
x-served-by: cache-lga21921-LGA, cache-lcy19228-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1643954925.693403,VS0,VE11
vary: Accept-Encoding, Fastly-SSL
x-datadome: protected
x-nyt-app-webview: 0
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/01/31/world/asia/winter-olympics-crackdown.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-nyt-edge-cache: HIT-HIT
content-length: 88614

Redirect headers

Date: Fri, 04 Feb 2022 06:08:44 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 44ms
24ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Fri, 04 Feb 2022 06:08:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 5463088
x-guploader-uploadid: ADPycdsJGbFDasYqvL5XTnhQwAOyu5U-jGzE1blershlqM0jzJXeSh_50t6ZuLy08GcWGzBxpjUSKk4WP-IDrvsv6JhbBpTPfA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-lcy19228-LCY
accept-ranges: bytes
expires: Sat, 03 Dec 2022 00:37:16 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1643954925.769075,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14470

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 23ms
23ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134724
x-guploader-uploadid: ADPycdvk227rETd0i244NK9kxU2-caoxvhokXiz1PGtWfwcHDvYhUczpQGK36wNPG3tHfkALg1IWz0yfXCLdeIz2VLE
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.748429,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2360
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Wed, 02 Feb 2022 16:43:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1643820183725633
expires: Thu, 02 Feb 2023 16:43:20 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-640b40fb675410cd242a.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 25ms
23ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-640b40fb675410cd242a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9b451d3ea4e499f6e1df6c13782e71edb22edb6c28914c7f298561034ce82d85

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134728
x-guploader-uploadid: ADPycdubBgPJTry-zElI1BA55K0G1aR2twUIKfAqW3nrX-B0lvZR9dbCdMKEtO9P09G8hIx4rAD5Vfyjekt8mVQlwhI
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.811861,VS0,VE1
etag: "1995e165d0dc4f67c9e33f1a0136c1d9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-640b40fb675410cd242a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3652
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7132
last-modified: Wed, 02 Feb 2022 16:43:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=+7npGw==, md5=GZXhZdDcT2fJ4z8aATbB2Q==
x-goog-generation: 1643756616452151
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 20121
accept-ranges: bytes

GET
H2 200 merlin_201037263_10257346-f626-4a48-b05e-84e23e64a026-superJumbo.jpg
static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-01/ 202 KB
203 KB 57ms
55ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-01/merlin_201037263_10257346-f626-4a48-b05e-84e23e64a026-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 77e8109c15b0eaac502bf0889cda5d3f63ef16e2b33ff7ccb6721ac7e753f707

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 328569
x-guploader-uploadid: ADPycdvlvKzESI2rjcXcPyd3lD7t4TOMydq8ukyYDFp36cbaIY6A7CXcomIctDaA0aYPtQsVr7jj8UnYtWNSV_bQ5Ys
x-cache: HIT, HIT
fastly-io-info: ifsz=627317 idim=2048x1365 ifmt=jpeg ofsz=206974 odim=2048x1365 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 206974
x-served-by: cache-iad-kiad7000116-IAD, cache-lcy19228-LCY
server: UploadServer
x-timer: S1643954925.812555,VS0,VE2
etag: "m4btYxK8u924aBfzvosB1YFRUTXpZ+PrBSvjcUY+J2k"
vary: Accept
x-goog-hash: crc32c=3uHOxg==, md5=P8ql9UBvRrObxS+E7wIokw==
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 10:52:35 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 style.css
static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/adb6e89dd349417c08e0e842f34f15dc38965a59/ 240 B
468 B 213ms
192ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/adb6e89dd349417c08e0e842f34f15dc38965a59/style.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e2dc688bd38e8f376361b1da0dbfbf225790269bb9efdce60d5b92d4d5c670ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
content-encoding: gzip
age: 2
x-guploader-uploadid: ADPycdsMnqnXVkTCuj0uD5EpRr14ul1jv2n0LgTi47OJxn14Wc6zzUlKxWO8-s_fnuyZojZqWg_OW0r4Zx_HvmdEnh8
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 177
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000076-IAD, cache-lcy19228-LCY
last-modified: Thu, 20 Jan 2022 20:31:58 GMT
server: UploadServer
x-timer: S1643954925.794363,VS0,VE78
etag: "79444193eed5faa1b8ce07e79aabaa2b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=xK4XeA==, md5=eURBk+7V+qG4zgfnmquqKw==
content-type: text/css
access-control-allow-origin: *
expires: Thu, 20 Jan 2022 20:32:07 GMT
cache-control: max-age=5
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 build.js Show response
static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/adb6e89dd349417c08e0e842f34f15dc38965a59/ 476 KB
116 KB 179ms
178ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/adb6e89dd349417c08e0e842f34f15dc38965a59/build.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fb717cff7c5719d8bb704b2cc188597cc49e291aac42ee25b975c0817c9a74fb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
content-encoding: gzip
age: 5
x-guploader-uploadid: ADPycduGly2WpcLcho349EzdQUXFmX_eiyWYrXVuu_X1FbBCN3LV3ib40iZcJ0juJTLteCYxmKHgkL3BFOPTEr9ColKSr3W4xg
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
content-length: 118441
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000102-IAD, cache-lcy19228-LCY
last-modified: Thu, 20 Jan 2022 20:31:58 GMT
server: UploadServer
x-timer: S1643954925.794234,VS0,VE78
etag: "914181530117f487778b78b7a7a35020"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=IpSnZQ==, md5=kUGBUwEX9Id3i3i3p6NQIA==
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 20 Jan 2022 20:35:11 GMT
cache-control: max-age=5
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 beijing-olympics-logo.svg
static01.nyt.com/storylines/prism/ 4 KB
4 KB 176ms
174ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/storylines/prism/beijing-olympics-logo.svg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c416873f11d185a5d23a4988e3bf2dad33488cdbb456eeaedfda82f4fda5fca0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish, 1.1 varnish
x-guploader-uploadid: ADPycdtUe1BO3qe9Rd2dFZDFhGOcQ_RiDmB_WyuUOQNoOghTOVxfuAUYMpELH1gLVAec57NKj384jPVEll6HFJ8mMsw
x-cache: MISS, MISS
x-goog-storage-class: STANDARD
x-cache-hits: 0, 0
content-length: 4052
x-served-by: cache-iad-kcgs7200032-IAD, cache-lcy19228-LCY
last-modified: Thu, 03 Feb 2022 02:49:43 GMT
server: UploadServer
x-timer: S1643954925.812701,VS0,VE113
etag: "a7f82a837d81127ae61b985c6f32c2b8"
vary: Accept-Encoding
x-goog-hash: crc32c=rVgF3A==, md5=p/gqg32BEnrmG5hcbzLCuA==
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: private, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 06:08:44 GMT

GET
H2 200 vendor-6dabc659e9ccac9b6f00.js Show response
www.nytimes.com/vi-assets/static-assets/ 252 KB
76 KB 26ms
25ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134727
x-guploader-uploadid: ADPycdtlw86mBVcdC322ym1v-OgLtQMFBoXQiAO1iKtGjq-ZqWHbV-yjxDgKhnwIfKRFsOCUv0vinWEq800oTeXZAU8
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.812803,VS0,VE1
etag: "8fc82adba8f7a20303f839ab3c923991"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3647
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 77827
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Aei76Q==, md5=j8gq26j3ogMD+DmrPJI5kQ==
x-goog-generation: 1643808269294606
expires: Thu, 02 Feb 2023 16:43:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 258452
accept-ranges: bytes

GET
H2 200 story-8bb53b05ec9108c00d9b.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
298 KB 33ms
32ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-8bb53b05ec9108c00d9b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8e1da8f1b5ddb26c9bb0929b90d3a4795992fb7a87fcab0af82a9a2d80a10cee

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 28170
x-guploader-uploadid: ADPycdu-6x4wfRf8EWYn9MdFiRhf8cRYcfdOG92Vdpv0O0mbYqblvUxiPEw5wMVmt_ZeytqPAt9aj_wf4pYnzfCYXg8
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-03 22:19:19 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.813036,VS0,VE0
etag: "5e3f34195f6a140545485a24542d67f5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-8bb53b05ec9108c00d9b.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 29
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 304384
last-modified: Thu, 03 Feb 2022 22:15:10 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=SW+S8A==, md5=Xj80GV9qFAVFSFokVC1n9Q==
x-goog-generation: 1643926510137111
expires: Fri, 03 Feb 2023 22:19:14 GMT
x-gdpr: 1
x-goog-stored-content-length: 1146802
accept-ranges: bytes

GET
H2 200 liveblog-95321801a824e7f36e0d.js Show response
www.nytimes.com/vi-assets/static-assets/ 1005 KB
261 KB 56ms
54ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/liveblog-95321801a824e7f36e0d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

17e13b001df19a080c57dcfbddaf18c1454d61e717f81caf3b6dc4827cafe9d7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 28180
x-guploader-uploadid: ADPycdt3-9zX13f1SgRJQ9qiVfIB4WjP3N-K8pWrnFWRh29T5hEPhnZZGgPvV4rZ4EOJtOO0oQO5tmTBtUweBjNvVXoc09ILbQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-03 22:19:04 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.813160,VS0,VE1
etag: "49938100e1b5e1fe55e1573949ba866f"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/liveblog-95321801a824e7f36e0d.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 266738
last-modified: Thu, 03 Feb 2022 22:15:10 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=D8BM+w==, md5=SZOBAOG14f5V4Vc5SbqGbw==
x-goog-generation: 1643926509972985
expires: Fri, 03 Feb 2023 22:19:04 GMT
x-gdpr: 1
x-goog-stored-content-length: 1028651
accept-ranges: bytes

GET
H2 200 main-d3d1607e81000843366d.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
360 KB 56ms
55ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8a01feeaf9fe3b147ac5929e31a785d48ed4b35c567589915c0a3bb14e2f3352

