www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Submission: On September 17 via manual (September 17th 2023, 11:55:15 am UTC) from US — Scanned from FI

Summary HTTP 116 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 14 domains to perform 116 HTTP transactions. The main IP is 151.101.65.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3410.
TLS certificate: Issued by Thawte RSA CA 2018 on March 22nd 2023. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	52.3.42.214 52.3.42.214	14618 (AMAZON-AES) (AMAZON-AES)
22	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
1	52.54.49.121 52.54.49.121	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.215.30 143.204.215.30	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::239	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:1000:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.225.104.84 34.225.104.84	14618 (AMAZON-AES) (AMAZON-AES)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::201b	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:6e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
116	23

35 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.3.42.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-42-214.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.49.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-49-121.compute-1.amazonaws.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-30.fra53.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::239 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

edge.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.104.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-104-84.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

nyt-dti-prd-staticjs.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 3410 a.et.nytimes.com — Cisco Umbrella Rank: 6728 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 6077 als-svc.nytimes.com — Cisco Umbrella Rank: 8275 myaccount.nytimes.com — Cisco Umbrella Rank: 13043 dd.nytimes.com — Cisco Umbrella Rank: 8420 purr.nytimes.com — Cisco Umbrella Rank: 8669 a.nytimes.com — Cisco Umbrella Rank: 7089 mwcm.nytimes.com — Cisco Umbrella Rank: 12470 static01.nytimes.com — Cisco Umbrella Rank: 9821	2 MB
21	nyt.com g1.nyt.com — Cisco Umbrella Rank: 7923 static01.nyt.com — Cisco Umbrella Rank: 5854 a1.nyt.com — Cisco Umbrella Rank: 7397 mwcm.nyt.com — Cisco Umbrella Rank: 18122	735 KB
19	googlesyndication.com 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152 pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	889 KB
10	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 6788 iteratehq.com — Cisco Umbrella Rank: 6001	32 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	175 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 nyt-dti-prd-staticjs.storage.googleapis.com — Cisco Umbrella Rank: 23159	6 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3195 collector.brandmetrics.com — Cisco Umbrella Rank: 3784	23 KB
2	microsoft.com edge.microsoft.com — Cisco Umbrella Rank: 70	24 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	57 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7628	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1638	24 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	120 KB
116	14

	Domain	Requested by
16	samizdat-graphql.nytimes.com	www.nytimes.com
14	www.nytimes.com	www.nytimes.com
13	g1.nyt.com	www.nytimes.com g1.nyt.com 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
11	tpc.googlesyndication.com	29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	iteratehq.com	platform.iteratehq.com
6	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com www.googletagservices.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	a.et.nytimes.com	www.nytimes.com
5	static01.nyt.com	www.nytimes.com
3	static01.nytimes.com	client 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
3	29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	mwcm.nyt.com	29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
2	fonts.googleapis.com	client 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	edge.microsoft.com	edge.microsoft.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
2	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	nyt-dti-prd-staticjs.storage.googleapis.com	static01.nytimes.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
116	31

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
a.et.nytimes.com R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
als-svc.nytimes.com R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
edge.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-06-27` - `2024-06-21`	a year	crt.sh
purr.nytimes.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
a.nytimes.com R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
iteratehq.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Frame ID: EDBA565DCD2923D6D74C46370ED35453
Requests: 69 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: E6FB92872173D5D59F472ADCAF8ED93E
Requests: 2 HTTP requests in this frame

Frame: https://edge.microsoft.com/parakeet/frame.html
Frame ID: 0E14629AF09CE6A58B1932B00F0B3D13
Requests: 2 HTTP requests in this frame

Frame: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EDDA4AD9DEE6F1DFF730B4E4177BC4DB
Requests: 1 HTTP requests in this frame

Frame: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 53BD887EC3E9C0063F148813DB5E9A48
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7D465A47DE905C1BA3B1CC84167A340
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F03EBFC0DD6D9D80718E29E63D703C19
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Finland’s President Warns Europe About Russia - The New York Times

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

116
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

31
Subdomains

23
IPs

3
Countries

3677 kB
Transfer

8906 kB
Size

24
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F09%252F17%252Fworld%252Feurope%252Ffinland-president-russia-complacency.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-Sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-Service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/10940941449492-The-New-York-Times-Company-Privacy-Policy-
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request finland-president-russia-complacency.html Show response
www.nytimes.com/2023/09/17/world/europe/ 243 KB
75 KB 227ms
84ms Document
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

aeaeb853b07cfe0c132e488c918dbb09f5413da0523b34d36a65ef856cb1f3d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 289
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 74865
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Sun, 17 Sep 2023 11:55:07 GMT
fastly-restarts: 1
last-modified: Sun, 17 Sep 2023 11:50:18 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2023/09/17/world/europe/finland-president-russia-complacency.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 3c82f9e811ad463f93052f48f5823d6a
x-cache: HIT, HIT
x-cache-hits: 34, 1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1694951500.551695,VS0,VE6
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Sun, 17 Sep 2023 11:50:18 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2023-09-17 11:51:39 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2023-09-17T11:50:16.939Z
x-served-by: cache-lga21971-LGA, cache-fra-eddf8230118-FRA
x-timer: S1694951708.724919,VS0,VE10
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 89ms
64ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 14:25:45 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 20813362
x-guploader-uploadid: ADPycdu8r8EIkDKHQncby-VxhC4_p_retMia2725uERdqg3x4PWqarMbAFr8Ibt9W3TTJubkfCi_3gQtjgkfPrPzZrZXWJ9J46L7
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1694951708.850313,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 18510

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 56ms
56ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2714781
x-guploader-uploadid: ADPycduhiXPSjAmvTOeEvsL5W9Sbr8W7OBvGcSfktDgJf5GEO79r26XP4FcESqPvi5OclQTJokas6EvU5VsdkVwoNs_oVQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-17 01:48:46 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951708.818819,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692068681438560
content-type: text/css; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19221
expires: Fri, 16 Aug 2024 01:48:46 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Thu, 17 Aug 2023 00:55:14 GMT
server: UploadServer
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 adslot-3b5a6af007a51e90278b.js Show response
www.nytimes.com/vi-assets/static-assets/ 23 KB
9 KB 60ms
60ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-3b5a6af007a51e90278b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f6f5c0df18bcdba73b52f9c75e6c0d805b87344508b4882d980d3b06aa3d4234

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 224653
x-guploader-uploadid: ADPycds6-CK96ydYyt2TjZYWHwpO5YIRRJafGe7ILvhXpZ9FZeudl0XYWivSE_dpzmyH9xLnPhj3Q3Av6RX_AXEkS_XrRw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 21:30:54 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951708.884922,VS0,VE1
etag: "e2b36ccfc76756c9ecaada3bd0d92e89"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694726631008055
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-3b5a6af007a51e90278b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2583
expires: Fri, 13 Sep 2024 21:30:54 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7959
last-modified: Thu, 14 Sep 2023 21:23:51 GMT
server: UploadServer
x-goog-hash: crc32c=dQG1bA==, md5=4rNsz8dnVsnsqto70NkuiQ==
x-gdpr: 1
x-goog-stored-content-length: 23058
accept-ranges: bytes

GET
H2 200 parakeet.min.js Show response
www.nytimes.com/ads/ 22 KB
5 KB 56ms
56ms Script
text/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/parakeet.min.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7d185a68ec7c2c52fd808d2eefd86e68264830af4cf3f1fa8946607b16b56907

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 379362
x-guploader-uploadid: ADPycdveNufLuCsEtR1_BpnW3OS8nq6RuoJN2TmMi3IsPM1bKskywek332OY3d62rRrMDku9g4nYBk_D1p5abkfLIImNP1WVxBI8
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-16 02:32:12 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951708.824971,VS0,VE1
etag: "adba4a1fb4bee00e1f70bd3e15c9f567"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1626722987661312
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/parakeet.min.js
x-nyt-route: ads-static-assets
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
x-amz-checksum-crc32c: W10/0g==
x-cache-hits: 12
expires: Wed, 16 Aug 2023 02:32:12 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 3933
last-modified: Mon, 19 Jul 2021 19:29:47 GMT
server: UploadServer
x-goog-hash: crc32c=W10/0g==, md5=rbpKH7S+4A4fcL0+Fcn1Zw==
x-gdpr: 1
x-goog-stored-content-length: 22511
accept-ranges: bytes

GET
H2 200 00ukraine-finland-01-wlhz-jumbo.jpg
static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-01-wlhz/ 44 KB
44 KB 102ms
81ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-01-wlhz/00ukraine-finland-01-wlhz-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6ec361f0c8d4f15748b2a664c68167a145c5a1fe6adf3a32957b1110d2f4947d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 17 Sep 2023 09:02:32 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 10355
x-guploader-uploadid: ADPycdv-GpwS7n14Z6Ik7iWIdcue8LCoW8DciHZGz0myNo0Cbm58cj_PP8K-rnaVv6RN-4Uw0CUdoH9p_57FMfbbcuvZ
x-cache: MISS, HIT
fastly-io-info: ifsz=145012 idim=1024x683 ifmt=jpeg ofsz=44626 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 44626
x-served-by: cache-iad-kcgs7200160-IAD, cache-fra-eddf8230118-FRA
server: UploadServer
x-timer: S1694951708.942887,VS0,VE1
etag: "Mb5ZkkXgu9m3fR2ODwLqyc0dUTo+w6EJgfdsPl3mArU"
vary: Accept
x-goog-generation: 1694941269219905
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=GaAFqw==, md5=DCz+/LpM+OwxYBysbK1FCQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 145012
x-amz-checksum-crc32c: GaAFqw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 author-steven-erlanger-thumbLarge.png
static01.nyt.com/images/2018/10/10/multimedia/author-steven-erlanger/ 22 KB
23 KB 83ms
81ms Image
image/png 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/10/10/multimedia/author-steven-erlanger/author-steven-erlanger-thumbLarge.png

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

08020d3ceca35aa100470aaf0adcd58676ed9cf42deaf7bc0997f262718a7234

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Mon, 21 Aug 2023 16:41:41 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 501101
x-guploader-uploadid: ADPycdujk6eSWQZqwcCTS2gBcH189NFL8bECYUflYi7SEKOO3f5ev7X390iXN4SyGNyiGyzzbZux7M2Dcgqj09PGY8hdsQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 22887
x-served-by: cache-iad-kjyo7100110-IAD, cache-fra-eddf8230118-FRA
last-modified: Thu, 11 Oct 2018 20:36:57 GMT
server: UploadServer
x-timer: S1694951708.942833,VS0,VE1
etag: "a6da59563c5de5f1662e021674dc7a66"
x-goog-generation: 1539290217548620
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=67Bewg==, md5=ptpZVjxd5fFmLgIWdNx6Zg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 22887
x-amz-checksum-crc32c: 67Bewg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 263, 1

