www.nytimes.com Open in urlscan Pro
151.101.129.164  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

• https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html HTTP 302
• https://5290727.fls.doubleclick.net/activityi;dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html

Request Chain 84

• https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CJrW08m65PYCFe6GdwodSV4AdA;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 127

• https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html HTTP 302
• https://5290727.fls.doubleclick.net/activityi;dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request nj-lottery-winner-mike-weirsky.html Show response www.nytimes.com/2019/03/08/nyregion/	255 KB 63 KB	83ms 13ms	Document text/html	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7affe643555b64350a628488e8edda8ba887757889a2915baa2b79218805044d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx content-type text/html; charset=utf-8 x-b3-traceid 04c04873078f4f9e8b93508dd94650c7 x-nyt-data-last-modified Sat, 26 Mar 2022 18:45:01 GMT last-modified Sat, 26 Mar 2022 18:45:01 GMT x-scoop-last-modified 2019-03-10T05:27:42.529Z x-pagetype vi-story x-xss-protection 1; mode=block x-content-type-options nosniff content-encoding gzip cache-control s-maxage=300,no-cache fastly-original-body-size 62414 x-nyt-route vi-story x-datadome-timer S1648320301.323515,VS0,VE4 x-origin-time 2022-03-26 18:45:02 UTC fastly-restarts 1 accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT age 789 x-served-by cache-lga21939-LGA, cache-hhn4042-HHN x-cache MISS, HIT x-cache-hits 0, 1 x-timer S1648321091.179824,VS0,VE6 vary Accept-Encoding, Fastly-SSL x-datadome protected x-nyt-app-webview 0 x-gdpr 1 x-frame-options DENY onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html x-api-version F-F-VI content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; strict-transport-security max-age=63072000; preload; includeSubdomains x-nyt-edge-cache MISS-HIT content-length 62414
GET H2	200	web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css g1.nyt.com/fonts/css/	60 KB 10 KB	36ms 8ms	Stylesheet text/css	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw== date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip content-type text/css; charset=utf-8 age 14145324 x-guploader-uploadid ADPycdvM_HxElX7psfISEsaNQfEgnO2Zgx5cmB4AGrFveWBc7tmn1KIO6XBFRxV4kkQJuoRY7wL5yZmwCuWxcKNne2c x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 9775 via 1.1 varnish x-served-by cache-hhn4042-HHN accept-ranges bytes expires Fri, 14 Oct 2022 01:42:47 GMT last-modified Tue, 06 Apr 2021 21:11:51 GMT server UploadServer x-timer S1648321091.243207,VS0,VE0 etag "1b2e52261e85210b126b5076aba9359b" vary Accept-Encoding access-control-allow-methods GET, OPTIONS x-goog-generation 1617743511910294 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 9775 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 27792
GET H2	200	global-a390e9d7a067927dd253742a2f0124d4.css www.nytimes.com/vi-assets/static-assets/	6 KB 3 KB	8ms 8ms	Stylesheet text/css	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 1613494 x-guploader-uploadid ADPycdugz7tUwxsTIVVjzMr30MsNN5XAzJesVXJMpL3JujVg9jx7J8PtxNOIskMZPYRDmf_lfc0o79S40itWJt0xkgSBJDd2sg x-goog-stored-content-encoding identity x-origin-time 2022-03-08 02:46:36 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.215718,VS0,VE1 etag "3571f7d1a0dfa9e747b201e07fd9492b" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css content-type text/css; charset=utf-8 cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 27905 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 1978 last-modified Tue, 08 Mar 2022 00:20:31 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw== x-goog-generation 1646698831793781 expires Wed, 08 Mar 2023 02:46:36 GMT x-gdpr 1 x-goog-stored-content-length 5676 accept-ranges bytes
GET H2	200	adslot-8db91333d85a08f170f7.js Show response www.nytimes.com/vi-assets/static-assets/	20 KB 8 KB	12ms 12ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/adslot-8db91333d85a08f170f7.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash f003d6c3dc1bc7c460f369f79c4085ac19fdc84fda7c8f178fdb57968879d373 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 856784 x-guploader-uploadid ADPycdu6q7C_cu1qZmpI93vJ5QdoGFIiLbIYVbVeeepPNtlhbWghTn-faNyfksuaSfjk3-FO2yAqqZ7xxP7wvfF3noo4ga6fYw x-goog-stored-content-encoding identity x-origin-time 2022-03-16 20:58:27 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.226363,VS0,VE1 etag "f85b31f521e02dfdfe42f5531e6de9e5" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-8db91333d85a08f170f7.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 38612 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 7365 last-modified Wed, 16 Mar 2022 20:44:21 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=aBucZw==, md5=+Fsx9SHgLf3+QvVTHm3p5Q== x-goog-generation 1647463460966996 expires Thu, 16 Mar 2023 20:58:26 GMT x-gdpr 1 x-goog-stored-content-length 20855 accept-ranges bytes