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 43258
x-guploader-uploadid: ADPycdudMxFnO6_FguRSZTm3kza8blO7LrgTp10-xTY0UlZzjrBuAQpndGumyjNuVWREYpZWfSL27GE0kMlTrEQ0d9hspsCbMw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-03 18:07:47 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.815556,VS0,VE0
etag: "2625b32703c6fb2954aa57c002a6f54e"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-d3d1607e81000843366d.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 47
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 367382
last-modified: Thu, 03 Feb 2022 18:04:41 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=NSsyHA==, md5=JiWzJwPG+ylUqlfAAqb1Tg==
x-goog-generation: 1643911481169312
expires: Fri, 03 Feb 2023 18:07:46 GMT
x-gdpr: 1
x-goog-stored-content-length: 1266748
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
96 KB 171ms
76ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f45348a1b1fbf2b35b4759ca27eca6e7d6787eead2149ddaa3186ccf2bb9d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97710
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 108ms
43ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 3ea4b9a2a0a46bc3-3a38f6e738fcc688-1
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-97efa45
x-b3-traceid: 3ea4b9a2a0a46bc3-3a38f6e738fcc688-1
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:44 GMT
age: 424
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: GB
x-nyt-region: SFK
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: 8c2225c46d0cfbb5
samizdat-x-instance: 546bf032
samizdat-x-canary: false
x-served-by: cache-lhr7335-LHR
x-cache: HIT
x-cache-hits: 1
x-timer: S1643954925.870311,VS0,VE1
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 243ms
130ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
800 B 115ms
114ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 39dd0f27a40f3802-6d1ece7d762898a4-1
age: 0
x-cache: MISS
samizdat-x-instance: 546bf032
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 4b66f00300ad0fa6
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-97efa45
x-timer: S1643954925.913902,VS0,VE92
x-nyt-region: SFK
x-served-by: cache-lcy19228-LCY
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: GB
x-datadog-trace-id: 39dd0f27a40f3802-6d1ece7d762898a4-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 143 KB
45 KB 181ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc516f9c8469286546f29b39ae2119eeb3e1de1e0facc8683593700d74b4f723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45236
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 23:28:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 06:13:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 164ms
71ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

016f253996c6cd45cec1c230435816235013ac80ee4501167805b73a2bfa7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27246
x-xss-protection: 0
server: sffe
etag: "1121 / 716 of 1000 / last-modified: 1643929615"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Feb 2022 06:08:44 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
3 KB 235ms
141ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F3af44701-472c-564a-aff1-c4b065b08ce6&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 8f66ddfec1d9abad4ad2929f0b96fe7cc0e5b0a8ea12a0e0ae425dbbc07aecf4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
1 KB 48ms
48ms Image
image/svg+xml 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134723
x-guploader-uploadid: ADPycdsYJ6R5aQL89LNVy0jPl0m20rf4oRBfQ5PBwLErRpPQoF-tMS-WSfvnlMpht9vK-q_dNLU0iJczX7-1mjvRu0mK7qCI-g
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:21 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.820082,VS0,VE1
etag: "f5e6ba8f0613f5244e1e8ba2c4f8dd1a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-eb3ac0d36c11bd5a497046cb82515de2.svg
content-type: image/svg+xml
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1479
date: Fri, 04 Feb 2022 06:08:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 645
last-modified: Wed, 02 Feb 2022 16:43:04 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=GTQy+Q==, md5=9ea6jwYT9SROHouixPjdGg==
x-goog-generation: 1643756616744967
expires: Thu, 02 Feb 2023 16:43:21 GMT
x-gdpr: 1
x-goog-stored-content-length: 1162
accept-ranges: bytes

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 105ms
48ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9778881
x-guploader-uploadid: ADPycdsAy7uqTiMUPIieNN-zsVIEpCI1qZXR6Khga9TH1Lz7YMU1_ERsve9XUkTbBlTIAggF_Vt6IrjiG_XftLt7wDw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:47:24 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643954925.877427,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 48759

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 105ms
48ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8572805
x-guploader-uploadid: ADPycdsWg71ATKTFfX_fOa8C75fUmJMh2Ea4JLljDNWkT2YiA12c2S1M_E-DCjygx5thivYWnFVSnQ9XwJO2mlQAwYO7-DE-Hw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 28 Oct 2022 00:48:40 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643954925.877543,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 48522

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 105ms
48ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8572804
x-guploader-uploadid: ADPycdsayzyqVNFaE-FncnP5PiThl6LsHAQehHS5G1DPdWwxdAYbKf5-qZXsMEZcPoSZcOtnwp_PVIxwP4QBKmdC28o
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 28 Oct 2022 00:48:40 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1643954925.877587,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 31972

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 104ms
47ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9780746
x-guploader-uploadid: ADPycdvHsAWc177PZKvqHLiWGsJCKyMuK2lhIcIGLOieWvioFShDCujXJgjYS_qNINaCtQN5D4ZDJAQ-mybNujBypg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:16:18 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1643954925.877650,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 20750

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 202ms
145ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 7951131
x-guploader-uploadid: ADPycdvJo2poQLFqzvLjyNOR0t1_YcL_x6WzerWcz2EOSroHsM6rwt8JPNHnlE077Nhj6k9Y3coEFKYP74UPwhjiUMxHyguMHg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 04 Nov 2022 05:29:54 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643954925.877786,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984069574
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 10019

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 104ms
47ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 5113858
x-guploader-uploadid: ADPycdstc0bHstfptPSnbO8EOyicNZSLauWmlNl6mrH1YtM_l6nuduEhG-DDEGmyNbNcQA3CVxjaM5r6A85d-BjJkng
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Wed, 07 Dec 2022 01:37:46 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643954925.877722,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 44588

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 231ms
174ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 6759558
x-guploader-uploadid: ADPycdt2IKc1ExzQAlALGvgBpNCPwfvx6vu50cj-qU0038aEbJFk376BKh4jTfiwYGJ0NQWWrwbCiAWIWJHHy-Sld1feMsXRrw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:29:27 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1643954925.923756,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13032

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 202ms
145ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9178439
x-guploader-uploadid: ADPycdtZYlPSJSaQ_0P278MXr7586rhcC8sNfAh5qSRTTx1T5tZq7U3Sknj_gL3_wBkl-2PgkXMjIOOrx2pl4SOS2RyIdgJ9Hg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 21 Oct 2022 00:34:46 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1643954925.877910,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 29817

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 202ms
145ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Fri, 04 Feb 2022 06:08:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 12798949
x-guploader-uploadid: ADPycdsV7r7ZKPj7d4b-OL3fYfdcz1ZhIKijWFJGAHtBAVOOX6dInjWeIkTEEjhujQlYgUHQhtyk5eQdq8l-yTpttwzBmxwTfA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 09 Sep 2022 02:52:54 GMT
last-modified: Wed, 21 Jul 2021 17:23:54 GMT
server: UploadServer
x-timer: S1643954925.877843,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888234863093
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 47416

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
25 KB 29ms
29ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
date: Fri, 04 Feb 2022 06:08:45 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 5114994
x-guploader-uploadid: ADPycds8Jqr0XpFJtbtS4Jf9XOfNB5Yz5DrFs3HJ6-mNcXLz_cfe8Dcxa0Y2Shtj2zrWonVolyhDHj1jgj2KcORsdY-W7gTARg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Wed, 07 Dec 2022 01:18:51 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643954925.031134,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984530255
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 25680
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17991

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 0572 393 B
714 B 28ms
21ms Document
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

d08560dcbeaf52d1086f80e0003a7539d93506203c2a8bb2492566e17ea072c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

x-powered-by: Express
x-datadog-trace-id: 5338683742646024773
x-datadog-parent-id: 5338683742646024773
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-nyt-backend: lire-ui
content-encoding: gzip
x-cloud-trace-context: 5d67496bfd4d1f7278d1d03d4ec1b722
server: Google Frontend
cache-control: public, max-age=600
etag: W/"189-iYEIV9oKG3bAWcJVeWPvDwpx6Wg"
content-type: text/html; charset=utf-8
x-datadome-timer: (null),VE543
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:45 GMT
via: 1.1 varnish
age: 535
x-served-by: cache-lcy19228-LCY
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
x-api-version: F-X
content-length: 275

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6301c68dc12918911623.js Show response
www.nytimes.com/vi-assets/static-assets/ 46 KB
15 KB 24ms
23ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6301c68dc12918911623.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0f94885fd7c9cb7811f25ef40aae0e70111a6d2f346d3a38e531fd0ae906a0fa

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134725
x-guploader-uploadid: ADPycdvF4SJV3b6vJjAl7uhy7hzvt22SZU3ToklDbbgGgogc_VC2-4bHu_LY6yJJhG47viZlCy2qjqJpDrClV1i8QEtoRmo5uA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.180683,VS0,VE1
etag: "f2073b13685dcdf37d799c76ff033f98"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6301c68dc12918911623.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3361
date: Fri, 04 Feb 2022 06:08:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14574
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=+gj7sA==, md5=8gc7E2hdzfN9eZx2/wM/mA==
x-goog-generation: 1643776221999766
expires: Thu, 02 Feb 2023 16:43:20 GMT
x-gdpr: 1
x-goog-stored-content-length: 47044
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
13 KB 25ms
25ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134727
x-guploader-uploadid: ADPycduxQQBXfkLdVNQHpUSOfL3q-v27tasQQ7dRlk69yzRWE_Rx5Uo-XpqbkIV4ub5xY4PABm3cDtcqLLVvIwI6oYVBIBxLuA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.180800,VS0,VE1
etag: "46159ad0cb7de89c83fc59e9dc0d61f9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2891
date: Fri, 04 Feb 2022 06:08:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13291
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=goxv5A==, md5=RhWa0Mt96JyD/Fnp3A1h+Q==
x-goog-generation: 1643820185329795
expires: Thu, 02 Feb 2023 16:43:18 GMT
x-gdpr: 1
x-goog-stored-content-length: 68853
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 25ms
25ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134727
x-guploader-uploadid: ADPycdv4771HdvL_WODt9OLZUW3YXMwVgO1DvX2y13djsnHpZJDohceVdAoyBCCC3kvCZYSeKXVwmcYeqfGlPinHzU0
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:21 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954925.180882,VS0,VE1
etag: "e4469edf0dfca6f7845a13a7b325dd05"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2897
date: Fri, 04 Feb 2022 06:08:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5012
last-modified: Wed, 02 Feb 2022 16:43:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=uxXxow==, md5=5Eae3w38pveEWhOnsyXdBQ==
x-goog-generation: 1643820185317356
expires: Thu, 02 Feb 2023 16:43:18 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

GET
H2 200 pubads_impl_2022020201.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 35ms
34ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

20ab3f5e0bcc3de5425a796cee46b47880f940263127ec918e773a047971316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122075
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 09:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 20:42:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
371 B 85ms
43ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
expires: Fri, 04 Feb 2022 06:08:45 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 84ms
34ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 06:22:50 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 79ms
38ms Other
image/svg+xml 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 06:29:52 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 134ms
134ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
129ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 127ms
126ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 152ms
152ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 226 KB
41 KB 217ms
42ms Script
text/javascript 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-49.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