GET
H2 200 vendor-0069f25bbffec4fd3fca.js Show response
www.nytimes.com/vi-assets/static-assets/ 183 KB
55 KB 75ms
74ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-0069f25bbffec4fd3fca.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d57cdc47f635d0573f2ffd7afe1ef996c81373cddc10fa4ab69cbbad71903ed2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2213530
x-guploader-uploadid: ADPycdtxdjOAUhFSHXi2G2ZA6d2SHin5uwmgTeI8SetvsTnRYWHyw3y4w8-WbjnbvJxPhTkFyzTlrofno17djf5A2aSw3PEerO9A
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-22 21:02:57 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951708.942910,VS0,VE1
etag: "bc5afe0bf5d5a9cb0fb1c46991c1a7dd"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692738112756072
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-0069f25bbffec4fd3fca.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 25304
expires: Wed, 21 Aug 2024 21:02:57 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 55409
last-modified: Tue, 22 Aug 2023 21:01:52 GMT
server: UploadServer
x-goog-hash: crc32c=WqBOpw==, md5=vFr+C/XVqcsPscRpkcGn3Q==
x-gdpr: 1
x-goog-stored-content-length: 187763
accept-ranges: bytes

GET
H2 200 story-a75aa8f1738c701a7f30.js Show response
www.nytimes.com/vi-assets/static-assets/ 2 MB
523 KB 193ms
192ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-a75aa8f1738c701a7f30.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4754810ae169af5583a80cf686745893b3e3ad52b3c3fa5114463533137f3a9d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 154987
x-guploader-uploadid: ADPycdvYs3b5sFKRQjwEn6f5xqQczeu6pF8_wOH2KU718DcjWmpRP1A72iwNNTTiLkyvdkkaAapkWeU3xI4jNqyuCw_-AVaVPYkM
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-15 16:52:02 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951708.942949,VS0,VE3
etag: "9354668e45b309a1c5c0673544fc2540"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694795061327139
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-a75aa8f1738c701a7f30.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Sat, 14 Sep 2024 16:52:00 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 533846
last-modified: Fri, 15 Sep 2023 16:24:21 GMT
server: UploadServer
x-goog-hash: crc32c=3PAAGg==, md5=k1RmjkWzCaHFwGc1RPwlQA==
x-gdpr: 1
x-goog-stored-content-length: 1951677
accept-ranges: bytes

GET
H2 200 main-5001019888edfe26dbb7.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
419 KB 76ms
75ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

db51b1035bd8a32ce41eaa796d717f8f9a460a1f2f640ab1c82317018e7a1e67

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 154985
x-guploader-uploadid: ADPycdu7-yIkhuuvwvWLOKEaQ3sbIxpwvlseT-Bxwgg5dnQ2pmHgB4rfN3tV03Wi4tbKC9M2lxgXD8ezbfmiRWjSsBmm-w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-15 16:52:02 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951708.942889,VS0,VE1
etag: "e30bf54e64dedf44fa5b31c5d361e370"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694795847321948
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-5001019888edfe26dbb7.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1902
expires: Sat, 14 Sep 2024 16:52:02 GMT
date: Sun, 17 Sep 2023 11:55:07 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 427318
last-modified: Fri, 15 Sep 2023 16:37:27 GMT
server: UploadServer
x-goog-hash: crc32c=2o1E8Q==, md5=4wv1TmTe30T6WzHF02HjcA==
x-gdpr: 1
x-goog-stored-content-length: 1493971
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 444 KB
120 KB 203ms
74ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7cf5473a508f86c6f4ba065e7adffbd4fcb599e927bbe85ab387e475f7fb0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122461
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 460ms
169ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 185ms
55ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 609
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:08 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 19
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: a26eb35731110b61
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951708.048835,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 149 B
897 B 133ms
132ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
age: 52
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: f4f3ecb25b0f2729
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951708.104932,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: HIT
x-cache-hits: 1
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: 3462e0e7
x-envoy-upstream-service-time: 242
content-length: 132
last-modified: Sun, 17 Sep 2023 11:54:15 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 als Show response
als-svc.nytimes.com/ 1 KB
1 KB 447ms
167ms XHR
application/json 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Ffe1e311c-da73-5d87-9ff5-93910b1380d2&typ=&prop=nyt&plat=web

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

d3822b4c30a4c86772a290b303abaca854f36ef7caa5d993ec7c37e1fa1a3738

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 google
content-encoding: gzip
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: als-svc.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 169ms
55ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 17 Jul 2024 01:51:27 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 5306620
x-guploader-uploadid: ADPycdukQL-qvgibY3peXMfS72fA6NpBf1kj7YzjAC6ujpgw_6hsjM_3grlp_k3j2T6wUPaBPjsRE7UVmYhaamjajINqRDPWPJuJ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951708.054818,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1673991776265363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13942

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 189ms
76ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 15 May 2024 04:11:20 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 10741426
x-guploader-uploadid: ADPycds1198e7b8ra_egNEgwxV4ogulIZ-p9n29WDoYtHP8p-aX17AcQrVw4mnNiM0-ZtjlnXEQW_a5S0G4FKGUE-y0bpfxdZcM7
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951708.054808,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14009

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 189ms
76ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 21 Oct 2023 06:23:17 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 28618312
x-guploader-uploadid: ADPycdtfRowwXtFVfYuq6st1QAKMrH1-0KPBtuL015QlR0fp44T3dsyEAbfW3GB9u4hZR-JqiaGSgASOtjNMEZsVZM70OTebRZ-r
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1694951708.054809,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598150991608
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12071

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 188ms
75ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 15 Aug 2024 01:21:46 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2802802
x-guploader-uploadid: ADPycdtICRmsRl7_WcPnm12KQ0AQwSR5NSvW_W_pakmwlOSwIUDwGdCbWBGrslvEGdCh2HuD5q5Fr_W2i7Ihd-gk-a6waQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1694951708.054701,VS0,VE1
etag: "f99a0459024509f157a3352e5de4f873"
x-goog-generation: 1673991775020136
x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28620
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1195

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 189ms
76ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 00:37:40 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 20344648
x-guploader-uploadid: ADPycdt38TCVFQs07sap3a_qPNNQhOB-oNJNkUm_5NonsSEFt4KS8xlMhMrghM6zQ_O5kimI_tkdWYmaGFdi_deDSjYNLGG5VM4c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1694951708.054701,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1673991775007595
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8735

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 168ms
56ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 00:32:20 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 20344968
x-guploader-uploadid: ADPycdu8EQpQm3V7zdMFkJ8XgnencwVnT2B2YUBtaf-sewkAiBh8gRLsetmgM9V27ohK7R6xXMuURFc3DzPNRarYrc9Kgw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951708.054714,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13338

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
25 KB 259ms
146ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 08 Aug 2024 00:20:38 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3411270
x-guploader-uploadid: ADPycdu98EgIA7kowPr41LMZqPYKSrLnwDlFefFk-zCRajjZGvoMAeoU4Bd6BoyKVofojZ05oRL8OlwfLkpI6NHH2antNQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951708.055267,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
x-goog-generation: 1673991776787974
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 25680
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 340

GET
H2 200 imperial-italic-700.996d951f04d92feac357036afa5da0bc.woff2
g1.nyt.com/fonts/family/imperial/ 27 KB
27 KB 259ms
146ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-italic-700.996d951f04d92feac357036afa5da0bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

36e359a6710a1b1dc4f1e42a5fb30425b1af509b2721b2200f16199bb73566ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 04 Sep 2024 09:35:40 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1045167
x-guploader-uploadid: ADPycdvmTVMYp2aZSaw0IBQ1E_LK0uPDwJ8HE3z2GjVOyC4BQkagAoCbVUBw09WFivVpWzEEjwYCLX09SjHiOZ_CYIOmDA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27204
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951708.137052,VS0,VE0
etag: "996d951f04d92feac357036afa5da0bc"
x-goog-generation: 1673991776749784
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=yL20iw==, md5=mW2VHwTZL+rDVwNq+l2gvA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27204
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
g1.nyt.com/fonts/family/imperial/ 27 KB
27 KB 258ms
146ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 01 May 2024 03:35:35 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 11953173
x-guploader-uploadid: ADPycdt9K1uQjmzteKMYhKdE6qlgNT_HrRsR6TAb6YPkx8lUHstxfN1uXWDOVd7H9j3aqPbNMH1WO-M5axaJs8EDcXGMKvXvLQRc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27268
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951708.055347,VS0,VE0
etag: "30d6073613e33e742de4c1325b31065c"
x-goog-generation: 1673991776638249
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=l1jStw==, md5=MNYHNhPjPnQt5MEyWzEGXA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27268
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 255

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame E6FB 332 B
1 KB 132ms
122ms Document
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

09e41d5e3154a50d73fa0067e36aeb25fc78f9d61fc2bc99edc04aa8f093ff14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 304
cache-control: public, max-age=600
content-encoding: gzip
content-length: 254
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Sun, 17 Sep 2023 11:55:08 GMT
etag: W/"14c-4tuM0DaBQCmD/GTEkLf1YjsSKCs"
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 2
x-cloud-trace-context: 72717334c651fbc08d2d0bda34383634
x-content-type-options: nosniff
x-datadog-parent-id: 3278816514800050834
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 1897258911566674881
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 31
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-fra-eddf8230118-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 346ms
188ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-3b5a6af007a51e90278b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a50af2489fa5b03b89895a7fb0ed4f161746305738ced8b116ce87548ad41b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28934
x-xss-protection: 0
server: cafe
etag: 667 / 19617 / m202309120101 / config-hash: 14175700841114183422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 11:55:08 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame E6FB 482 KB
159 KB 172ms
171ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=f1a1d1c

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

12f781cc93ce839913e619d56f0285cfa3a2193fee2667870ea41dc08d1fb856

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 14 Sep 2023 17:59:23 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 206
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 45
content-length: 161866
x-served-by: cache-fra-eddf8230118-FRA
x-nyt-backend: lire-ui
server: envoy
etag: "hBjK9A"
content-type: application/javascript
x-cloud-trace-context: 217c7abdb8abe87e9160ca137a27a48e
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendors~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~privacy~reviews~searc~c3cac964-a5e90ed270fb3398a50f.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
10 KB 58ms
57ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~privacy~reviews~searc~c3cac964-a5e90ed270fb3398a50f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2e75a4e8691c2ccbafec618383f4db5de97aa6c30357658a592b6ca0c9be9cdf

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 245144
x-guploader-uploadid: ADPycdtS1vKai8xz9oM9-s_-XrZqOtp2KA9zM7alM6JdqyeDLwWEI3xsrha84BlXJMJq-aU_TIcLKTROp3OjYQmkprZ0nlIiCD4w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 15:49:24 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951709.518060,VS0,VE1
etag: "649ec1e6354b84f1f97a712fd9bc609f"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694706259701058
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~privacy~reviews~searc~c3cac964-a5e90ed270fb3398a50f.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2605
expires: Fri, 13 Sep 2024 15:49:24 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 9105
last-modified: Thu, 14 Sep 2023 15:44:19 GMT
server: UploadServer
x-goog-hash: crc32c=fMSE4Q==, md5=ZJ7B5jVLhPH5enEv2bxgnw==
x-gdpr: 1
x-goog-stored-content-length: 44348
accept-ranges: bytes

GET
H2 200 vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-4d38ebde0ce049bbfdd5.js Show response
www.nytimes.com/vi-assets/static-assets/ 45 KB
15 KB 63ms
62ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-4d38ebde0ce049bbfdd5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

958b929efda1605da550c969b90450a5a2604c9e5ca92f537e52a6f7f677555d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 224649
x-guploader-uploadid: ADPycdsduYj-YnGyjEFRS0u_QUbmUw-1AEVw4saz-KSvAPDLQiPaxldvYbS_Mko10YrDvp1qouy_rmNTfen8AeSFEiptyw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 21:30:58 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951709.518313,VS0,VE1
etag: "2bf32c59cd1aca260220d8f7123330c2"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694726632691275
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-4d38ebde0ce049bbfdd5.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2300
expires: Fri, 13 Sep 2024 21:30:58 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14191
last-modified: Thu, 14 Sep 2023 21:23:52 GMT
server: UploadServer
x-goog-hash: crc32c=4mjtbQ==, md5=K/MsWc0ayiYCINj3EjMwwg==
x-gdpr: 1
x-goog-stored-content-length: 46354
accept-ranges: bytes

GET
H2 200 vendors~account~capsule~clientSideCapsule~collections~explainer~getstarted~liveAsset~newsletter~news~8593024f-6d3734232bc50331be8b.js Show response
www.nytimes.com/vi-assets/static-assets/ 14 KB
4 KB 62ms
62ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~account~capsule~clientSideCapsule~collections~explainer~getstarted~liveAsset~newsletter~news~8593024f-6d3734232bc50331be8b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fd2f5191c2784ef46a8e701c41cab04fa4e387550e55e260a19028915e391c13

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 224640
x-guploader-uploadid: ADPycdsBKesNcu3KsErpBsFtVaACrI1NwCeB0PCssYo9xbGgh1PY0eV6-MMDJOzqg4J25r3E4H7nJEorNKQ04vy9B-mXyA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 21:31:08 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951709.518308,VS0,VE1
etag: "0c94bc74a260781a9b8d8a2e4b6bcc2b"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694726632653211
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~account~capsule~clientSideCapsule~collections~explainer~getstarted~liveAsset~newsletter~news~8593024f-6d3734232bc50331be8b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2016
expires: Fri, 13 Sep 2024 21:31:08 GMT
date: Sun, 17 Sep 2023 11:55:08 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 3959
last-modified: Thu, 14 Sep 2023 21:23:52 GMT
server: UploadServer
x-goog-hash: crc32c=AAxWtQ==, md5=DJS8dKJgeBqbjYouS2vMKw==
x-gdpr: 1
x-goog-stored-content-length: 14443
accept-ranges: bytes

GET
H2 200 tags.js Show response
dd.nytimes.com/ 277 KB
57 KB 246ms
64ms Script
text/javascript 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-30.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

d35c481a63fed744bb6c423366b1e543166e325c124f78bb61a3ca56b185f011

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Sun, 17 Sep 2023 11:51:20 GMT
x-amz-cf-pop: FRA53-C1
age: 228
x-cache: Hit from cloudfront
content-length: 57544
last-modified: Mon, 11 Sep 2023 08:37:26 GMT
server: Apache
etag: "454a1-605113c70f9b6-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: vPx7C1oga6z4Ire2WaxEHskDNlAWCiTza9-aCoqyEt8x3stuilvDVw==
expires: Sun, 17 Sep 2023 12:51:20 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 408 KB
129 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 07:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17129
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131633
x-xss-protection: 0
server: cafe
etag: 12671944107613252425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Sep 2024 07:09:39 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 57ms
57ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 897
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:09 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 48
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: ab8cf522e0f86f0a
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951709.036450,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 56ms
55ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 256
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:09 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: 8f12797fa791a1bf
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951709.085573,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 63 B
961 B 183ms
182ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: b1606f45333958bc
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951709.094687,VS0,VE127
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 456d529d
x-envoy-upstream-service-time: 30
content-length: 85
last-modified: Sun, 17 Sep 2023 11:55:08 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 comments-1959aee182a73023c5c6.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
13 KB 56ms
55ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-1959aee182a73023c5c6.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5020ded46002d7344f62f7bef1043629df6f5baded933ba297607600eed24d57

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 245144
x-guploader-uploadid: ADPycdtMrDnaloE4ZPQlVTDQU0jVQn96Pxreqb4yybS0jeSDL1VU-okRXFP75fM5WnLLLEI513CB5mHT6Zbvx4ghpcKiKFNwQTtn
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 15:49:25 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951709.070262,VS0,VE1
etag: "1538010b131391c64a96931e8ef61a7a"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694706257605521
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-1959aee182a73023c5c6.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2250
expires: Fri, 13 Sep 2024 15:49:25 GMT
date: Sun, 17 Sep 2023 11:55:09 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 12806
last-modified: Thu, 14 Sep 2023 15:44:17 GMT
server: UploadServer
x-goog-hash: crc32c=yF6xdg==, md5=FTgBCxMTkcZKlpMejvYaeg==
x-gdpr: 1
x-goog-stored-content-length: 44202
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 9 KB
3 KB 477ms
477ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c95f64df78ae4a64bc82b0265da6f0036fb6c7184e55b4164b043834edca5fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
x-nyt-entitlements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
x-nyt-programming-abtest
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-news-tenure
x-nyt-internal-meter-override

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
x-nyt-pass-reason: PRVT
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: da8e1fc4e9f27c73
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951709.142351,VS0,VE422
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: d0c24a2c
x-envoy-upstream-service-time: 314
last-modified: Sun, 17 Sep 2023 11:55:08 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 frame.html Show response
edge.microsoft.com/parakeet/ Frame 0E14 167 B
416 B 239ms
92ms Document
text/html 2620:1ec:c11::239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.microsoft.com/parakeet/frame.html
Requested by: Host:
URL: webpack:///./lib/ParakeetHelpers.ts?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::239 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d235d239ed7dcc804c2ec2f66533abcbdb7d2959a68a207a43730dde3367da5a

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 167
content-type: text/html
date: Sun, 17 Sep 2023 11:55:09 GMT
etag: "1d9550dedff2fa7"
last-modified: Sun, 12 Mar 2023 18:10:30 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4280B2FA462C4E2AA00A2EEDFA9C61F7 Ref B: FRAEDGE1111 Ref C: 2023-09-17T11:55:09Z

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 55ms
55ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 897
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:09 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 20
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 48
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: a225d78f22e84b56
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951709.143747,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 56ms
56ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 897
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:09 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 21
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 48
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: 98ec1da4d72e798f
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951710.566979,VS0,VE1

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 450ms
166ms Fetch
text/html 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v1/purr-cache

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 google
x-envoy-decorator-operation: purr.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 16feff8ae00ca08ab4e8c35f17a61341
access-control-allow-credentials: true
x-envoy-upstream-service-time: 29
content-length: 0

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 455ms
161ms Fetch
application/json 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2023%2F09%2F17%2Fworld%2Feurope%2Ffinland-president-russia-complacency.html&caller_id=nyt-vi&jkcb=1694951709074&referrer=&sourceApp=nyt-vi

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-42-214.compute-1.amazonaws.com

Software

envoy /

Resource Hash

6635daae7f070d6e4d6df7475a6b4d61321cbafc120760e60ef32ce504d058dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nyti-upstream: gke
date: Sun, 17 Sep 2023 11:55:09 GMT
x-envoy-decorator-operation: a.nytimes.com:443/*
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 26
access-control-allow-headers: Content-Type, x-requested-by

GET
H2 200 clientSideCapsule-66bc52cdc0c45404c4d6.js Show response
www.nytimes.com/vi-assets/static-assets/ 509 KB
127 KB 57ms
57ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-66bc52cdc0c45404c4d6.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

208133e3ee91c0179a98e8721da0f60fa99c96988e5cfc561c4baf781a6210eb

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 224642
x-guploader-uploadid: ADPycdu6k3JaVrrWemxycOIri1y3TnfSgH3jD0HeBZFf3g-UafCIQc4FQW3hPxueKEsCd_T0C4ekkS4tG9C8EU7Hg5r0SQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 21:31:06 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951709.115595,VS0,VE2
etag: "1a9dc14f7dccc1f9e124d078f90ce33b"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694726631200986
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-66bc52cdc0c45404c4d6.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Fri, 13 Sep 2024 21:31:06 GMT
date: Sun, 17 Sep 2023 11:55:09 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 128617
last-modified: Thu, 14 Sep 2023 21:23:51 GMT
server: UploadServer
x-goog-hash: crc32c=YShnTA==, md5=Gp3BT33MwfnhJNB4+QzjOw==
x-gdpr: 1
x-goog-stored-content-length: 520730
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 44 KB
8 KB 632ms
632ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cb6f3a44de8fdc2a9ea4a7d2b8c9147805f3b18007138e5af8ec5c81bd91aada

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
x-nyt-pass-reason: PRVT
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: fc3010a07cc826f6
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951709.200718,VS0,VE577
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: e854ea86
x-envoy-upstream-service-time: 194
last-modified: Sun, 17 Sep 2023 11:55:09 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 63 B
960 B 184ms
183ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b2064442f57238d5e04d61bacad93794e723f91204f928f6980801c400b7bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: e70b172f75e12b33
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951710.624202,VS0,VE128
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: c753916e
x-envoy-upstream-service-time: 30
content-length: 81
last-modified: Sun, 17 Sep 2023 11:50:23 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 00ukraine-finland-02-wlhz-jumbo.jpg
static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-02-wlhz/ 90 KB
91 KB 63ms
62ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-02-wlhz/00ukraine-finland-02-wlhz-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