63c19371588c328be91e3988648d28d3dc13e987ead094a0165cec8d915f2ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3882b-5d5788b58c148-gzip"
age: 17
x-cache: Hit from cloudfront
content-length: 41784
access-control-allow-origin: *
last-modified: Thu, 13 Jan 2022 15:43:14 GMT
server: Apache
date: Fri, 04 Feb 2022 06:08:30 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: xeh38v8RQreO4p1BE7JVXFCXgpX7rE2Mmh1cW9Pxhifv-C--t5warw==
expires: Fri, 04 Feb 2022 07:08:28 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
57 B 117ms
108ms Fetch
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 0572 2 KB
1 KB 22ms
22ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-api-version: F-X
age: 38
x-cache: HIT
x-cache-hits: 1
content-length: 1252
x-served-by: cache-lcy19228-LCY
server: Google Frontend
etag: "8MuY0w"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 82685d6d7c4e57779223af16de85ce68
cache-control: public, max-age=600
x-datadome-timer: (null),VE107
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Thu, 03 Feb 2022 19:25:56 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 0572 410 KB
139 KB 24ms
24ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=de8cb90
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: db35a00d0c91257fb39cee8f38919220a7768602c49d41b97a2f7145dd124fb6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-api-version: F-X
age: 84
x-cache: HIT
x-cache-hits: 1
content-length: 141714
x-served-by: cache-lcy19228-LCY
server: Google Frontend
etag: "8MuY0w"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 7ffe5b670b03ae8158236b75b3304a46
cache-control: public, max-age=600
x-datadome-timer: (null),VE98
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Fri, 04 Feb 2022 03:04:52 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 29ms
29ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 7696095f1f582c2a-bb6d1ca3e7b49c6-1
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-97efa45
x-b3-traceid: 7696095f1f582c2a-bb6d1ca3e7b49c6-1
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:45 GMT
age: 1
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: GB
x-nyt-region: SFK
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: 9f02344286409eb8
samizdat-x-instance: a3dbd997
samizdat-x-canary: false
x-served-by: cache-lhr7335-LHR
x-cache: HIT
x-cache-hits: 1
x-timer: S1643954926.741273,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 22ms
22ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 7696095f1f582c2a-bb6d1ca3e7b49c6-1
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-97efa45
x-b3-traceid: 7696095f1f582c2a-bb6d1ca3e7b49c6-1
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:45 GMT
age: 1
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: GB
x-nyt-region: SFK
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: bdb2cd2b30abb493
samizdat-x-instance: a3dbd997
samizdat-x-canary: false
x-served-by: cache-lhr7335-LHR
x-cache: HIT
x-cache-hits: 2
x-timer: S1643954926.759040,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 22ms
22ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 7696095f1f582c2a-bb6d1ca3e7b49c6-1
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-97efa45
x-b3-traceid: 7696095f1f582c2a-bb6d1ca3e7b49c6-1
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:45 GMT
age: 1
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: GB
x-nyt-region: SFK
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: 9f568d428fd8dc1e
samizdat-x-instance: a3dbd997
samizdat-x-canary: false
x-served-by: cache-lhr7335-LHR
x-cache: HIT
x-cache-hits: 3
x-timer: S1643954926.808168,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 105 B
416 B 141ms
141ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash: 62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 04 Feb 2022 06:08:45 GMT
via: 1.1 google, 1.1 varnish
x-nyt-meridiem: AM
x-b3-traceid: 639c9d27f18f382d-48983402b1a61c63-1
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
x-cache: MISS
x-cloud-trace-context: 0b099708383af5270211a96f07b17b9b/18262133163602538344
samizdat-x-instance: efe99e77
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: c81536aea62c6cde
content-length: 105
samizdat-x-canary: false
x-graphiti-gateway: fafa96b9
last-modified: Fri, 04 Feb 2022 06:08:45 GMT
server: samizdat-graphql-97efa45
x-timer: S1643954926.767252,VS0,VE120
x-nyt-continent: EU
x-served-by: cache-lcy19228-LCY
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: SFK
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: GB
x-datadog-trace-id: 639c9d27f18f382d-48983402b1a61c63-1
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 642 B
1 KB 277ms
201ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&pageviewID=v36OGLK5PW10q6KPX3x8S3HX
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 49042173f99eadac0a9c9ac011f462d41803345da87192404dcd7a06d389c64f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:45 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 642

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
788 B 118ms
118ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 1f353b6c3ed8de3b-69b8edd37675775d-1
age: 0
x-cache: MISS
samizdat-x-instance: a3dbd997
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 35a4a69428ebb433
content-length: 77
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-97efa45
x-timer: S1643954926.781966,VS0,VE96
x-nyt-region: SFK
x-served-by: cache-lcy19228-LCY
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: GB
x-datadog-trace-id: 1f353b6c3ed8de3b-69b8edd37675775d-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 182ms
181ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash: 5a17ad5980cb8bdda116f161f72c139d9cb9689ba708fd21383cc2ee0c1677c3

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Fri, 04 Feb 2022 06:08:45 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 5d9799bcb5e7e2de-2e5b1f7dc1d38614-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 1f1ecc90
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 6b577a15f4ad12d6
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Fri, 04 Feb 2022 06:08:45 GMT
server: samizdat-graphql-97efa45
x-timer: S1643954926.832865,VS0,VE159
x-nyt-region: SFK
x-served-by: cache-lcy19228-LCY
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: GB
x-datadog-trace-id: 5d9799bcb5e7e2de-2e5b1f7dc1d38614-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-cfd5e7aa512e3b2089b5.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 23ms
23ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-cfd5e7aa512e3b2089b5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1a4c75be5e1949f75df82753a78043097adfd346d90a5499a81a0be2a3c0aac0

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 134729
x-guploader-uploadid: ADPycds6Xwus4o78T0VVcdQrGEVEyoqSD3AfvIXRI1kfz4WmqCL8WD2aHU2gNtU-pwsoge-3UCZmT1-n1eJNV5f4NWk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-02 16:43:20 UTC
x-served-by: cache-lcy19228-LCY
x-timer: S1643954926.824313,VS0,VE1
etag: "a2b12263649dccf471c6bcd5423236d5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-cfd5e7aa512e3b2089b5.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3142
date: Fri, 04 Feb 2022 06:08:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14990
last-modified: Wed, 02 Feb 2022 16:43:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=t9Qthg==, md5=orEiY2SdzPRxxrzVQjI21Q==
x-goog-generation: 1643776220653841
expires: Thu, 02 Feb 2023 16:43:16 GMT
x-gdpr: 1
x-goog-stored-content-length: 51109
accept-ranges: bytes

GET
H2 200 styln-beijing-winter-olympics.json Show response
static01.nyt.com/storylines/pharmacy/experiments/most-recent/ 818 B
1 KB 132ms
131ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/storylines/pharmacy/experiments/most-recent/styln-beijing-winter-olympics.json
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-8bb53b05ec9108c00d9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6ee6403ce32c49c25e54b2592213e412c33f46b3d2de8f7de7bcf9ac21be47ae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:45 GMT
via: 1.1 varnish, 1.1 varnish
x-guploader-uploadid: ADPycduiIljyrVblGme3lTdreJdjHf-DW_8lFPwLy2W7TB3pTRF269AEhwzd3mG_M4nBJPXJcQ3sctID0u6ztuwmA2s
x-cache: MISS, MISS
x-goog-storage-class: STANDARD
x-cache-hits: 0, 0
content-length: 818
x-served-by: cache-iad-kjyo7100162-IAD, cache-lhr7335-LHR
last-modified: Fri, 04 Feb 2022 06:00:51 GMT
server: UploadServer
x-timer: S1643954926.855601,VS0,VE110
etag: "d71cbdcc2fa437023669d399849aadae"
vary: Accept-Encoding
x-goog-hash: crc32c=EWL+4Q==, md5=1xy9zC+kNwI2adOZhJqtrg==
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 06:08:45 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 245ms
138ms Fetch
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: fc85695c811d7c1fcac1374eb8577cb7
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Fri, 04 Feb 2022 06:08:46 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 261ms
157ms XHR
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html&jkcb=1643954925849
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 40eb798cb14294e8e47a9cacc5ad51125589be1889e7f07c1715f6057b3bad25

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 4baaad8a33e26c622516fbbf32c31106
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 1087
expires: Fri, 04 Feb 2022 06:08:46 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
129ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 131ms
131ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 127ms
126ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 25ms
25ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date: Fri, 04 Feb 2022 06:08:46 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 9774928
x-guploader-uploadid: ADPycdsf1eCxYozv7X5645Q6FXXYXwsCXZRhjDC6rhRfkJTqfEfNtYH6qSgTIlOElrCIb9vz-e0oeJw6u6r4zH8KSA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20212
x-served-by: cache-lhr7381-LHR
accept-ranges: bytes
expires: Fri, 14 Oct 2022 02:53:17 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643954926.172373,VS0,VE0
etag: "abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984010934
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20212
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 41463

GET
H2 200 merlin_135225102_f2f0b90f-e5ab-480b-92c5-389c5b5abd3f-superJumbo.jpg
static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-02/ 47 KB
48 KB 24ms
24ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-02/merlin_135225102_f2f0b90f-e5ab-480b-92c5-389c5b5abd3f-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f589ff00269f449c6f96a6375bfe81d1db3afb3fe751285f78bdb94b38e71590

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 328568
x-guploader-uploadid: ADPycdsH2Pd19iwVC0lb_EWz69KkEj4KQKbfqXymVevtV2Fw95H-OXjsu0kiS_TIhNIFnhPjU9CCUG_Vkld7S7uSj9f1c8X8xA
x-cache: HIT, HIT
fastly-io-info: ifsz=228916 idim=2048x1366 ifmt=jpeg ofsz=48244 odim=2048x1366 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 48244
x-served-by: cache-iad-kiad7000046-IAD, cache-lcy19228-LCY
server: UploadServer
x-timer: S1643954926.178265,VS0,VE1
etag: "XN+QEgrrrA5kcBD1ST0z6uye4l4rKI/n3xvbZZGLL60"
vary: Accept
x-goog-hash: crc32c=KCfX3g==, md5=t3awU6dCmKeUmH/yFKY2uQ==
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 10:52:37 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 136ms
136ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 130ms
130ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 130ms
130ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 131ms
130ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 133ms
42ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 120ms
42ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 231ms
230ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3254135899412954&correlator=1424672849900650&output=ldjh&impl=fif&eid=31063378%2C31064151%2C31064658%2C31064671%2C31064717%2C44752541&vrg=2022020201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=29390238%2Cnyt%2Cworld%2Casia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1530&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-20.441238677745879165_20220204060844%26mktg%3Dadv_1%252Cengagement_0%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1643937656917%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dhujia%252Cgaoyu%252Ctengbiao%252Cxijinping%26org%3Dcommunistpartyofchina%26geo%3Dbeijingchina%252Cchina%26des%3Dcensorship%252Colympicgames2008%252Colympicgames2022%252Cfreedomofthepress%26auth%3Dpaulmozur%252Cstevenleemyers%252Cjohnliu%26coll%3Dbeijingwinterolympics2022%252Cworldnews%252Casiapacific%252Csports%252Cbusiness%252Colympics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000008178073%26pt%3Dnt12%252Cnt13%252Cnt14%252Cnt18%252Cnt2%252Cnt3%252Cnt5%252Cnt6%252Cnt9%252Cpt21%26gscat%3Dneg_mastercard%252Cneg_ibmtest%252Cgs_sport%252Cneg_citi_aa%252Cneg_cathay%252Cgs_event_olympics%252Cneg_chanel%252Cneg_capitalone%252Cgs_society_misc%252Cgs_society%252Cneg_ibm%252Cgs_sport_athletics%252Cneg_gg1%252Cneg_google%252Cneg_mtb%252Cgs_law_misc%252Cgs_law%252Cneg_ms_safe%252Cneg_ts%252Cneg_debeer%252Cgs_sport_misc%252Cneg_hearts%252Cneg_mttl%252Cneg_amz_sfe%252Cneg_msft%252Cneg_thrv_fin%252Cneg_google_comps%252Cgs_t%26tt%3D49%252C52%26mt%3DMT2%26abra_dfp%3Ddfp_blockdetect_0221_1_network_detection%252Cdfp_als_1_als%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_disp_incr_1_test%252Cdfp_prebid_0521_5_mnet_in_prebid%26sov%3D1%26page_view_id%3Dv36OGLK5PW10q6KPX3x8S3HX%26uap%3Dbrowser%26aid%3Df3isgRkMI0XJf4RQ_568IP%26purr%3Dnpa%26bt%3D%26typ_materials%3D%2523news%2523&cookie_enabled=1&bc=31&abxe=1&dt=1643954926286&lmt=1643944943&dlt=1643954924721&idt=1513&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=132&adks=1298241548&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=409604077.1643954926&ga_sid=1643954926&ga_hid=1590689194&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

08c4008a460217391b117c348da86e0a25a26adc4b248f38c7785486b645e5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 72859
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10891
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 322325
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 B
259 B 77ms
76ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3254135899412954&correlator=1424672849900650&output=ldjh&impl=fif&eid=31063378%2C31064151%2C31064658%2C31064671%2C31064717%2C44752541&vrg=2022020201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=29390238%2Cnyt%2Cworld%2Casia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1532&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-20.441238677745879165_20220204060844%26mktg%3Dadv_1%252Cengagement_0%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1643937656917%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dhujia%252Cgaoyu%252Ctengbiao%252Cxijinping%26org%3Dcommunistpartyofchina%26geo%3Dbeijingchina%252Cchina%26des%3Dcensorship%252Colympicgames2008%252Colympicgames2022%252Cfreedomofthepress%26auth%3Dpaulmozur%252Cstevenleemyers%252Cjohnliu%26coll%3Dbeijingwinterolympics2022%252Cworldnews%252Casiapacific%252Csports%252Cbusiness%252Colympics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000008178073%26pt%3Dnt12%252Cnt13%252Cnt14%252Cnt18%252Cnt2%252Cnt3%252Cnt5%252Cnt6%252Cnt9%252Cpt21%26gscat%3Dneg_mastercard%252Cneg_ibmtest%252Cgs_sport%252Cneg_citi_aa%252Cneg_cathay%252Cgs_event_olympics%252Cneg_chanel%252Cneg_capitalone%252Cgs_society_misc%252Cgs_society%252Cneg_ibm%252Cgs_sport_athletics%252Cneg_gg1%252Cneg_google%252Cneg_mtb%252Cgs_law_misc%252Cgs_law%252Cneg_ms_safe%252Cneg_ts%252Cneg_debeer%252Cgs_sport_misc%252Cneg_hearts%252Cneg_mttl%252Cneg_amz_sfe%252Cneg_msft%252Cneg_thrv_fin%252Cneg_google_comps%252Cgs_t%26tt%3D49%252C52%26mt%3DMT2%26abra_dfp%3Ddfp_blockdetect_0221_1_network_detection%252Cdfp_als_1_als%252Cmkt_dfp_hd_paywall_zip_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_disp_incr_1_test%252Cdfp_prebid_0521_5_mnet_in_prebid%26sov%3D1%26page_view_id%3Dv36OGLK5PW10q6KPX3x8S3HX%26uap%3Dbrowser%26aid%3Df3isgRkMI0XJf4RQ_568IP%26purr%3Dnpa%26bt%3D%26typ_materials%3D%2523news%2523&cookie_enabled=1&bc=31&abxe=1&dt=1643954926291&lmt=1643944943&dlt=1643954924721&idt=1513&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2058154392&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&ga_vid=409604077.1643954926&ga_sid=1643954926&ga_hid=1590689194&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

86d82a8212aff6d810c50286d6368b2511868281810510bce660433ccb1e0541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 835A 6 KB
4 KB 147ms
42ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Feb 2022 06:08:46 GMT
expires: Sat, 04 Feb 2023 06:08:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 139ms
139ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 3164 23 KB
7 KB 94ms
93ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=456654&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16263a0e4b3060432380d385171557ef335581eaace45d9b31c324af6d86b65b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-STvzWiJib97v5e2Xzss86A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-STvzWiJib97v5e2Xzss86A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Feb 2022 06:08:46 GMT
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-STvzWiJib97v5e2Xzss86A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-STvzWiJib97v5e2Xzss86A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 143ms
142ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 110ms
33ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2032
date: Fri, 04 Feb 2022 05:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Feb 2022 07:34:54 GMT

GET
H3

200

activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fwo... Show response
5290727.fls.doubleclick.net/ Frame B4A3
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fw...

736 B
459 B

96ms
55ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

7063cd7473f5d0b86e787f6397433e68e7111ceb629cba0ea869431b040c6697

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 06:08:46 GMT
expires: Fri, 04 Feb 2022 06:08:46 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 06:08:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 125ms
40ms Script
application/x-javascript 2600:9000:2057:0:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:0:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 04:23:52 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 6294
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uXydGD3qy_41wnJeX1P7MDrSDiojR2pbm_P9qrmXK1CUBj84aab5hA==
expires: Fri, 04 Feb 2022 06:23:52 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
633 B 40ms
31ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
content-type: application/javascript
age: 26814
x-guploader-uploadid: ADPycdtcNqHhJClju5kZDWL-tSa_14cFn7kVMl4qFnZPG79O1VJy83NouBtMDsNg470UyECy_RR7nPUy0HvrjJxGRk3iI8rpvw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-lcy19228-LCY
accept-ranges: bytes
expires: Wed, 13 Oct 2021 01:09:21 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1643954927.527490,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 261

POST
H2 200 track
a.et.nytimes.com/ 0
0 141ms
141ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 111ms
37ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1514845493
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 76 KB
16 KB 1375ms
1366ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter&plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: adadf14ea967890121e6502a55941183919ad0ab57bff58821afc5c04d1c4a4f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-lcy19228-LCY
expires: Fri, 04 Feb 2022 06:08:47 GMT
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_all_Monthly-Sale-dock","gateway":"MAG_web_nonsub_all_monthly-sale","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1643954927.559680,VS0,VE1340
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 3609927803639387734fe359076e8909
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 35 KB
14 KB 24ms
23ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/liveblog-95321801a824e7f36e0d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c219045d17f390c301834f8a5ac05a81188835e6875f0f9d87ae0aa78c31b319

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
x-api-version: F-X
age: 140
x-cache: HIT
x-cache-hits: 1
content-length: 13794
x-served-by: cache-lcy19228-LCY
server: Google Frontend
etag: "8MuY0w"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: b34975f8e22003d4df92d461e78a2399
cache-control: public, max-age=600
x-datadome-timer: (null),VE19
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Fri, 04 Feb 2022 03:02:15 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
564 B 117ms
47ms XHR
application/json 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-49.fra56.r.cloudfront.net
Software: DataDome /
Resource Hash: 73a0b92a0d0adb201bbdfb322be0a562d2b462d18ebf04528c282492798ed516

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: UrOhVEESyyBtWsN4A4AMVmNr1x2n3j7esFxNOn1NsR7Y84Sw4mYVxA==
expires: 0

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 3164 0
24 B 49ms
49ms Other
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4osKaM4wuEbnEeUh6pOnww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-4osKaM4wuEbnEeUh6pOnww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456654&publicationId=nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-4osKaM4wuEbnEeUh6pOnww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-4osKaM4wuEbnEeUh6pOnww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 08B5 6 KB
3 KB 76ms
35ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Feb 2022 06:08:46 GMT
expires: Sat, 04 Feb 2023 06:08:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 132ms
132ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 132ms
131ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 3164 21 KB
6 KB 34ms
33ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456654&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 06:22:50 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame 3164 161 KB
57 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5QgNADHtfa1KzpYgxVdoxiHm4nlg/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456654&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd971b3b86905a4fbc64cb5830c13e314a23f5228cbdc3fcd94982d31545556f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57872
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 02:53:01 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 02 Feb 2023 20:07:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 85ms
41ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1590689194&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html&dr=&ul=en-us&de=UTF-8&dt=Ahead%20of%20Winter%20Olympics%2C%20Beijing%20Moves%20to%20Quash%20Dissent%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=94473538&gjid=381161940&cid=409604077.1643954926&tid=UA-58630905-2&_gid=2120559027.1643954927&_r=1&gtm=2wg220P528B3&cg1=world&cg2=asia&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&cd3=%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&cd4=World&cd9=9&cd10=null&cd12=Asia%20Pacific&cd13=null&cd14=international_desk&cd15=earned&cd16=referring_links&cd17=100000008178073&cd18=Paul%20Mozur%2CSteven%20Lee%20Myers%2CJohn%20Liu&cd19=Ahead%20of%20Winter%20Olympics%2C%20Beijing%20Moves%20to%20Quash%20Dissent&cd20=&cd21=Article&cd23=World&cd25=Asia%20Pacific&cd26=2022&cd27=2022-01-31-05&cd28=Monday&cd29=05&cd30=1643941468674&cd32=Beijing%20Winter%20Olympics%202022%2CWorld%20News%2CAsia%20Pacific%2CSports%2CBusiness%2COlympics&cd33=NEWS_EVENT%2CSECTION%2CSECTION%2CSECTION%2CSECTION%2CSECTION&cd34=NEWS&cd36=31olympic-crackdown&cd37=1092&cd38=Foreign&cd42=nyt-vi&cd43=Censorship%2COlympic%20Games%20(2008)%2COlympic%20Games%20(2022)%2CFreedom%20of%20the%20Press&cd44=Communist%20Party%20of%20China&cd45=Hu%20Jia%2CGao%20Yu%2CTeng%20Biao%2CXi%20Jinping&cd46=Beijing%20(China)%2CChina&cd48=January&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Foreign&cd54=international_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=f3isgRkMI0XJf4RQ_568IP&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=f3isgRkMI0XJf4RQ_568IP&z=1282955670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 307ms
95ms Image
image/gif 54.165.183.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html&u=6S6THCeao-nY4Lz8&d=nytimes.com&g=16698&g0=world%2CAsia%20Pacific%2Cinternational_desk&g1=Paul%20Mozur%2CSteven%20Lee%20Myers%2CJohn%20Liu&n=1&f=00001&c=0&x=0&m=0&y=1693&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3302&_c=The%20Signal&_m=email&_x=Revue%20newsletter&t=BqWH4fXxNYw_bwhjDTAIl4BwRnay&V=129&i=Ahead%20of%20Winter%20Olympics%2C%20Beijing%20Moves%20to%20Quash%20Dissent&tz=0&_acct=anon&sn=1&sv=BffBGbZC5YmC_fLTTw-Cil865GL&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.183.227 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-183-227.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame FBF8 19 KB
9 KB 158ms
157ms Document
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

c333c8f694543a891d5bc684cfb04b0c454fb7aeba887e35be2840d2de701b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 7285652850388478512
x-datadog-parent-id: 7285652850388478512
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
x-nyt-backend: lire-ui
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests
resp-details: [[it:lui]]
etag: W/"4c0c-pG7IxNkPIds5A08xaS8eqXr/rWU"
content-encoding: gzip
x-cloud-trace-context: faf8a9dc929bb1663f1e67ff3d6425f9
server: Google Frontend
x-datadome-timer: (null),VE135
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:46 GMT
via: 1.1 varnish
x-served-by: cache-lcy19228-LCY
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
x-api-version: F-X