723589e1e0c7cc405e1a311b906e315cf2f1c8fae83f266c10cb8d0a2a41e648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 17 Sep 2023 09:05:31 GMT
date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 10178
x-guploader-uploadid: ADPycdubkU6opdAeIHwFTPj8aUoeWNUPj6K6-ZK8Qv55JfptVVl2AgtZ1A5HNNVGAbdaeyZODCiyLWzEKLKIJY-M8cJM-0fKU8HB
x-cache: MISS, HIT
fastly-io-info: ifsz=166987 idim=1024x683 ifmt=jpeg ofsz=92662 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 92662
x-served-by: cache-iad-kiad7000131-IAD, cache-fra-eddf8230118-FRA
server: UploadServer
x-timer: S1694951710.622098,VS0,VE1
etag: "XW27IOFK7O2lEg+Ob+O1WfwQyvj5nfeTge4q9Rps9ik"
vary: Accept
x-goog-generation: 1694941267305639
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=1YqxiA==, md5=WrBN9CXQwxN9APt2PLMhDg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 166987
x-amz-checksum-crc32c: 1YqxiA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 00ukraine-finland-03-wlhz-jumbo.jpg
static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-03-wlhz/ 187 KB
187 KB 63ms
62ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-03-wlhz/00ukraine-finland-03-wlhz-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d49565da6cdc2c1c47e1f4d9f93bfdb4c8cff039a60bca5700daf101afbd01dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 17 Sep 2023 09:05:31 GMT
date: Sun, 17 Sep 2023 11:55:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 10178
x-guploader-uploadid: ADPycduWMQeJEw73iXBEsJhSIFudXrEp1NOBQCEIWuuxlvXyvieklDrLjvYPSuVhHpyxNIQ964uFe02ZtkW4jnGUWuz6ojo65MS9
x-cache: MISS, HIT
fastly-io-info: ifsz=340081 idim=1024x683 ifmt=jpeg ofsz=191086 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 191086
x-served-by: cache-iad-kjyo7100048-IAD, cache-fra-eddf8230118-FRA
server: UploadServer
x-timer: S1694951710.622107,VS0,VE2
etag: "DYPJdcQrg9TvR8ngldDsGCT5YIQwhp5epnjz8Jf9+Rw"
vary: Accept
x-goog-generation: 1694941269278400
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=6iBH7w==, md5=mqvfIl853ep0k8Ju6Hyq+Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 340081
x-amz-checksum-crc32c: 6iBH7w==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 parakeet.min.js Show response
edge.microsoft.com/parakeet/ Frame 0E14 23 KB
23 KB 90ms
90ms Script
application/javascript 2620:1ec:c11::239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.microsoft.com/parakeet/parakeet.min.js
Requested by: Host: edge.microsoft.com
URL: https://edge.microsoft.com/parakeet/frame.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::239 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 35ebaaa5ccc5200a59dc83791e3776a844a14a3ab52fb7994442652b4b2729e0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://edge.microsoft.com/parakeet/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:09 GMT
last-modified: Sun, 12 Mar 2023 18:10:30 GMT
x-msedge-ref: Ref A: C1605700E89948F1B77F0F1B10F005FE Ref B: FRAEDGE1111 Ref C: 2023-09-17T11:55:09Z
etag: "1d9550dedff74c0"
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 23488

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
17 KB 670ms
670ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1841939303489572&correlator=3045450780683793&eid=21065724%2C31077706&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cworld%2Ceurope&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694951709806&lmt=1694940618&adxs=0&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2023%2F09%2F17%2Fworld%2Feurope%2Ffinland-president-russia-complacency.html&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1605858893.1694951710&ga_sid=1694951710&ga_hid=569810428&ga_fc=false&dlt=1694951707772&idt=1984&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D2003&cust_params=als_test_clientside%3Dweb_none_none_20230917115508%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1694947386801%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dniinistosauli%252Cputinvladimirv%26org%3Dnorthatlantictreatyorganizatio%26geo%3Dfinland%252Crussia%252Ceurope%26des%3Drussianinvasionofukraine2022%252Cinternationalrelations%252Cdefenseandmilitaryforces%26auth%3Dstevenerlanger%26coll%3Dworldnews%252Ceurope%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000009088361%26pt%3Dnt10%252Cnt14%252Cnt15%252Cnt17%252Cnt18%252Cnt2%252Cnt20%252Cnt21%252Cnt4%252Cnt6%252Cnt8%252Cpt13%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_citi_aa%252Cneg_gg1%252Cneg_chan2%252Cneg_gg2%252Cgs_science%252Cneg_kaypemg%252Cgs_science_geography%252Cneg_mastercard%252Cneg_ubs%252Cneg_ms_safe%252Cneg_chanel%252Cneg_bp%252Cneg_mtb%252Cneg_sabic%252Cneg_orep%252Cgb_death_injury_high_med%252Cgb_death_injury_high_med_low%252Cgb_death_injury_news-ent%252Cneg_amerex%252Cneg_chan3%252Cneg_kvue%252Cneg_rchmt%252Cneg_aramco%252Cneg_hms%252Cneg_am%252Cneg_capitalone%252Cpolitics_sentiment%252Cgv_military%252Cneg_newyorkp%252Cneg_hearts%252Cgs_politics%252Cneg_debeer%252Cneg_racism%252Cneg_google%252Cneg_rolex%252Cneg_cathay%252Cgs_war_conflict%252Cneg_bofa%252Cneg_mttl%252Cneg_mktg_safe_q4_2019%252Cneg_ts%252Cneg_samsung%252Cneg_rms%252Cneg_sia%252Cgv_arms%252Cgs_politics_issues_policy%252Cgs_politics_misc%252Cgb_death_injury_edu%252Cneg_msft%252Cneg_rmw%252Cgb_arms_high_med%252Cgb_arms_high_med_low%252Cgb_arms_news-ent%252Cgs_t%26tt%3D63%252C73%26abra_dfp%3Ddfp_prebid_0723_0_control%252Cdfp_messaging_flexframe_ctr_0_control%26sov%3D2%26page_view_id%3DGpo0Mi7hnRaTbhbaJ75ZUKym%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dipzi4val9MkrSI6rJq7kO2%26typ_materials%3D%2523news%2523%26slug%3Dfinland&adks=1524529580&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef236ef5aee35c5448f0786482a2b07bc736e8fb1179ac9777c1c1c72c51ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17585
x-xss-protection: 0
google-lineitem-id: 6179366817
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444243905
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 542 B
296 B 97ms
97ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1841939303489572&correlator=3045450780683793&eid=21065724%2C31077706&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cworld%2Ceurope&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694951709816&lmt=1694940618&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2023%2F09%2F17%2Fworld%2Feurope%2Ffinland-president-russia-complacency.html&vis=1&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1605858893.1694951710&ga_sid=1694951710&ga_hid=569810428&ga_fc=false&dlt=1694951707772&idt=1984&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D2006&cust_params=als_test_clientside%3Dweb_none_none_20230917115508%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1694947386801%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dniinistosauli%252Cputinvladimirv%26org%3Dnorthatlantictreatyorganizatio%26geo%3Dfinland%252Crussia%252Ceurope%26des%3Drussianinvasionofukraine2022%252Cinternationalrelations%252Cdefenseandmilitaryforces%26auth%3Dstevenerlanger%26coll%3Dworldnews%252Ceurope%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000009088361%26pt%3Dnt10%252Cnt14%252Cnt15%252Cnt17%252Cnt18%252Cnt2%252Cnt20%252Cnt21%252Cnt4%252Cnt6%252Cnt8%252Cpt13%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_citi_aa%252Cneg_gg1%252Cneg_chan2%252Cneg_gg2%252Cgs_science%252Cneg_kaypemg%252Cgs_science_geography%252Cneg_mastercard%252Cneg_ubs%252Cneg_ms_safe%252Cneg_chanel%252Cneg_bp%252Cneg_mtb%252Cneg_sabic%252Cneg_orep%252Cgb_death_injury_high_med%252Cgb_death_injury_high_med_low%252Cgb_death_injury_news-ent%252Cneg_amerex%252Cneg_chan3%252Cneg_kvue%252Cneg_rchmt%252Cneg_aramco%252Cneg_hms%252Cneg_am%252Cneg_capitalone%252Cpolitics_sentiment%252Cgv_military%252Cneg_newyorkp%252Cneg_hearts%252Cgs_politics%252Cneg_debeer%252Cneg_racism%252Cneg_google%252Cneg_rolex%252Cneg_cathay%252Cgs_war_conflict%252Cneg_bofa%252Cneg_mttl%252Cneg_mktg_safe_q4_2019%252Cneg_ts%252Cneg_samsung%252Cneg_rms%252Cneg_sia%252Cgv_arms%252Cgs_politics_issues_policy%252Cgs_politics_misc%252Cgb_death_injury_edu%252Cneg_msft%252Cneg_rmw%252Cgb_arms_high_med%252Cgb_arms_high_med_low%252Cgb_arms_news-ent%252Cgs_t%26tt%3D63%252C73%26abra_dfp%3Ddfp_prebid_0723_0_control%252Cdfp_messaging_flexframe_ctr_0_control%26sov%3D2%26page_view_id%3DGpo0Mi7hnRaTbhbaJ75ZUKym%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dipzi4val9MkrSI6rJq7kO2%26typ_materials%3D%2523news%2523%26slug%3Dfinland&adks=3020965484&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e921656033cc786874cda7e2cadfc25acf73dac1b30fb166bf25e5796cd9c80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDDA 6 KB
3 KB 228ms
69ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 11:55:10 GMT
expires: Mon, 16 Sep 2024 11:55:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
dd.nytimes.com/js/ 235 B
620 B 192ms
61ms XHR
application/json 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-30.fra53.r.cloudfront.net

Software

DataDome /

Resource Hash

a5d84f7757f7aad06068b45d5c16da88c704eef6e9ee8093ab193e30dad74704

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
x-amz-cf-id: GyFv6V3EWeB91Z2HBOZ-RPq_SOMnug1sCEHY1a8U682HY2Ybgf0LbA==
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 287ms
287ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 56ms
56ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 611
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:10 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 18
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 19
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: 9f582314341babc1
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951710.073784,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 4 KB
2 KB 193ms
192ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dd8f84ce0db3fc3de7b4531c33fb736da66b102b964626cd775d02d05d98f280

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: a6caf7ba08289237
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951710.130803,VS0,VE138
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: d0c24a2c
x-envoy-upstream-service-time: 41
content-length: 1156
last-modified: Sun, 17 Sep 2023 11:34:06 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 55ms
54ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 07 Mar 2024 01:48:20 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 16711607
x-guploader-uploadid: ADPycdvKYJzdy5tDaRtgbtZSa5oUcsQgjS6NlJhV8y1JpS4GYbnLeuGqT07o35mSIR-QDQxmhV7ZNRWUOiZlCBCztdJiKDV-f8VD
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951710.113537,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1673991776257702
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 11595

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 212ms
67ms Script
application/x-javascript 2600:9000:2057:1000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 00:04:10 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:52:49 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 42660
etag: W/"64d2e361-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PDw6BjIZi5CYruSiRQzbza-CEOiTA6ioq2rjCgb7-NCGPgd4SKNNUg==
expires: Mon, 18 Sep 2023 00:04:10 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
687 B 63ms
55ms Script
text/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Tue, 16 May 2023 23:50:37 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 59503
x-guploader-uploadid: ADPycdtscvtwua-aV23Ie4HH8S1lqi9QidJsXhbEqRNfxkV6tNV1KH0icsZAxhU-HV9bftk4IJw_R0mZhYygMLPaRF9Ba3aD4zym
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1694951710.189543,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 861

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 121ms
38ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 17 Sep 2023 11:36:56 GMT
server: cloudflare
age: 1094
cf-polished: origSize=4729
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhSDUixieAU0b2K6g5CDeXhV0pRFtlrfz%2F42GKzJ9%2B9%2BzRMmzcbfHHjaOBsK6TeklFCQQBN%2FIJ2%2Fy%2FDKCyQdMDHTWt8xIqzlFaxtqySq0%2FZvdLQrLHjGz3vh4DQJDdub8LsLQX2vikOh5hxYfKUwaG8e"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8081289d199d4c88-HEL
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 8 KB
3 KB 293ms
285ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&gr=METER_LIMIT&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2ac4c14703dd939606114f890941951e4ae157bd1401ba5210a976f65f86b319