GET
H3 200 dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-...
adservice.google.com/ddm/fls/z/ Frame B4A3 42 B
63 B 122ms
80ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CN3XtKux5fUCFTkhBgAdy0IBPw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7830848458677;gtm=2wg220;auiddc=593461659.1643954926;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F31%2Fworld%2Fasia%2Fwinter-olympics-crackdown.html%3Futm_campaign%3DThe%2520Signal%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3164 15 KB
16 KB 113ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456654&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 240641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:18:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 08B5 0
0 47ms
47ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjU547sL8YbLGFY-8gQetgYnAB575kpBcs8Tlw4gJwI23ARABIABgmeadhoAhggEXY2EtcHViLTQxNzc4NjI4MzY1NTU5MzTIAQngAgCoAwGqBK4CT9Al3mO5fUAiT8m-bfUW78Z_OGOdMZoA51Jwd4sio2O6KGw9zodQxVX7Mste-17dZnXMRInvqdvX7n7L9-kPnLvum4WmkhSu6aH1RDoDx1l-1Ps5BY4y8iHo6xxl-OyHJ4heitIpZT9oCpgGaC9VB2BAH19p_E4dopGCHJTwtyPxeTu9R43KOWcGU40U0fM-S79SWO_u5daSyeYuLl0iHT5hoASxoJI_TcI9Gp9Vx0cmyjf7sQzKm7kkFF_Gq75f-F4tnHccz4MhgHYx7dE0FojHAWK-6FC0OtnjXkH-tO3mKVIoDj0yxUCMTkPHIaztcCWAJ-DFJM4EUOl5bOiGhcjC444O-4PkkehS6lU_LfUHSiNBObhISlyfKFRuPYLRSETdP-oUjGENuka_BmrgBAGABo2Ml7mGuub7a6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAYBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQxNzc4NjI4MzY1NTU5MzQYnucV&sigh=JciEriIWKT8&uach_m=[UACH]&cid=CAQSPgCNIrLM1CcMJ_pbWLTQGm2huRU-qKQYvLElYCcnWwoOz-uomSD0aRC5FMWAazpUSsMtvGo100UNjMJcGdb4GAE
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 adEvent.do Show response
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 08B5 43 B
176 B 127ms
35ms Fetch
image/gif 18.194.68.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770924521&dcn=8a9690f60172721304e0148a0601001b&posi=1013386&grp=???&nl=1643954926467&rts=1643954926415&pix=0&et=1&a=YfzC7gAGJLgK4DBVzgd8Pg&m=aXAtMTAtMjItMTEyLTExMg..&p=MC4wMDEwNDQwMTM&b=MTE2ODg7MzM3NztmaWZ0eS5pbzs7OztlMzEwYTNmYmVmNTY0NTI5ODhiNjA0ZTc3ZWVhNzNiOTsyOTM4OTI5MzsxNjQzOTUyNjQ1OzswLjAwMDg4NzQxMTs7MDs7aWg1Ynhxcnk7MzllMTBhMTZmNDU0ZWJiOGVjMWEwMmI2ZDFmZjhkMjQ5NDIyMmIyODsx&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxHQlI.&hb=true&type=2&hbp=6&af=5&dety=2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.68.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-68-138.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
last-modified: Tue, 25 Jan 2022 19:28:40 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 08B5 27 KB
9 KB 268ms
172ms Script
text/javascript 108.157.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e9ab1674b97c2a89cec8832a20a030743d3e87b8a02c871d3320a7188dc21fcc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: dKxwZWLMAMabPshGYgqixqGJzc59kCkQypt3cyf6F-UtaMyXbRFYNA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 talon-1.0.39.js Show response
cdn.js7k.com/ix/ Frame 08B5 69 KB
17 KB 446ms
49ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.39.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

901a381a532d64712970ae6d21bf80742c1a8088e7bd9f6eb551ebf8d812a390

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3084
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 16530
x-amz-id-2: uk6tzvdm4gOLCYNJiHwjpDYSpube6SIXuKpicptQvctH8jot81t5MNL2x9cjyVhtVadQEytCL9E=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Jan 2022 22:21:14 GMT
server: ATS
etag: "a3d122d2b21ea5999c557bdb1d26ca54-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: EH46G885YW7H4FNB
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK rightmedia
de2-bid.adsrvr.org/bid/feedback/ Frame 08B5 807 B
1 KB 119ms
38ms Image
image/gif 99.83.246.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de2-bid.adsrvr.org/bid/feedback/rightmedia?t=1&iid=5340f504-c145-487f-855e-a30f6c366fbb&crid=ih5bxqry&wp=1.044013&aid=e310a3fbef56452988b604e77eea73b9-1&wpc=USD&sfe=143442ee&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=gw27tz3&ag=d8adqyt&adv=1emp393&sig=1Gt4A84oQ_KS4gAvrKYMRn5poy1YuQOZkrhGn8GGqSw0.&bp=1.3572167285105&cf=2970614&fq=0&td_s=www.nytimes.com&rcats=7sp,y29&mcat=&mste=nytimes.com&mfld=2&mssi=&mfsi=&uhow=126&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=55792&did=&rcxt=Other&lat=0.000000&lon=0.000000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=Cg5Vbml0ZWQgS2luZ2RvbRoAOAFQB4ABAIgBAZABAQ..&dur=&durs=UJSBm-&crrelr=&ipl=/29390238/nyt/world/asia&grdc=CAE.&vc=3&cx=8903459462156604370&said=e310a3fbef56452988b604e77eea73b9&ict=Unknown&auct=1&cxlvs=0&im=1&mc=2daa9b72-d324-47ff-86ff-152e9f7695ff
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 99.83.246.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a488b146b5a2f7293.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:46 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: must-revalidate, no-cache
connection: close
content-type: image/gif

GET
H2 200 ih5bxqry_970x250.jpg
ad.adsrvr.org/gw27tz3/1emp393/ Frame 08B5 171 KB
171 KB 155ms
51ms Image
image/jpg 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adsrvr.org/gw27tz3/1emp393/ih5bxqry_970x250.jpg?cb=482886
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-96-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf03aa7043e0b01e181e6ae5dcc4927f2155cb415171b8072a39354175a1f95f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
etag: "45ea6a83a1f10e0c3c4ce72c55f641c4"
last-modified: Thu, 16 Sep 2021 11:43:46 GMT
server: AmazonS3
age: 50019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 174616
x-amz-cf-id: 1hWAt2RYeif0PiF9GGLPFgsWR2N55iMI3OX0AzSzthBs3Lp3Y0lPbg==

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 08B5 2 KB
1 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
URL: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 05:41:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08B5 123 KB
38 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
URL: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 06:08:46 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 08B5 14 KB
7 KB 112ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
URL: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 05:51:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 08B5 0
0 120ms
42ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdx3A3_dYFHmhJRF64W1ads9pDgeX5TqpsJrMSZ8pXfmK1lGpwyH4RyO_jC1eC4wLPGPJ2
Requested by: Host: c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
URL: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 08B5 22 KB
7 KB 115ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
URL: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 20:10:54 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bMV68RBZ7E0.L... Frame 3164 37 KB
13 KB 81ms
38ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bMV68RBZ7E0.L.B1.O/am=BAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5sout4xvYEnbWggxup9uTemf6SyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5QgNADHtfa1KzpYgxVdoxiHm4nlg/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

663fd947bc3440f86163a77079ea018a0fddf60ed841c0fd7b527a5943c3c085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13652
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:50:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 02 Feb 2023 20:07:55 GMT

GET
H3 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bMV68RBZ7E0.L... Frame 3164 104 KB
35 KB 68ms
35ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bMV68RBZ7E0.L.B1.O/am=BAAQ/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5sout4xvYEnbWggxup9uTemf6SyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

370b446ce470b7852f81e1f7ddea152f9a67f540b3828935d30d890ef1018067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36093
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:50:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 02 Feb 2023 20:07:55 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame FBF8 410 KB
139 KB 23ms
23ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=de8cb90
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: db35a00d0c91257fb39cee8f38919220a7768602c49d41b97a2f7145dd124fb6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:46 GMT
content-encoding: gzip
x-api-version: F-X
age: 86
x-cache: HIT
x-cache-hits: 2
content-length: 141714
x-served-by: cache-lcy19228-LCY
server: Google Frontend
etag: "8MuY0w"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 7ffe5b670b03ae8158236b75b3304a46
cache-control: public, max-age=600
x-datadome-timer: (null),VE98
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Fri, 04 Feb 2022 03:04:52 GMT

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame FBF8 205 KB
49 KB 110ms
34ms Script
application/javascript 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: br
last-modified: Mon, 17 Jan 2022 19:36:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame FBF8 0
0 132ms
132ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame FBF8 226 KB
41 KB 41ms
41ms Script
text/javascript 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-49.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