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache: MISS
x-envoy-upstream-service-time: 133
x-served-by: cache-fra-eddf8230118-FRA
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1694951710.208186,VS0,VE229
vary: x-nyt-country, x-nyt-user-status, x-nyt-continent, x-nyt-device, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 6b56ef860f5034042473364269e9bf47
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
x-nyt-edge-cache: MISS
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 55ms
55ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 898
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:10 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 22
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 48
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: b39bd41bbcc382a1
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951710.277227,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 1 KB
1 KB 198ms
197ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

481e5f79ab64d2d83e0ba60b05a04530da21727427b1e51a897b888e46ec1f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 59952a5711d08d45
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951710.333539,VS0,VE142
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 456d529d
x-envoy-upstream-service-time: 41
content-length: 563
last-modified: Tue, 26 Jul 2022 18:52:52 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 97 KB
20 KB 54ms
51ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4a27bc54a1aa97119c8f647ec50c57a5b1140cc2fde90cb575756c171460db5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 17 Sep 2023 11:36:56 GMT
server: cloudflare
age: 1094
cf-polished: origSize=100973
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEmPKzyJLfZyoklHigONKlu%2BdsDOUBZ1eyHXi7JepuF2D9yqtx0mqQPBaslPofvsvTDBYk7xqHmMtQxr7ypTr7npv0%2FNCWcrffutY4ddc4Cfsf3SeJ19Mi6FoiMoSc6%2BvdhrIUdW6a8%2BRQVgJ8ZswLpl"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8081289e1bee4c88-HEL
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 398ms
130ms Image
image/gif 34.225.104.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2023%2F09%2F17%2Fworld%2Feurope%2Ffinland-president-russia-complacency.html&u=Fu-tODj89VOCoZ_za&d=nytimes.com&g=16698&g0=world%2CEurope%2Cinternational_desk&g1=Steven%20Erlanger&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2F2023%2F09%2F17%2Fworld%2Feurope%2Ffinland-president-russia-complacency.html&b=2879&t=UWxVXCsrRPMyMm8iCZHLJHBaxyyN&V=141&i=Finland%EF%BF%BD%EF%BF%BD%EF%BF%BDs%20President%2C%20No%20Stranger%20to%20Russia%2C%20Warns%20Europe%20About%20Complacency&tz=-180&_acct=anon&sn=1&sv=BIzrdMCMbWz9B8AS4_DNIox7BeQzLm&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.104.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-104-84.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 17 Sep 2023 11:55:10 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
143 B 214ms
57ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=8375845
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date: Sun, 17 Sep 2023 11:55:10 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

POST
H2 200 track
a.et.nytimes.com/ 0
0 186ms
184ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 53BD 6 KB
3 KB 62ms
61ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 11:55:10 GMT
expires: Mon, 16 Sep 2024 11:55:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 210 B
1 KB 61ms
58ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d8ca07a1064ddcee74223a91e27f83a88d713db4271a7701d035888742b48a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: PM
x-b3-traceid: 0
age: 3
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: b6952f962b83e421
samizdat-x-canary: false
x-served-by: cache-fra-eddf8230118-FRA
x-graphiti-gateway: 89c58603
x-nyt-country: FI
x-timer: S1694951711.643252,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: 18
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: EU:PM
x-nyt-edge-cache: HIT
x-cache-hits: 1
x-samizdat-query-sup-code
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: 8117f4b9
x-envoy-upstream-service-time: 33
content-length: 149
last-modified: Sun, 17 Sep 2023 11:55:06 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 56ms
55ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 898
content-encoding: gzip
content-length: 20
date: Sun, 17 Sep 2023 11:55:10 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 23
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 48
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: FI
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: 18
x-samizdat-query-exe-id: b1a1d7b2ad33a96a
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1694951711.584240,VS0,VE1

GET
H2 200 swiper-bundle.css
static01.nytimes.com/ads/adplatforms/3rdPartyCodes/ Frame 53BD 15 KB
5 KB 68ms
55ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/ads/adplatforms/3rdPartyCodes/swiper-bundle.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

03f5ca00641103496f212fd45eba6020cf488be8e6d2192ff04849b7c5ea16fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 09 Aug 2023 08:42:00 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 357190
x-guploader-uploadid: ADPycdvz-qWV_wUEghWq_ht47U7JONZLi8eALGMIdzUQ94dJHUx9k0N0vaEo4S13kLjZHnV2ixm0fCAQVUn5W2f9EkHkiA
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 4408
x-served-by: cache-iad-kiad7000166-IAD, cache-fra-eddf8230118-FRA
last-modified: Mon, 06 Jul 2020 14:30:11 GMT
server: UploadServer
x-timer: S1694951711.632195,VS0,VE0
etag: "8930154b82da7277abdcb55a911c8b63"
vary: Accept-Encoding
x-goog-generation: 1594045811289467
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=bZ527Q==, md5=iTAVS4Lacner3LVakRyLYw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 15792
x-amz-checksum-crc32c: bZ527Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4403, 584

GET
H2 200 css
fonts.googleapis.com/ Frame 53BD 7 KB
1 KB 200ms
70ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Sep 2023 11:11:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Sep 2023 11:55:10 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 53BD 24 KB
7 KB 217ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 07:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 447856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Sep 2024 07:30:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 53BD 7 KB
804 B 198ms
71ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&lang=fi

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Sep 2023 11:55:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Sep 2023 11:55:10 GMT

GET
H2 200 swiper-bundle.js Show response
static01.nytimes.com/ads/adplatforms/3rdPartyCodes/ Frame 53BD 295 KB
53 KB 69ms
59ms Script
text/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/ads/adplatforms/3rdPartyCodes/swiper-bundle.js

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

715086fd417c160db9c2e6a012f700723b6f367ffa1d928c049e1e11ced599a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 02 Aug 2023 05:03:02 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 370327
x-guploader-uploadid: ADPycdtfSQkIGIyt4Mb-OP74XT41AkwUPb6nWx9cNrRwidU-8-2hYAwGbr1DdfFnY6D2mrRcPFji4H5_kGM3xV_v9jQU_w
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 53775
x-served-by: cache-iad-kiad7000104-IAD, cache-fra-eddf8230118-FRA
last-modified: Tue, 21 Feb 2023 17:20:54 GMT
server: UploadServer
x-timer: S1694951711.632427,VS0,VE0
etag: "1f0650a7bc42a96c4c1b9d11a33119f1"
vary: Accept-Encoding
x-goog-generation: 1677000054643896
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=NTWl2g==, md5=HwZQp7xCqWxMG50RozEZ8Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 301684
x-amz-checksum-crc32c: NTWl2g==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12083, 578

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53BD 182 KB
57 KB 220ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 11:55:10 GMT

GET
H2 200 vendors~emailsignup-862fb03ea6185b7392be.js Show response
www.nytimes.com/vi-assets/static-assets/ 24 KB
8 KB 57ms
56ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup-862fb03ea6185b7392be.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6768658bab967e63282d3e169d8b9081e32cc9f76d5750ed8be9bb5f19f6825a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 224642
x-guploader-uploadid: ADPycdth42pM9ygjvN4EDRaYpxnW0MGHsNOex6V_XLjx2yEjxz5oNoU63HE-ZDsY2G4iqcpO_G-Q12gACdrxMorzS8Qmb4zTPYcH
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 21:31:08 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951711.709241,VS0,VE1
etag: "97787a17463ae0a207c7532267e4ba3e"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694726632720262
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup-862fb03ea6185b7392be.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1200
expires: Fri, 13 Sep 2024 21:31:08 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 6660
last-modified: Thu, 14 Sep 2023 21:23:52 GMT
server: UploadServer
x-goog-hash: crc32c=wWS9UQ==, md5=l3h6F0Y64KIHx1MiZ+S6Pg==
x-gdpr: 1
x-goog-stored-content-length: 24499
accept-ranges: bytes

GET
H2 200 emailsignup-b547e5668cd70f3de503.js Show response
www.nytimes.com/vi-assets/static-assets/ 3 KB
2 KB 58ms
57ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/emailsignup-b547e5668cd70f3de503.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

db146c5a1c90dbdbaab4d9ab694ab255c27d35eb4ef5e5022c662d07db51ea92

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 245129
x-guploader-uploadid: ADPycdtlVKnC6-vep9FWrK9065JBkd3hs9X5_8udwKSdSUqsNxM_yPAGCnxUpmza0cBef7yIZd2HEsiiIR2LtrGPl9qjLvnAwRUK
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-14 15:49:41 UTC
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1694951711.709449,VS0,VE1
etag: "dd826d89231005e93afba4b7a657bb40"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1694706257690041
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/emailsignup-b547e5668cd70f3de503.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1458
expires: Fri, 13 Sep 2024 15:49:41 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1347
last-modified: Thu, 14 Sep 2023 15:44:17 GMT
server: UploadServer
x-goog-hash: crc32c=VfHncA==, md5=3YJtiSMQBek6+6S3ple7QA==
x-gdpr: 1
x-goog-stored-content-length: 3501
accept-ranges: bytes

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 53BD 0
0 99ms
99ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFxGiPe658X5xG-oy88DLZGbRFozw2o4jQsD_K-JXS2JY_SZLHIIKEPRin-VHXZJAHmxCikJMcZrKG9ZRazLTsM-uwjRSAPdxS2fOtseq24mTTYXYLpruhip6_sqFa0aFE_lS4tvPg5b1KJ6zkBQAgbK3g0dBufQwAMq0iWw_wZYmmt3eeMQBhCQ3VKSX3JHYhx3zH-zuD5YoYI97yCqrXOp2iqkDuGbss_i2H2WVn7c-X1BZC3PdffQdiD4R7GtjEh61zccJXyiX4Pxy50bHYoo5kTxf1U7p2JAXYpCASz12Ed9yZQtvBWHw1cxbXkE_F_p1jM6hYRTR3hGJl0xcsGYDLRSpWjN6PcZd_HNxoJEAMWXO6LU4Zkzc3&sai=AMfl-YTi_rlGOqkGR5TJtBtO8PJ6_XTx-pw05AaFkkPeiDcCnJQBYzULFUSmEpvmYL2eFwcm6z0zoaIpvfvvVpS53fRaCXXWUmDxKugVnyIZUCXEDhJ3DMV7tSSTlqbKN6Na-A9NCNbFFVC7uzpq0qv0&sig=Cg0ArKJSzBGmUvuEAqtCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Sep 2023 11:55:10 GMT

GET
H2 200 ad-tracking.js Show response
static01.nytimes.com/ads/adplatforms/cdn/ET/ Frame 53BD 9 KB
10 KB 235ms
234ms Script
text/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js?cb=1210553290

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 17 Sep 2023 11:55:10 GMT
date: Sun, 17 Sep 2023 11:55:11 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-guploader-uploadid: ADPycds8digTz42Rzsf3ktUrs-zcdnWJeiBF6sXcHZNheyigWHTFTHE8i8QagvZfaLShV-1ImjhA0D_j6A
x-cache: MISS, MISS
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 9231
x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230118-FRA
last-modified: Mon, 10 Jul 2023 17:00:44 GMT
server: UploadServer
x-timer: S1694951711.855118,VS0,VE180
etag: "b787e3d6003409a1e48a30e0600cdb37"
vary: Accept-Encoding
x-goog-generation: 1689008444082064
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=t5C97A==, md5=t4fj1gA0CaHkijDgYAzbNw==
cache-control: private, max-age=0
x-goog-stored-content-length: 9231
x-amz-checksum-crc32c: t5C97A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 14840528201358298462
tpc.googlesyndication.com/simgad/ Frame 53BD 126 KB
126 KB 65ms
63ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14840528201358298462?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d11a9d4105f1745b06a8cf63c6f617ea49b6a149946eb1e7b6b277b0da211d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 00:23:55 GMT
x-content-type-options: nosniff
age: 473475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129025
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 16:02:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 00:23:55 GMT

GET
H2 200 380078100487396290
tpc.googlesyndication.com/simgad/ Frame 53BD 61 KB
61 KB 272ms
270ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/380078100487396290?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ae1d2a40026363a0967a25e107e2f0382cba1ff5d7859d4a44e3de3bdb942b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:47:14 GMT
x-content-type-options: nosniff
age: 486476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62252
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 16:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 20:47:14 GMT

GET
H2 200 14823162703348242362
tpc.googlesyndication.com/simgad/ Frame 53BD 220 KB
221 KB 248ms
247ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14823162703348242362?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04b56f297ac48b6c2d0f7470a2c4c54020efab12278750ba70f2a5d03fc30352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:38:12 GMT
x-content-type-options: nosniff
age: 487018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225776
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 16:03:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 20:38:12 GMT

GET
H2 200 7076880491583306224
tpc.googlesyndication.com/simgad/ Frame 53BD 129 KB
129 KB 230ms
229ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7076880491583306224?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026cd97bda242a372c2a408293377291f4097241a406d5108b5fc71ef2914988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 00:01:26 GMT
x-content-type-options: nosniff
age: 474824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131904
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 16:03:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 00:01:26 GMT

GET
H2 200 7347196514229290628
tpc.googlesyndication.com/simgad/ Frame 53BD 123 KB
123 KB 261ms
260ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7347196514229290628?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54ea2574334082305779e0cacda1f61963038760e6b696197fa10095b6380166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:52:16 GMT
x-content-type-options: nosniff
age: 478974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125765
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:51:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 22:52:16 GMT

GET
H2 200 11170470302353487380
tpc.googlesyndication.com/simgad/ Frame 53BD 169 KB
169 KB 210ms
209ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11170470302353487380?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762d167701e3136a731fe554d7eb96196c872ab052fce38044f717c082c211ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:34:03 GMT
x-content-type-options: nosniff
age: 451267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173280
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 14:52:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 06:34:03 GMT

GET
H3 200 container.html
29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 53BD 6 KB
6 KB 63ms
63ms Image
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2653
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Sep 2024 11:55:10 GMT

GET
H2 200 5044613269734126641
tpc.googlesyndication.com/simgad/ Frame 53BD 3 KB
4 KB 305ms
304ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5044613269734126641?

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8cf5e2465cb2ed530bd1811718421bcf9782c97e9fdcb090ac579311b3e10b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 03:43:01 GMT
x-content-type-options: nosniff
age: 461529
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3559
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 16:01:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 03:43:01 GMT

GET
H2 200 karnak-normal-400.woff2
g1.nyt.com/fonts/family/karnak/ Frame 53BD 26 KB
27 KB 57ms
56ms Font
font/woff2 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/karnak/karnak-normal-400.woff2

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cf270229e004cc9e09e49f17fd5f5de7b0785b9352875f7f9ce4338837b491dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
Origin: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Wed, 28 Aug 2024 02:19:24 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1676146
x-guploader-uploadid: ADPycdt7s0wpZIyamkujE7ubPNnd3nSbvIkaVd3_g8Xy3QAOgDhqcto6m50kAKCKvpaJUpxoAR-a-eQhgEkAbyMyW74YnQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 27004
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 16 Nov 2020 16:08:43 GMT
server: UploadServer
x-timer: S1694951711.865415,VS0,VE0
etag: "b2143e2f1890f4d516078da14aebab03"
x-goog-generation: 1605542923273015
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=3pdvdA==, md5=shQ+LxiQ9NUWB42hSuurAw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27004
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ Frame 53BD 26 KB
26 KB 60ms
60ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
Origin: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 05 Sep 2024 08:06:53 GMT
date: Sun, 17 Sep 2023 11:55:10 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 964097
x-guploader-uploadid: ADPycdtIt5xfXfIiOUcj2ezhFn3m_idTiGVHNb5f6MW1Ttv_ehlaqg8zhAA8ILNT-t4PJ47zd1I5FI2YoYvSoe9IC5tulA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26600
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1694951711.866265,VS0,VE0
etag: "cb85480c30b6ca5f53f673993211036f"
x-goog-generation: 1673991776240638
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kksIKQ==, md5=y4VIDDC2yl9T9nOZMhEDbw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26600
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 franklin-normal-700.woff2
mwcm.nyt.com/dam/fonts/franklin/ Frame 53BD 20 KB
20 KB 75ms
67ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nyt.com/dam/fonts/franklin/franklin-normal-700.woff2

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1cf2e6e2eb0558d1d89329ff31ba925cdaabc5585943befaf8794c4836630964

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
Origin: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3183
x-cache: HIT
x-envoy-upstream-service-time: 3
content-disposition: attachment; filename="franklin-normal-700.woff2"
content-length: 20276
x-served-by: cache-fra-eddf8230027-FRA
server: envoy
x-timer: S1694951711.875187,VS0,VE1
content-type: application/octet-stream;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-magnolia-uuid: ee2c019f-9588-4e24-9947-8be9117e029f
x-cache-hits: 29

GET
H2 200 franklin-normal-500.woff2
mwcm.nyt.com/dam/fonts/franklin/ Frame 53BD 19 KB
20 KB 64ms
56ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nyt.com/dam/fonts/franklin/franklin-normal-500.woff2

Requested by

Host: 29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
URL: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

58723f28f6674e79116285f5b6915b89359d44ae56d6d929ed9e80701ca3870c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
Origin: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:10 GMT
x-envoy-decorator-operation: mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2582
x-cache: HIT
x-envoy-upstream-service-time: 3
content-disposition: attachment; filename="franklin-normal-500.woff2"
content-length: 19816
x-served-by: cache-fra-eddf8230027-FRA
server: envoy
x-timer: S1694951711.875232,VS0,VE1
content-type: application/octet-stream;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-magnolia-uuid: 81782944-29c6-4415-98d3-8bfc074bd23c
x-cache-hits: 9

GET
DATA 200
OK truncated
/ Frame 53BD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ac0e6e9a651e2d38e1a577cc4a69cece64c33a74a06f9799dfc984e296de4f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 53BD 15 KB
15 KB 191ms
62ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 202450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 03:41:01 GMT

GET
H2 200 eventtracker-snippet.js Show response
nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/ Frame 53BD 3 KB
4 KB 206ms
62ms Script
text/javascript 2a00:1450:4001:811::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/eventtracker-snippet.js
Requested by: Host: static01.nytimes.com
URL: https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js?cb=1210553290
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:08:06 GMT
age: 2825
x-guploader-uploadid: ADPycdtmbc_tTpWREFd3RLQzsUkuU3VwSd5Lk3FvoNlMhW979Z-coQpE8PXwAwjlKTtK_NcBPHPCqBkJrEh1LrDYNUQXBA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3190
last-modified: Mon, 15 Aug 2022 20:07:43 GMT
server: UploadServer
etag: "dcda8651f2fd6410a0bac2a0625874aa"
x-goog-generation: 1660594063515807
x-goog-hash: crc32c=GCowug==, md5=3NqGUfL9ZBCgusKgYlh0qg==
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
x-goog-stored-content-length: 3190
accept-ranges: bytes
expires: Mon, 18 Sep 2023 11:08:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 53BD 0
0 220ms
98ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4QIghzTDTHougZ17wAYEYWkcQiB8l4yJI0ZX6m0tBfxf_hNxlyiIgWYDzzuJqqdMi2Ap1G37iouFNhAg4OYDEvlT7C1WNw1w8t6sEtiZ_fXbmI-wa5gfv6WbA27LqS-EOchY7tolfYV5sz9NczbUbmXVEZ0g9BWG5F__Pxjh8f5E56F2EO2cW5BE4Op6FXkwR6VWOgvHtdr8j-9rYbt7jQL9kAvtotzIQvMS9swCNHJxfSfxibXBDUKSu7jSONAym_OTH3yE1Hd7sShz7-4j7kGWMMUcfyL9elkHWFgK8ChZrz_kpSS4Qv_olwp6lQ5ppn6bNgCz4NXlgCx_Rd6CCaw&sai=AMfl-YRlkzA5Sl0tSzzDJ21hyL1QPEA00-bXvEmHQVS5KIj9NWf_MSj_NwX0OUh6nsSdXEUzu3H5wsEUklecIkxmTlJxgj-laB8DkeOGvr9r4aN0lUnY-iKO0-M_5_MwJhFeNOW_d3hqR-kBD3e5E2Gf&sig=Cg0ArKJSzLxxazw_f6HeEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Sep 2023 11:55:11 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 153ms
153ms Fetch
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 254ms
111ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf332b8ccc88623004bd111e475a7748d70c9f1bdf001e5893faff039c17fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12086
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 139ms
58ms Script
application/javascript 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea71ad76a0fd4dcdf04d5d7c5ba4c3702a9ad24c46e372f65858ad00989718f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:11 GMT
x-amz-version-id: vMGIwNi1mqbYYpA54umJi8siMEy5rvIq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: YNGQSQ2EKKXYS39N
age: 130
x-amz-server-side-encryption: AES256
x-amz-id-2: DkbrqShr/mO+Usbof8tqKaRWdOd+d7OtxM89L2s7D1xXDI4LHKfM4WsX3ZvRUQVEnx3ts4euRrylCEE3ofTT45DEZXoXwmgVRiiJd+fJFGM=
last-modified: Wed, 16 Aug 2023 19:09:19 GMT
server: cloudflare
etag: W/"d491880d0bcf72ffaf926f9dae1fbed6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvd7UbX5fQZe%2FmCBCHfMO0zWPmCsZlbwUBfwps2d75h48Sho%2BGymQCmizTT6C66xcQk6l1r6OuHlp5Dqk%2Fj1jcfvzsjbqaiEUFIEcrZNoGcPUNQuoZQYSl8c3iO%2Bz1ETexZesSi6%2FyK9gMhZoMTrH%2FicrDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 808128a45b713766-HEL