63c19371588c328be91e3988648d28d3dc13e987ead094a0165cec8d915f2ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3882b-5d5788b58c148-gzip"
age: 18
x-cache: Hit from cloudfront
content-length: 41784
access-control-allow-origin: *
last-modified: Thu, 13 Jan 2022 15:43:14 GMT
server: Apache
date: Fri, 04 Feb 2022 06:08:30 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: Oq6slYF7SIGswevytIan4tf0DwP2np02oetS3eSJ2J5jI5DXM0H4vA==
expires: Fri, 04 Feb 2022 07:08:28 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame FBF8 0
0 130ms
129ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame FBF8 1012 B
1 KB 339ms
264ms Fetch
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fmultiproduct%252Flp8KQUS.html%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2022%25252F01%25252F31%25252Fworld%25252Fasia%25252Fwinter-olympics-crackdown.html%25253Futm_campaign%25253DThe%25252520Signal%252526utm_medium%25253Demail%252526utm_source%25253DRevue%25252520newsletter%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-327331
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=de8cb90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 07ca38072114ce9a250709c999568a8871c2e5f66bbf402050bad8291b8a7188

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 68d416cbefb7f2c075b71766609bbfdc
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 528
expires: Fri, 04 Feb 2022 06:08:47 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 131ms
131ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame FBF8 29 KB
29 KB 33ms
22ms Font
font/woff 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Fri, 04 Feb 2022 06:08:47 GMT
via: 1.1 varnish
content-type: font/woff
age: 7956732
x-guploader-uploadid: ADPycdsZUE1IPED_zlb9kIq8ANjWGV4qTgx-vgpe-zAA4u-pdqNNwD3jK1g96bMR0KBrFB9Ls8i0DK4k55K1XLTyF3O_9nDl5Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-lhr7335-LHR
accept-ranges: bytes
expires: Fri, 04 Nov 2022 03:56:34 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1643954927.021613,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717313763
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame FBF8 29 KB
29 KB 43ms
34ms Font
font/woff 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Fri, 04 Feb 2022 06:08:47 GMT
via: 1.1 varnish
content-type: font/woff
age: 14014143
x-guploader-uploadid: ADPycdslRcgp4xFzczchB7j7uheY2o9WOjrz2OtYGOzilkOOZG32eu_3_PjYhWNAu-qZ_QIf68unDyPMwwBsz58ws-VQKEq5EA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-lhr7335-LHR
accept-ranges: bytes
expires: Fri, 26 Aug 2022 01:19:44 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1643954927.021787,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717322939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 13

POST
H2 200 track
a.et.nytimes.com/ Frame FBF8 0
0 130ms
129ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame FBF8 231 B
565 B 51ms
51ms XHR
application/json 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-49.fra56.r.cloudfront.net
Software: DataDome /
Resource Hash: 643291e8f736b1ebdb4cc1787328a0d1bc9f4c85ca4f9713bef7d9438181ea21

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:47 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: 6EJnDYgWqXsv0mJTRUywsxb76wY-XlV8jxIDHXnB_3USRYHA2QpC0g==
expires: 0

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 3164 423 B
319 B 60ms
59ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-5152937912720092414&bl=boq_subscribewithgoogleclientserver_20220201.14_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=22128&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d46184e3adc29258313ebb4d2f0bf3b2bd01fcf9e37200191264db124e689e7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bMV68RBZ7E0.L... Frame 3164 17 KB
7 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.v6eyZpp26BM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bMV68RBZ7E0.L.B1.O/am=BAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5sout4xvYEnbWggxup9uTemf6SyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e70b0298867d5a063bfafdbb232f43cd8909e98241a2a1c836a63872cc5900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 20:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7223
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:50:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 02 Feb 2023 20:07:55 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame FBF8 6 KB
2 KB 129ms
41ms XHR
application/json 2a02:26f0:ef:288::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5479850&v=1.720.0&sl=0&si=fa2e850b-f331-4fb6-bbbc-e60547ababfa-r6rnqn&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ef:288::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5092aae0f33dd5cc6de0eb44a072d1e7f9a530af6ed4cf78ad7be69b1ae690b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 06:08:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1564

POST
H2 200 log Show response
play.google.com/ Frame 3164 131 B
673 B 122ms
43ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 04 Feb 2022 06:08:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3164 131 B
155 B 87ms
44ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 04 Feb 2022 06:08:47 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 120ms
42ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 04 Feb 2022 06:08:47 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 06:08:47 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 3164 131 B
155 B 88ms
45ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 04 Feb 2022 06:08:47 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 118ms
42ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 04 Feb 2022 06:08:47 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 06:08:47 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 3164 131 B
155 B 88ms
45ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 04 Feb 2022 06:08:47 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 118ms
42ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 04 Feb 2022 06:08:47 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 06:08:47 GMT
cache-control: private

GET
DATA 200
OK truncated
/ Frame 08B5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c7a7c7c0f10a7b7f41af45b0347c5995cff6cd8341d7929554f59e1f151102

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 112ms
112ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 1e0de6567ce399eb-603225bdbb3c6726-1
access-control-allow-headers: nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-97efa45
x-b3-traceid: 1e0de6567ce399eb-603225bdbb3c6726-1
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 04 Feb 2022 06:08:47 GMT
age: 0
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: GB
x-nyt-region: SFK
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: 8411fcc5e15eb50c
samizdat-x-instance: 546bf032
samizdat-x-canary: false
x-served-by: cache-lhr7335-LHR
x-cache: MISS
x-cache-hits: 0
x-timer: S1643954927.353255,VS0,VE91
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

GET
H2 200 .status
a.et.nytimes.com// 0
0 127ms
127ms Fetch
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 170 B
827 B 116ms
116ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: static01.nyt.com
URL: https://static01.nyt.com/newsgraphics/2020/11/23/column-push-notifications/adb6e89dd349417c08e0e842f34f15dc38965a59/build.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-97efa45 /
Resource Hash: 7be903732a081df12a081abe9dd5d6d765bcbaf755278453b9e11e3ab6d3a7ef

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
Content-Type: text/plain;charset=UTF-8

Response headers

x-samizdat-query-sup-code
date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 42348f074dc0de8e-71ba534d7553128-1
age: 0
x-cache: MISS
samizdat-x-instance: efe99e77
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: dd1b6f00b075ffa7
content-length: 140
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-97efa45
x-timer: S1643954927.465977,VS0,VE95
x-nyt-region: SFK
x-served-by: cache-lcy19228-LCY
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: GB
x-datadog-trace-id: 42348f074dc0de8e-71ba534d7553128-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 126ms
49ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5df8b5eaac26955bdc6ee62b3080c48115b6092373404a92fce6ffd63dd5f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9954
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 90ms
31ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B8NAJQKRE9H3X2AB
x-amz-id-2: 83uN6A3EI0TZCLAONzjJV980UZ8Xh340JSe2pBAsmT8LwyCMVU8oV0nhB6nlN4AE7SCioq64/8s=
last-modified: Tue, 21 Dec 2021 18:11:17 GMT
server: cloudflare
etag: W/"851a8e8d3ce808a979323f763dc260b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzkygJ5363HHj5tEAMY6WOywPzOzgw3uaZansLfO%2B8Pm3ZO7gsRjMOb7Fjn3Fp79uzRBp4hWyOD44LCSbAQNyEJaBfipWeyiF8IDU7ku%2FD0eSwq4gsZkfIdi2dSzB1MOawYWQNlubedw2pehWYsJt38bTYhi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6d81b9f86a0a76c9-LHR

POST
H2 200 track
a.et.nytimes.com/ Frame FBF8 0
0 135ms
134ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F01%252F31%252Fworld%252Fasia%252Fwinter-olympics-crackdown.html%253Futm_campaign%253DThe%252520Signal%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sdk-prod-1d3c7a55760b4dff36c9.js Show response
platform.iteratehq.com/ 895 KB
260 KB 82ms
53ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3844549
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1AQNN3QDCW9Y3F5M
x-amz-id-2: lKkb22avL86Wo0La2jCjvRsnUJl/pQ8Cqqu8KTac05TC9gKEkqsDGhKWstk/IXdqqMCNHr5Wnxc=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"1e60912655a5240d8ec79d1ef3a8098e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icePpZ7S00OraNfLiWItFQHTL%2FEBqD4LgFgS6gn3IJ78ZZHY0Gq7nU70z%2BiysFvGxk9tRhFeSal3jgpQ5FlfZwOQQSxpolApc0gIncnIQ2y9TJERti8PQYntL%2BDmZq4PiTu96HoGF0tcA1eXo7P%2B2U%2FgaNzn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6d81b9f8c89d74b5-LHR

GET
H3 200 style-2bdbffb0210cc2e386f1.css
platform.iteratehq.com/ 130 KB
12 KB 59ms
31ms Stylesheet
text/css 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8721938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0FPE0S9EAAXWR125
x-amz-id-2: LYvidJtkD/KsFrJ/Wqum9FJ1/VSYF55eK1I/b+h6S7Kd+8jhARVJ0Jd73alPb02UF8z72KL9e3Q=
last-modified: Tue, 28 Sep 2021 16:17:35 GMT
server: cloudflare
etag: W/"4737fd744e2551cae9a2bc8884efd7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJWOQyxlFi9iVnVFIYrZB1QJHdud7g488eiSlBdKeV%2BqUGiS%2Fg1YWdXh9URbuToBG1A1H8pDvwpJMcgHBvnIQlsqpPOi9zTCPXbIwG7y8dahKan1QU1puHmqaapBjBLu41L12gqgLDGes8PuV1vhp9zB3lzr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6d81b9f8c89e74b5-LHR

GET
H2 200 report.jpg
a-reporting.nytimes.com/ 285 B
739 B 77ms
22ms Image
image/jpeg 35.244.227.0
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-reporting.nytimes.com/report.jpg?mobile=false&block=false&aid=f3isgRkMI0XJf4RQ_568IP&pvid=v36OGLK5PW10q6KPX3x8S3HX&et=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.227.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 0.227.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 157b12c4da002bdd97c728f3fbec34d92b746b7c1b709e8f4f55318f4351745b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 05:27:12 GMT
age: 2495
x-guploader-uploadid: ADPycdt9q6C8bAArR9hE3LfBIl_leqljjFbQMq_zSj9V-y1-lgP8xDv9MSLdg6edVy4F3BXUWdphAZVI4KTYAXePwug
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 285
last-modified: Wed, 09 Dec 2020 20:30:47 GMT
server: UploadServer
etag: "25196a33ff1ec92c97dc0adfffec6661"
x-goog-hash: crc32c=muEBuw==, md5=JRlqM/8eySyX3Arf/+xmYQ==
x-goog-generation: 1607545847505711
cache-control: public, max-age=3600
x-goog-stored-content-length: 285
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 04 Feb 2022 06:27:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 94ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js?31064717