GET
H2 200 00ukraine-finland-01-wlhz-jumbo.jpg
static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-01-wlhz/ 44 KB
44 KB 58ms
57ms Image
image/webp 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/09/16/multimedia/00ukraine-finland-01-wlhz/00ukraine-finland-01-wlhz-jumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-5001019888edfe26dbb7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6ec361f0c8d4f15748b2a664c68167a145c5a1fe6adf3a32957b1110d2f4947d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sun, 17 Sep 2023 09:02:32 GMT
date: Sun, 17 Sep 2023 11:55:11 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 10358
x-guploader-uploadid: ADPycdv-GpwS7n14Z6Ik7iWIdcue8LCoW8DciHZGz0myNo0Cbm58cj_PP8K-rnaVv6RN-4Uw0CUdoH9p_57FMfbbcuvZ
x-cache: MISS, HIT
fastly-io-info: ifsz=145012 idim=1024x683 ifmt=jpeg ofsz=44626 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 44626
x-served-by: cache-iad-kcgs7200160-IAD, cache-fra-eddf8230118-FRA
server: UploadServer
x-timer: S1694951711.381164,VS0,VE0
etag: "Mb5ZkkXgu9m3fR2ODwLqyc0dUTo+w6EJgfdsPl3mArU"
vary: Accept
x-goog-generation: 1694941269219905
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=GaAFqw==, md5=DCz+/LpM+OwxYBysbK1FCQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 145012
x-amz-checksum-crc32c: GaAFqw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 2

GET
H2 200 match-prod-410245a75dcc40fbb189.js Show response
platform.iteratehq.com/ 85 KB
30 KB 43ms
43ms Script
application/javascript 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-410245a75dcc40fbb189.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

910daeb283c2d2b346e1367ec02299a20d6f8dfb278f71622765da520c9a4ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:11 GMT
x-amz-version-id: I4zvzkyB00hyAQN24cpB5fQaDT_yDPJW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: YNGS41DQHPW48K3B
age: 2738448
x-amz-server-side-encryption: AES256
x-amz-id-2: kGf6QgSKL1fGzYEpijhKfnlTioAM0WE+jNwR0lydRA7nte7xJo6afV9tN+RtIK9xzpglyghPVSo=
last-modified: Wed, 16 Aug 2023 19:09:18 GMT
server: cloudflare
etag: W/"413544696c7b476bd65bc00b9a450996"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F6pSFQqxL8qqgtX6gzy6QuaHDIpGUdj4dWz%2B2bQzc4ZWoxJKWkpL5VffeBAXAKuPTDxY1a7LcKkUpFubDdyUYZahwM8IJmMNny21fuRiyyK2xiN2UKfVSBjYzYtETaxKARFgC9mxI4yPL9d7XJ19R%2FSWR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 808128a4bc383766-HEL

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 246ms
158ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 808128a5adf24c8c-HEL
content-length: 0
date: Sun, 17 Sep 2023 11:55:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlRvE%2B2LNXANSlDHM2ijvsTn%2BuHJRPIYCjSlvJ9g94mwqudv4ZZvswcsPKN1FVK9sK%2BI%2F2SXXX8dR9Y3NHKdITQRrhyWFn5Oy%2BkWqjJH7id3xOSUnURU%2BFyJwIRaXEUCtWsXBGhL1cyV2lA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
545 B 181ms
180ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-410245a75dcc40fbb189.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d52fccbd9d614b704b031053276732d9b527216729200cc99a2278e466743a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Sep 2023 11:55:11 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pITo9NwG74ELchI8NeQgWQ0tmWScxkqhGdnFaEro%2FZ%2FrIKVt%2B4UBm2vY4S%2F1GtVxqspRQpDeoKu1IgzdSLmHrDwF5GwG6RPHXg0UYuuHOUjl2tQOQHm39cdYGsTA%2FSO09edkssH0%2FqkEVDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 808128a6a83e4c8c-HEL

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 11:55:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7D4 13 KB
5 KB 64ms
60ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 52350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Sep 2023 21:22:41 GMT
expires: Sun, 15 Sep 2024 21:22:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F03E 829 B
1 KB 199ms
70ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

00c60bb826e4e0f19074a3ce8b6ddeb509eb449db81c7192880bddb8636ddcbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fZz6PfNF-cJKLj9AYHV4jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-fZz6PfNF-cJKLj9AYHV4jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 11:55:11 GMT
expires: Sun, 17 Sep 2023 11:55:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame A7D4 37 KB
14 KB 182ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 21:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Sep 2024 21:22:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F03E 0
0 162ms
162ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=1841939303489572&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A7D4 0
10 B 60ms
60ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7MLo7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:55:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 150ms
149ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 808128a83c344c8c-HEL
content-length: 0
date: Sun, 17 Sep 2023 11:55:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dopvz%2BcKh9gmMJhWrXSV8KY4SazdFPAZdidfkhTSlbaYAVGl%2FUlSDT%2FdHg0j5tGIHhvQUXqngjX663ZS9LtMjOdICaiu6sH%2BYtwC8uARK94eqyZyeGm8LYKjLVypUIk%2B3iBNarvghIiy1oM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
345 B 155ms
155ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-410245a75dcc40fbb189.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTA2ZTkxZmZlNDNhNjAwMDE1M2FmNDAiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk0OTUxNzExfQ.io4V9R5vitFBfyCLLGiuJp7TFQq78uLaLNJAfRUmfQQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Sep 2023 11:55:12 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMcSX7XoRzVDKfABVMaQvEna2XyGVAJuz3w2llPu%2BWhC7YVAZ8dnVgiEKMDB%2Bk0PqjhsgHCgikG9h%2BxOrbdG0I3xtp4FKO1w3rKRpPGnufChQ5hNW8xxm2XmJCOQrvEPBYBtpDuBCe3JCko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 808128a92ee04c8c-HEL

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 53BD 42 B
174 B 167ms
166ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuO-6h0x3LaY6So_0zAQ4KWXFVoSxMC4vSKkHE1k0GaqinZ-6_KE_sZtk6AMTiNVF8msjWuALO3WBKaUnA4oVedCKOQqSdT76E6s48qOjpz63cOQjfh5sINLtUG0FLY&sig=Cg0ArKJSzMeNVZjRcYWrEAE&id=lidar2&mcvt=1000&p=149,0,421,1600&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=7&adk=1524529580&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694951710519&rpt=691&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 11:55:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 144ms
144ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 808128aa294b4c8c-HEL
content-length: 0
date: Sun, 17 Sep 2023 11:55:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7tpR6fP9B4Gtz%2B%2F%2BVzWL6%2FfXELLDdfkYFlfiEz2abQoPpRFjcuDQouHDRHZDI3sNzeprCc5EEs8iO8rUr9WXOOm4Ax9MxXF9bhw9ZbXuzf5%2FdPdYBxsIUzxOVlrsa8EJxLPtVXQqFg0Fh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
330 B 155ms
155ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-410245a75dcc40fbb189.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d0afdaa58666ac3f8408a156172846c19c7167fc412d2223fea606655f2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTA2ZTkxZmZlNDNhNjAwMDE1M2FmNDAiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk0OTUxNzExfQ.io4V9R5vitFBfyCLLGiuJp7TFQq78uLaLNJAfRUmfQQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Sep 2023 11:55:12 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bADerujRMRqyrkRF6JGrJHUEquRYXC5N%2BNholv8uGdIBUw46PdzBEWMPY8fLcENnUFF0KuR0mQ0zpaXWioYj4fkJAxCsVBBxWoiEuAFNJJuqH%2FjNl9CFydiVbMziQ5edzfmRY54N9wFTBfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 808128ab0b6b4c8c-HEL

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 166ms
166ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=1841939303489572&bg=!dXaldjnNAAbP3fMH7907ADQBe5WfOEKWgvve_CpkdPa0jslt03kTOSu2bNNVJdY4TY4Yc_Ck5UUgQEApE8iYgrGfTu63AgAAAEZSAAAABmgBBwoATPc-3OhBCJ0xr4FvaN7t16d6wV4SQwEkjRj0uMC_2YQIoOjHm4He0fPO1vhNIvOreTH9ukpOLPeWHXtJSuhntQwDDerRF8n7t7nx0kOZAw_cKZSl8XDIHt3zlTu2yjvZ5JOwMwz7DxZS7BYGDOpNFiwsUr2yyfJ74GPhxO-uYBh_ohz6EmXlxOxQCJuEN5UaisltTPHL3EnvqSCUIpnr3oifXDVDkSQTRjbxpVNXjIahhBEYroC5WjwFvvdPMZnqJbg7iQjG1X6d8fR8JhIgriOwdp7ZBxpZ2uKcY_i5BR6OWTRXKrRZ-WqFnqKJoMPojnBmsIBuT_NqRVWGDKdnHJ9Jr6XBNTsE7xZQyWs8tYPnxaYLIxeeLYby9R1B4unZYmoCfiG5leEu9wR01EQOAeWlhkNfDKFFeZMl6bkb81k4tgntr6kvEdNemSa6Vxg1MyxeU2q28q47MBx20xK3ScHUt00jgxdTDtAvQBdHnnaeuVzDna1GaelxDIx9V4nBRI88azKIvpxyWDKXhsznbOX_qG9iu1pAiOd3BueqwEf7ZuM5c0qfWaslXGW_xHbHhXA87Tv-957d-JQ5Jxv8zju9U5aGBwEwnvgF1g5SZAhdXG2q1yfr5Si_8QZjuuFn0FuxB_yYauGOrjTLgbqIJHsoEUld48G7Wi-PAJbLrd8UrrFUGCcMvS9VTbKrOktaHyfugr0M0YdPZrRfzP2_gFyYTTA4Ck2b1-OpVIKgkxOzWtc1Rq5jdlZ0Lt1njQepdgR5WXV1LeeyRpbS6xfkH3aPDW_J2Lg2XEpZyzhdfKsewWZi0EU3ydiBMs673CeOIW_MQIpDTCzUWtw5JqGao1d79wlNf1xpc3M9G1fu-OseZjwD5-8p2Y_N3EWV305FMPebXR-LWo-acgCrELEQz8iVpn4qIUiHH7qjvZsTl7Rzpj7TJ7X92CqvAiyYKfc0_D9R6UsTEab6UynRvBP5c_3cDd4CsVMr6y1rrGA0xSDIV8QabNPnMm0B557e-H4ubEw4wlE28K3AMgHTIuvdjnYy2DfHrH9E11L_ip6zCjKRahZTHWZRWB1-cViVKqqMuMh3yq3HS4006bW-k0PhiEUu2ZjZJbgkp5kA75RZsa0eKohaRxtUdTBFSyQptaI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
334 B 154ms
153ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-410245a75dcc40fbb189.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d0afdaa58666ac3f8408a156172846c19c7167fc412d2223fea606655f2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTA2ZTkxZmZlNDNhNjAwMDE1M2FmNDAiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk0OTUxNzExfQ.io4V9R5vitFBfyCLLGiuJp7TFQq78uLaLNJAfRUmfQQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Sep 2023 11:55:12 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTpr4o7lyJExIuMK%2BIMdzmh4ca77%2FTHpkdYkFqwoi0KxBHeBVWDibV4ie77mBW%2FzUAE%2Bnv0%2F30z9JbT%2BKKVEfXNvK6ZSYwkly648bPb7AttXLOMaYMyFfruTdrFOvwaX8H111rjrlT3RzRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 808128acefa04c8c-HEL

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 137ms
137ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 808128ac0da74c8c-HEL
content-length: 0
date: Sun, 17 Sep 2023 11:55:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEsKRY35oHesiwxIQBVq1HI8LoRk%2Fu84CZSNxCCBpOIJ0Ufw1HZUwuKYxJXvGq%2BsbBXcHSYV6tX1hEtTcRfUHGbcEFfmybD7Z1reSda7w24b5NVRtKvs9NeZ%2FSyJN%2F9RK1upJhBxasonC7k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 156ms
155ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 23:34:47	Name: nyt-a Value: ipzi4val9MkrSI6rJq7kO2
.nytimes.com/	1970-01-20 14:49:33	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 23:34:47	Name: nyt-purr Value: cfhspnahhudnhuns
.nytimes.com/	1970-01-20 14:49:33	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 14:49:33	Name: nyt-geo Value: FI
.nytimes.com/	1970-01-20 14:49:11	Name: nyt.et.dd Value: iv=DB70BD2BD58C4BE9BFFBAA078F64D580&val=E5JEFwcwRzHyOTYyZh5mCC6oQ5Itzg8GzSwE3MGi93VOHVT6ZgzLkIq6toD8rdzIaFVnzSo8yuy9u2r5YKwdWu4JA3ZKTw+9uwSx6vbfDMzCISSUNVEYdea5tQ4VZdm3+o+2jVU/fK1G4Aiwz0A1JOYuhsayX2cH5PZlyy3GbUHKxX7I/HP7hCJILn+iELaxeBsIsGxn1/ATsC/DwiGg6w==
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 34b3ed32a86c43cdadef31c59b4899e3
.et.nytimes.com/	1970-01-20 14:49:13	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 23:34:47	Name: sessionIndex Value: 1\|1694951708269\|ipzi4val9MkrSI6rJq7kO2\|1694951708269
.et.nytimes.com/	1970-01-20 14:50:38	Name: et-ppvid Value: https://www.nytimes.com/2023/09/17/world/europe/finland-president-russia-complacency.html=Gpo0Mi7hnRaTbhbaJ75ZUKym
.nytimes.com/	1970-01-21 00:18:41	Name: purr-cache Value: <K0<r<C_<G_<S0<a0<ua
a.nytimes.com/	1970-01-20 23:34:47	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 14:49:55	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 14:49:55	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 23:34:47	Name: nyt-jkidd Value: uid=0&lastRequest=1694951709441&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1694951709441&isNew=1&pageIndex=1
.www.nytimes.com/	1970-01-20 23:34:47	Name: datadome Value: 1Q-JEBR9nZymsBIh1mlCt-Pq2D47T3ILpBlZX~Zt~kwwQ_g1b~fm7Clhnu4PRt6aT0cMptos8g80_xJnJB9rJl50D1ghx3bD-iru6xs5wSziSOGLv~HeIia-5nZawtn_
.nytimes.com/	1970-01-21 00:17:59	Name: _cb Value: Fu-tODj89VOCoZ_za
.nytimes.com/	1970-01-21 00:17:59	Name: _chartbeat2 Value: .1694951710408.1694951710408.1.BIzrdMCMbWz9B8AS4_DNIox7BeQzLm.1
.nytimes.com/	1970-01-20 14:49:13	Name: _cb_svref Value: null
.nytimes.com/	1970-01-21 00:10:47	Name: __gads Value: ID=be3e525f34e107be:T=1694951709:RT=1694951709:S=ALNI_MYj3tYvY50CLd163FkIjmoIUIoW9g
.nytimes.com/	1970-01-21 00:10:47	Name: __gpi Value: UID=00000c77f81fc58a:T=1694951709:RT=1694951709:S=ALNI_MYrkji5dPAUCWYuLhPhqw99HJxVJw
.doubleclick.net/	1970-01-21 00:25:11	Name: IDE Value: AHWqTUm9yRYpTgEA5XlL-Swd63CvEa4r1lIvwzqLVmjxqn8UgFng_VpanN4fWAVhkk8
.nytimes.com/	1970-01-21 00:25:11	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTA2ZTkxZmZlNDNhNjAwMDE1M2FmNDAiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk0OTUxNzExfQ.io4V9R5vitFBfyCLLGiuJp7TFQq78uLaLNJAfRUmfQQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29bd001ee5c5a41db4a70483f3d59df8.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
als-svc.nytimes.com
cdn.brandmetrics.com
collector.brandmetrics.com
dd.nytimes.com
edge.microsoft.com
fonts.googleapis.com
fonts.gstatic.com
g1.nyt.com
iteratehq.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
nyt-dti-prd-staticjs.storage.googleapis.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
static01.nytimes.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
143.204.215.30
151.101.129.164
151.101.65.164
20.50.2.28
2600:9000:2057:1000:18:1fcd:353:c61
2606:4700:20::681a:6e5
2606:4700:20::681a:7e5
2606:4700:20::681a:c12
2620:1ec:c11::239
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::201b
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2001
34.225.104.84
44.211.112.71
52.3.42.214
52.54.49.121
00c60bb826e4e0f19074a3ce8b6ddeb509eb449db81c7192880bddb8636ddcbc
026cd97bda242a372c2a408293377291f4097241a406d5108b5fc71ef2914988
03f5ca00641103496f212fd45eba6020cf488be8e6d2192ff04849b7c5ea16fc
04b56f297ac48b6c2d0f7470a2c4c54020efab12278750ba70f2a5d03fc30352
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
08020d3ceca35aa100470aaf0adcd58676ed9cf42deaf7bc0997f262718a7234
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09e41d5e3154a50d73fa0067e36aeb25fc78f9d61fc2bc99edc04aa8f093ff14
0ac0e6e9a651e2d38e1a577cc4a69cece64c33a74a06f9799dfc984e296de4f4
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
12f781cc93ce839913e619d56f0285cfa3a2193fee2667870ea41dc08d1fb856
1cf2e6e2eb0558d1d89329ff31ba925cdaabc5585943befaf8794c4836630964
208133e3ee91c0179a98e8721da0f60fa99c96988e5cfc561c4baf781a6210eb
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2ac4c14703dd939606114f890941951e4ae157bd1401ba5210a976f65f86b319
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2e75a4e8691c2ccbafec618383f4db5de97aa6c30357658a592b6ca0c9be9cdf
35ebaaa5ccc5200a59dc83791e3776a844a14a3ab52fb7994442652b4b2729e0
36d0afdaa58666ac3f8408a156172846c19c7167fc412d2223fea606655f2f87
36e359a6710a1b1dc4f1e42a5fb30425b1af509b2721b2200f16199bb73566ad
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
3ef236ef5aee35c5448f0786482a2b07bc736e8fb1179ac9777c1c1c72c51ddf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755
4754810ae169af5583a80cf686745893b3e3ad52b3c3fa5114463533137f3a9d
481e5f79ab64d2d83e0ba60b05a04530da21727427b1e51a897b888e46ec1f50
5020ded46002d7344f62f7bef1043629df6f5baded933ba297607600eed24d57
54ea2574334082305779e0cacda1f61963038760e6b696197fa10095b6380166
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
58723f28f6674e79116285f5b6915b89359d44ae56d6d929ed9e80701ca3870c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6635daae7f070d6e4d6df7475a6b4d61321cbafc120760e60ef32ce504d058dd
6768658bab967e63282d3e169d8b9081e32cc9f76d5750ed8be9bb5f19f6825a
6ec361f0c8d4f15748b2a664c68167a145c5a1fe6adf3a32957b1110d2f4947d
715086fd417c160db9c2e6a012f700723b6f367ffa1d928c049e1e11ced599a4
723589e1e0c7cc405e1a311b906e315cf2f1c8fae83f266c10cb8d0a2a41e648
75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f
762d167701e3136a731fe554d7eb96196c872ab052fce38044f717c082c211ba
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d185a68ec7c2c52fd808d2eefd86e68264830af4cf3f1fa8946607b16b56907
85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c
88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
910daeb283c2d2b346e1367ec02299a20d6f8dfb278f71622765da520c9a4ce1
958b929efda1605da550c969b90450a5a2604c9e5ca92f537e52a6f7f677555d
96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04
a50af2489fa5b03b89895a7fb0ed4f161746305738ced8b116ce87548ad41b41
a5d84f7757f7aad06068b45d5c16da88c704eef6e9ee8093ab193e30dad74704
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
aeaeb853b07cfe0c132e488c918dbb09f5413da0523b34d36a65ef856cb1f3d8
b2064442f57238d5e04d61bacad93794e723f91204f928f6980801c400b7bea6
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b5d11a9d4105f1745b06a8cf63c6f617ea49b6a149946eb1e7b6b277b0da211d
b7cf5473a508f86c6f4ba065e7adffbd4fcb599e927bbe85ab387e475f7fb0ee
c95f64df78ae4a64bc82b0265da6f0036fb6c7184e55b4164b043834edca5fe7
cb6f3a44de8fdc2a9ea4a7d2b8c9147805f3b18007138e5af8ec5c81bd91aada
cf270229e004cc9e09e49f17fd5f5de7b0785b9352875f7f9ce4338837b491dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d235d239ed7dcc804c2ec2f66533abcbdb7d2959a68a207a43730dde3367da5a
d35c481a63fed744bb6c423366b1e543166e325c124f78bb61a3ca56b185f011
d3822b4c30a4c86772a290b303abaca854f36ef7caa5d993ec7c37e1fa1a3738
d49565da6cdc2c1c47e1f4d9f93bfdb4c8cff039a60bca5700daf101afbd01dd
d52fccbd9d614b704b031053276732d9b527216729200cc99a2278e466743a90
d57cdc47f635d0573f2ffd7afe1ef996c81373cddc10fa4ab69cbbad71903ed2
d7ae1d2a40026363a0967a25e107e2f0382cba1ff5d7859d4a44e3de3bdb942b
d8ca07a1064ddcee74223a91e27f83a88d713db4271a7701d035888742b48a8b
daf332b8ccc88623004bd111e475a7748d70c9f1bdf001e5893faff039c17fef
db146c5a1c90dbdbaab4d9ab694ab255c27d35eb4ef5e5022c662d07db51ea92
db51b1035bd8a32ce41eaa796d717f8f9a460a1f2f640ab1c82317018e7a1e67
dd8f84ce0db3fc3de7b4531c33fb736da66b102b964626cd775d02d05d98f280
de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e921656033cc786874cda7e2cadfc25acf73dac1b30fb166bf25e5796cd9c80e
ea71ad76a0fd4dcdf04d5d7c5ba4c3702a9ad24c46e372f65858ad00989718f2
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a27bc54a1aa97119c8f647ec50c57a5b1140cc2fde90cb575756c171460db5
f6f5c0df18bcdba73b52f9c75e6c0d805b87344508b4882d980d3b06aa3d4234
f8cf5e2465cb2ed530bd1811718421bcf9782c97e9fdcb090ac579311b3e10b4
fd2f5191c2784ef46a8e701c41cab04fa4e387550e55e260a19028915e391c13
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

www.nytimes.com Open in urlscan Pro 151.101.65.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

64 %IPv6

14 Domains

31 Subdomains

23 IPs

3 Countries

3677 kBTransfer

8906 kBSize

24 Cookies

14 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

31
Subdomains

23
IPs

3
Countries

3677 kB
Transfer

8906 kB
Size

24
Cookies

116 HTTP transactions
1 data transactions