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 06:08:47 GMT

GET getdns.txt
trial-eum-clientnsv4-s.akamaihd.net/eum/ Frame FBF8 0
0

GET getdns.txt
trial-eum-clienttons-s.akamaihd.net/eum/ Frame FBF8 0
0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B43 13 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Feb 2022 00:15:40 GMT
expires: Sat, 04 Feb 2023 00:15:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 21187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 342E 783 B
534 B 87ms
44ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ffcfd37cac1710332a8b7a9689dfb89272f5c3385fd7171af7146f0dcdad95e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rvFiwAqh7klnvROIHOgzHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 04 Feb 2022 06:08:47 GMT
date: Fri, 04 Feb 2022 06:08:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rvFiwAqh7klnvROIHOgzHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 143ms
113ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d111006fba3c6a1eb17807c2d35361bde8ebd74763637603248d22bbccd835b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OpyIqowp%2Fqk%2B9WTF4Z1dhyugF9gFuPk2xVryRSl9LRGu6jCsQienBCLZSre4PvULJSvaDg3lM3aO%2BedkjKaC31oVBwT8jvG32JjRm5gqvz1iPMimE4ebK5g2zuWx7%2Fq38V7jWd6%2Fcinc4E6"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6d81b9fb488f067a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 168ms
108ms Preflight 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNzRkJ97QcGKaqAXuFf1d3n%2FeNQmIu7CrycDWg9ihF2v1DI0%2BPXSvKCGDSEkWF6RGS60Gy8htl9QAMBRnSRtt9oAJcT7DeiQP93Fe6k4jkJBTYq8BQ0pBDMOmmi46%2B7vcXGRX0wsTkdBxniT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6d81b9fa6fb6775c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 342E 0
0 128ms
85ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020201&jk=3254135899412954&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B43 35 KB
13 KB 74ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 20:09:43 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 9B43 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020201&jk=3254135899412954&bg=!lpWlldHNAAYZkRhwGZE7ACkAdvg8WlJ_N5mHIdN-3I1GzB6hSQcOazDTthyKTv8kcmOHLlaWHfN0jgIAAABOUgAAAAJoAQcKAFhYw2q4KmLtNpnAyXfEyVvTKPidtK-18s7KxDH0Fc8w3Hg58uWLWLjf8xefWxcoLzXD554bdNfrcut0ICDyJEPij35PXQXIZPknHreOJqNcUHnru5E411kKmQKweupqMCBetBa76aByc0ou_HGoOsnFNLLAtkqKI4KLPNwnABkQZvrfsvzuRqlj9ZxXZNNtVYVlFdI6CiQjYOUVBzEnsh-AF2qNnBVwbcwsdlSdSvo-mE0xQhvTRGaAaFv3VN_Ehb2I2-1KHHgjkZYebbqdWr-389xo36hwseckkMnecNQU78RqUWknkA7kuD7wmku3OapGNshtMVHDlW-h04n_gPxN6HmfmZ4C_o2-mlODVvdHEdrOZMIPg8XKPlkr4K43igYNVXqdY8G6EtebiA0xCmMs-fqgITyKYv0yczHIhyxnfg66w8eoYvvhIuMFMLjkR_yeZbiPKVBLnpk0JpTFsF4dRCJY8hNFBcOlA83owRZaEKzW13tOjazA--gYeFZHoA-rH6X7d2k4-1lVZG4WYM3ABSQ6ZV4X6TZkUC_H3npgHmPsj3AeAmOgfMYk79Ii5fsAE113T987Yu5W1np7GeTo4rTGt3bELP6-fZiAJ0dSjFjhuCGMuY9VZdljiMFyQe7Fgc3w_qbiFEQuYWvz-mgrxXYTS81tgdZmrIxp7mpQut4bCImMqibMqW_dFs72Zr4QqKn0WKBc0OmnTPCUaRRGcrBSX93N7gXB6Eh5IA7AkAc4FyfWBryiiHn9T9lh9b3Q7J2EEmG5xwezHvM9YbkFnamd_-Un6vZppKwUNy28evf5GYhdgBry-FtyBuzUcpPGGxX1i6UNn5QqeSAHvMk2Epf0MDBQrmhyWAnIL4l7tTjJuQUt9pSsarbNhkAwAb8ky057huafHWybzcXXrINAzNsGab8vF5fwsZA1BrvfbmMPxFRDengc0eNE7yMtOfi3x0KMCBSKtbAFuP1F52oPAHyo_M3uc2xkJc5TIhECqrAbvsLVbBLCN0TuTAlg2yB-emhUHIOwttvuJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-01/merlin_201037263_10257346-f626-4a48-b05e-84e23e64a026-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 77e8109c15b0eaac502bf0889cda5d3f63ef16e2b33ff7ccb6721ac7e753f707

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 328572
x-guploader-uploadid: ADPycdvlvKzESI2rjcXcPyd3lD7t4TOMydq8ukyYDFp36cbaIY6A7CXcomIctDaA0aYPtQsVr7jj8UnYtWNSV_bQ5Ys
x-cache: HIT, HIT
fastly-io-info: ifsz=627317 idim=2048x1365 ifmt=jpeg ofsz=206974 odim=2048x1365 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 206974
x-served-by: cache-iad-kiad7000116-IAD, cache-lcy19228-LCY
server: UploadServer
x-timer: S1643954928.950813,VS0,VE0
etag: "m4btYxK8u924aBfzvosB1YFRUTXpZ+PrBSvjcUY+J2k"
vary: Accept
x-goog-hash: crc32c=3uHOxg==, md5=P8ql9UBvRrObxS+E7wIokw==
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 10:52:35 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 merlin_135225102_f2f0b90f-e5ab-480b-92c5-389c5b5abd3f-superJumbo.jpg
static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-02/ 47 KB
47 KB 35ms
35ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/31/world/31olympic-crackdown-02/merlin_135225102_f2f0b90f-e5ab-480b-92c5-389c5b5abd3f-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d3d1607e81000843366d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f589ff00269f449c6f96a6375bfe81d1db3afb3fe751285f78bdb94b38e71590

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:08:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 328570
x-guploader-uploadid: ADPycdsH2Pd19iwVC0lb_EWz69KkEj4KQKbfqXymVevtV2Fw95H-OXjsu0kiS_TIhNIFnhPjU9CCUG_Vkld7S7uSj9f1c8X8xA
x-cache: HIT, HIT
fastly-io-info: ifsz=228916 idim=2048x1366 ifmt=jpeg ofsz=48244 odim=2048x1366 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 48244
x-served-by: cache-iad-kiad7000046-IAD, cache-lcy19228-LCY
server: UploadServer
x-timer: S1643954928.950917,VS0,VE0
etag: "XN+QEgrrrA5kcBD1ST0z6uye4l4rKI/n3xvbZZGLL60"
vary: Accept
x-goog-hash: crc32c=KCfX3g==, md5=t3awU6dCmKeUmH/yFKY2uQ==
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 31 Jan 2022 10:52:37 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08B5 7 KB
3 KB 222ms
137ms Script
text/javascript 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&w=970&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9bb03a6a-1540-4d60-bb2a-5f0e328950d8&sid=0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 088a3f8069e4ba5dc66eda884095e4fdc1d0f4cbdebec05ae99195f08f36103c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:48 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2416
x-amz-cf-id: M6Mil94VHwNj5bUSYRVXqOTheJKpbntgV_VzjWbCmFsm8fr_sbbp6A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08B5 38 KB
11 KB 133ms
49ms Script
text/javascript 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&w=970&h=250&c=tradedesk01cont1&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 23:31:18 GMT
content-encoding: gzip
server: nginx
age: 23850
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: zXdRtRC2CMNmN6oOWXKd3dizRs8UCF0i1BbbyI_5YiTvVPRBu8VX1g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 08B5 43 B
394 B 216ms
132ms Image
image/gif 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&w=970&h=250&c=59ae
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:48 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: PCsHiH2PALSSEEhlXospZtnlUK54RW4M3C_cqumpE2aDuE3i7Lb1uA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 08B5 287 B
628 B 37ms
36ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Tue, 01 Feb 2022 15:06:16 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: nginx
age: 226952
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
content-length: 287
x-amz-cf-id: 9SAo_AHySOjcEIjBxKPCoK8QoVd6virFWC-VgFmK4fpo_iDSBB4gqQ==
expires: Thu, 03 Mar 2022 15:06:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08B5 42 B
64 B 87ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttrEeRvItLLWN185uQnbA1f30MgNP-UZIeoU_VcRRe8eykUBVgPpiDla7Tq5R61ZUh_jXc_92EHDtn7m143hV1dA&sig=Cg0ArKJSzEW-HUMhhRiMEAE&id=lidar2&mcvt=1000&p=132,315,386,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1298241548&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643954926682&rpt=621&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 06:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 5228 287 B
628 B 36ms
36ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=kwy8x26_d8adqyt_ih5bxqry&w=970&h=250&c=tradedesk01cont1&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Tue, 01 Feb 2022 15:06:16 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: nginx
age: 226952
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
content-length: 287
x-amz-cf-id: YdvUsTUD4-o45tBgKpp6qXsQYu30Nh_rGpXS5Rt8OBGOzaaExFvgdA==
expires: Thu, 03 Mar 2022 15:06:18 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 5228 739 B
1 KB 36ms
36ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Jan 2022 02:25:37 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: nginx
age: 877391
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
content-length: 739
x-amz-cf-id: yRcml1WanrkXOQ3WaA-LR0FCjWj5d1AiqNLWMT8FODcdTPzRhnYQ0w==
expires: Thu, 24 Feb 2022 02:25:39 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 137ms
137ms Ping
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html?utm_campaign=The%20Signal&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trial-eum-clientnsv4-s.akamaihd.net
URL: https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=po5qbcq62

Domain: trial-eum-clienttons-s.akamaihd.net
URL: https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=po5qbcq62

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?wzl6Fg

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 09:24:50	Name: nyt-a Value: f3isgRkMI0XJf4RQ_568IP
.nytimes.com/	1970-01-20 00:39:36	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 09:24:50	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 00:39:36	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 00:39:36	Name: nyt-geo Value: GB
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: b2112c0e06174802bdee0411ff7bc7b3
.et.nytimes.com/	1970-01-20 00:39:16	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 09:24:50	Name: sessionIndex Value: 1\|1643954924969\|f3isgRkMI0XJf4RQ_568IP\|1643954924969
.google.com/	1970-01-20 05:02:46	Name: NID Value: 511=c8cyLh_g0tXuCUWgS9H0GPaWaas1ciW8RddK-pu-Rq86F9DmlrCzH9QZHnmkynz-R3zRoKmNpPAK_C8tCuJhOpHLyZUqf8fUxaw3DEmk5PsKN8U7CQn1LaD00X6mRmYtMlTNnAA6iooNTUayfWysdYP0HZcuBjDxGHWGf74hDGI
.nytimes.com/	1970-01-21 20:28:41	Name: nyt-m Value: EF32683B96EA36239444B0901309E5D5&g=i.0&ica=i.0&ier=i.0&ird=i.0&s=s.core&v=i.0&igf=i.0&n=i.2&vr=l.4.0.0.0.0&e=i.1646125200&cav=i.1&imu=i.1&igd=i.0&prt=i.0&iue=i.0&ifv=i.0&iga=i.0&t=i.0&er=i.1643954925&fv=i.0&iub=i.0&pr=l.4.0.0.0.0&imv=i.0&ira=i.0&iir=i.0&uuid=s.8158e8d0-769f-4d9a-a84e-2a1593745201&rc=i.1&vp=i.0&ft=i.0&igu=i.1&iru=i.1
.nytimes.com/	1970-01-20 10:08:44	Name: purr-cache Value: <K0<r<C_<G_<S0
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1643954926023&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 09:24:50	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 00:40:19	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 00:40:19	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 09:24:50	Name: nyt-jkidd Value: uid=0&lastRequest=1643954926023&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-20 02:48:50	Name: _gcl_au Value: 1.1.593461659.1643954926
.nytimes.com/	1970-01-20 10:00:50	Name: __gads Value: ID=6ca90a1fe60e6cad-224f07fa34cd009e:T=1643954926:S=ALNI_MZy0ET8tRC0mRxkGYAW9Sslt0-y6g
.nytimes.com/	1970-01-20 18:10:26	Name: walley Value: GA1.2.409604077.1643954926
.nytimes.com/	1970-01-20 00:40:41	Name: walley_gid Value: GA1.2.2120559027.1643954927
.nytimes.com/	1970-01-20 00:39:14	Name: _gat_UA-58630905-2 Value: 1
www.nytimes.com/	1970-01-20 10:08:02	Name: _cb_ls Value: 1
.doubleclick.net/	1970-01-20 18:10:26	Name: IDE Value: AHWqTUnp-e6aOB-59rGrZF1qRix8AAeL7C1J7dfvzmMzJrVa4-tQbngLwuhUyuMv6bM
www.nytimes.com/	1970-01-20 10:08:02	Name: _cb Value: 6S6THCeao-nY4Lz8
www.nytimes.com/	1970-01-20 10:08:02	Name: _chartbeat2 Value: .1643954926715.1643954926715.1.BffBGbZC5YmC_fLTTw-Cil865GL.1
www.nytimes.com/	1970-01-20 00:39:16	Name: _cb_svref Value: null
.et.nytimes.com/	1970-01-20 00:40:41	Name: et-ppvid Value: https://www.nytimes.com/2022/01/31/world/asia/winter-olympics-crackdown.html=v36OGLK5PW10q6KPX3x8S3HX
.nytimes.com/	1970-01-20 09:24:50	Name: datadome Value: hRmxjAmKpA.o~.klX-lq4nHV4YNF1IE4CUgMCt9B4gv4.ikCZZNGQOjOa1RiwSojMSfLTy5.tSIoh4Ba._hg606Z1gUoRQszRo4Kw_9YvGg17NkMR3aOQOtTtzAehI_
.nytimes.com/	1970-01-20 00:49:19	Name: RT Value: "z=1&dm=nytimes.com&si=cfa93de9-5455-42e1-bc9c-ffa31919172d&ss=kz80bfrg&sl=1&tt=9z&bcn=%2F%2F02179913.akstat.io%2F&ld=hj"
.nytimes.com/	1970-01-20 00:48:18	Name: nyt-cmots Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2NDM5NTQ5MjcsInNjIjoxNjQzOTU0OTI3LCJjYSI6MTY0Mzk1NDkyN319fX0=
.nytimes.com/	1970-01-23 16:15:14	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MWZjYzJlZmU5ZDE5ODAwMDEzZDE4MzQiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQzOTU0OTI3fQ.ZCLlWdTrilCRIidQBp6bzegQaY__MZcZKJYPr-fisec

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 54) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 54) Message: Unrecognized feature: 'conversion-measurement'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://02179913.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=po5qbcq62' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=po5qbcq62' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a-reporting.nytimes.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.adsrvr.org
adservice.google.co.uk
adservice.google.com
als-svc.nytimes.com
c.go-mpulse.net
c99f41cf006e774a25caf6bb6d64aa89.safeframe.googlesyndication.com
cdn.js7k.com
choices.trustarc.com
choices.truste.com
dd.nytimes.com
de2-bid.adsrvr.org
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
prod-m-node-3113.ssp.yahoo.com
protect-eu.mimecast.com
purr.nytimes.com
r20.rs6.net
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
108.157.4.86
13.32.121.66
142.250.184.226
142.250.185.198
15.197.193.217
151.101.1.164
151.101.193.164
151.101.65.164
18.194.68.138
18.66.96.113
195.130.217.73
208.75.122.11
2600:9000:2057:0:18:1fcd:34f:cdc1
2606:4700:3032::ac43:c7c7
2a00:1288:80:800::7000
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:811::2013
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a02:26f0:1700:391::11a6
2a02:26f0:ef:288::11a6
35.241.35.241
35.244.188.62
35.244.227.0
52.222.236.49
54.165.183.227
99.83.246.13
016f253996c6cd45cec1c230435816235013ac80ee4501167805b73a2bfa7df4
0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
07ca38072114ce9a250709c999568a8871c2e5f66bbf402050bad8291b8a7188
088a3f8069e4ba5dc66eda884095e4fdc1d0f4cbdebec05ae99195f08f36103c
08c4008a460217391b117c348da86e0a25a26adc4b248f38c7785486b645e5f6
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f94885fd7c9cb7811f25ef40aae0e70111a6d2f346d3a38e531fd0ae906a0fa
0ffcfd37cac1710332a8b7a9689dfb89272f5c3385fd7171af7146f0dcdad95e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
157b12c4da002bdd97c728f3fbec34d92b746b7c1b709e8f4f55318f4351745b
16263a0e4b3060432380d385171557ef335581eaace45d9b31c324af6d86b65b
17e13b001df19a080c57dcfbddaf18c1454d61e717f81caf3b6dc4827cafe9d7
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1a4c75be5e1949f75df82753a78043097adfd346d90a5499a81a0be2a3c0aac0
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
20ab3f5e0bcc3de5425a796cee46b47880f940263127ec918e773a047971316d
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
370b446ce470b7852f81e1f7ddea152f9a67f540b3828935d30d890ef1018067
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22
40eb798cb14294e8e47a9cacc5ad51125589be1889e7f07c1715f6057b3bad25
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
49042173f99eadac0a9c9ac011f462d41803345da87192404dcd7a06d389c64f
49e46fc0760a5e9f9ac390368889dd50f822c3364877cdb4a1642257d375c61b
4d46184e3adc29258313ebb4d2f0bf3b2bd01fcf9e37200191264db124e689e7
4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5092aae0f33dd5cc6de0eb44a072d1e7f9a530af6ed4cf78ad7be69b1ae690b2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87
5a17ad5980cb8bdda116f161f72c139d9cb9689ba708fd21383cc2ee0c1677c3
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33
63c19371588c328be91e3988648d28d3dc13e987ead094a0165cec8d915f2ac2
643291e8f736b1ebdb4cc1787328a0d1bc9f4c85ca4f9713bef7d9438181ea21
663fd947bc3440f86163a77079ea018a0fddf60ed841c0fd7b527a5943c3c085
6980dd89438ca9eddd7b94b191e66619511bc01e3a03af49a8c331ccc5d56d54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
6ee6403ce32c49c25e54b2592213e412c33f46b3d2de8f7de7bcf9ac21be47ae
7063cd7473f5d0b86e787f6397433e68e7111ceb629cba0ea869431b040c6697
73a0b92a0d0adb201bbdfb322be0a562d2b462d18ebf04528c282492798ed516
74e70b0298867d5a063bfafdbb232f43cd8909e98241a2a1c836a63872cc5900
77e8109c15b0eaac502bf0889cda5d3f63ef16e2b33ff7ccb6721ac7e753f707
7be903732a081df12a081abe9dd5d6d765bcbaf755278453b9e11e3ab6d3a7ef
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
86d82a8212aff6d810c50286d6368b2511868281810510bce660433ccb1e0541
8a01feeaf9fe3b147ac5929e31a785d48ed4b35c567589915c0a3bb14e2f3352
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1da8f1b5ddb26c9bb0929b90d3a4795992fb7a87fcab0af82a9a2d80a10cee
8f45348a1b1fbf2b35b4759ca27eca6e7d6787eead2149ddaa3186ccf2bb9d3c
8f66ddfec1d9abad4ad2929f0b96fe7cc0e5b0a8ea12a0e0ae425dbbc07aecf4
901a381a532d64712970ae6d21bf80742c1a8088e7bd9f6eb551ebf8d812a390
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c7a7c7c0f10a7b7f41af45b0347c5995cff6cd8341d7929554f59e1f151102
9b451d3ea4e499f6e1df6c13782e71edb22edb6c28914c7f298561034ce82d85
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
adadf14ea967890121e6502a55941183919ad0ab57bff58821afc5c04d1c4a4f
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
bc516f9c8469286546f29b39ae2119eeb3e1de1e0facc8683593700d74b4f723
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c219045d17f390c301834f8a5ac05a81188835e6875f0f9d87ae0aa78c31b319
c333c8f694543a891d5bc684cfb04b0c454fb7aeba887e35be2840d2de701b24
c416873f11d185a5d23a4988e3bf2dad33488cdbb456eeaedfda82f4fda5fca0
cf03aa7043e0b01e181e6ae5dcc4927f2155cb415171b8072a39354175a1f95f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08560dcbeaf52d1086f80e0003a7539d93506203c2a8bb2492566e17ea072c9
d111006fba3c6a1eb17807c2d35361bde8ebd74763637603248d22bbccd835b7
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
db35a00d0c91257fb39cee8f38919220a7768602c49d41b97a2f7145dd124fb6
dd971b3b86905a4fbc64cb5830c13e314a23f5228cbdc3fcd94982d31545556f
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e2dc688bd38e8f376361b1da0dbfbf225790269bb9efdce60d5b92d4d5c670ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e9ab1674b97c2a89cec8832a20a030743d3e87b8a02c871d3320a7188dc21fcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda
f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9
f589ff00269f449c6f96a6375bfe81d1db3afb3fe751285f78bdb94b38e71590
f5df8b5eaac26955bdc6ee62b3080c48115b6092373404a92fce6ffd63dd5f47
fb717cff7c5719d8bb704b2cc188597cc49e291aac42ee25b975c0817c9a74fb

www.nytimes.com Open in urlscan Pro 151.101.65.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

98 %HTTPS

51 %IPv6

22 Domains

47 Subdomains

36 IPs

3 Countries

3642 kBTransfer

10309 kBSize

31 Cookies

18 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

98 %
HTTPS

51 %
IPv6

22
Domains

47
Subdomains

36
IPs

3
Countries

3642 kB
Transfer

10309 kB
Size

31
Cookies

158 HTTP transactions
1 data transactions