GET H2	200	chartbeat_mab.js Show response static.chartbeat.com/js/	22 KB 10 KB	87ms 20ms	Script application/x-javascript	2600:9000:223c:bc00:18:1fcd:34f:cdc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_mab.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:bc00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 16:59:32 GMT content-encoding gzip last-modified Fri, 14 Jan 2022 02:25:43 GMT server nginx age 7119 etag W/"61e0df27-59c1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA56-P2 x-amz-cf-id r3rlVGg1sXVGItM6i42S_SUIz9ymkfmF9bG-u3wSzc4G8dEyz6RhrQ== expires Sat, 26 Mar 2022 18:59:32 GMT
GET H2	200	08xp-lottery-jumbo.jpg static01.nyt.com/images/2019/03/10/nyregion/10xp-lottery-p1/	31 KB 32 KB	116ms 61ms	Image image/webp	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nyt.com/images/2019/03/10/nyregion/10xp-lottery-p1/08xp-lottery-jumbo.jpg?quality=75&auto=webp Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash c244645916870ba90a2e4743816d47e7dbbbea1c841b678255985a408d686f86 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish, 1.1 varnish age 282115 x-guploader-uploadid ADPycdvyj6UogMsxVvvl7mRNJzfY7Ifp7bq4nWVmdwfCAUc0Ma-VuRBqApHjsqVz99jXucSs49QGv_xHYcJMsd651iasoc-OIg x-cache HIT, HIT fastly-io-info ifsz=97912 idim=1024x601 ifmt=jpeg ofsz=32236 odim=1024x601 ofmt=webp x-goog-storage-class MULTI_REGIONAL fastly-stats io=1 content-length 32236 x-served-by cache-iad-kiad7000174-IAD, cache-hhn4042-HHN server UploadServer x-timer S1648321091.308546,VS0,VE2 etag "CV4bb04hCMi/7XiCFp564C73Ac5V9OKnRfeFeMAyQ9M" vary Accept x-goog-hash crc32c=JchCIw==, md5=vaSgdrNJ+1+gb9AeptG9FA== content-type image/webp access-control-allow-origin * expires Wed, 16 Mar 2022 12:02:43 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 1, 1
GET H2	200	vendor-2a1393124d9c6980400d.js Show response www.nytimes.com/vi-assets/static-assets/	240 KB 71 KB	12ms 10ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/vendor-2a1393124d9c6980400d.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 3fb1230df66b86bf766d8a46b7483c9229d15d13ba5ee58976c32f884fcd6032 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 1432099 x-guploader-uploadid ADPycdvgAxtwVBkA4brjV1sEGpaM83zPQLp2bNb7-MKT_0sos0TgF6trFvRin9vQUmqWPoi6sIgp8MN5xB-RRDRE54Y x-goog-stored-content-encoding identity x-origin-time 2022-03-10 05:09:52 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.270927,VS0,VE1 etag "8ca1dba7088b90b0465f2500ec620d7c" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-2a1393124d9c6980400d.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 38658 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 72361 last-modified Thu, 10 Mar 2022 01:53:52 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=HXDmfw==, md5=jKHbpwiLkLBGXyUA7GINfA== x-goog-generation 1646877232474101 expires Fri, 10 Mar 2023 05:09:52 GMT x-gdpr 1 x-goog-stored-content-length 246071 accept-ranges bytes
GET H2	200	story-72d515fafdd7bdd7ad8c.js Show response www.nytimes.com/vi-assets/static-assets/	1 MB 291 KB	11ms 9ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/story-72d515fafdd7bdd7ad8c.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 311c7a1c5b1cb6d13a04b32ddc13fc7ef19d217fba5e0cc2071bc449376a5211 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip fastly-original-body-size 1120400 age 163477 x-guploader-uploadid ADPycdts5bleXYyfjlfE_dBm7ks4yh7lbt_0tv8tsqRciccqg8rO4UMNf-PG6TeqhjJ7KhlMi7q7eJwaB-CRXXAnCwJ_j_MYlw x-goog-stored-content-encoding identity x-origin-time 2022-03-24 21:33:34 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.271156,VS0,VE1 etag "d0a0cbfd88c7bbde64fae4302a416adf" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-72d515fafdd7bdd7ad8c.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 83 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 296464 last-modified Thu, 24 Mar 2022 21:11:06 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=F5tIug==, md5=0KDL/YjHu95k+uQwKkFq3w== x-goog-generation 1648156266453950 expires Fri, 24 Mar 2023 21:33:34 GMT x-gdpr 1 x-goog-stored-content-length 1120400 accept-ranges bytes
GET H2	200	main-81f8afe33198f504bfe9.js Show response www.nytimes.com/vi-assets/static-assets/	1 MB 334 KB	14ms 12ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash e02e3e2c1ce13b5280db529f0e01caeab25811614245052a3408b7369e078d44 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 102030 x-guploader-uploadid ADPycdsQLmoi_8uTKMG5ZLt6J-SEZ905wOrMoP-bNI5jCJbzW9ZVXrloujf5N3m9dL68LblWNAM52n8YcfwmwBCoZGs x-goog-stored-content-encoding identity x-origin-time 2022-03-25 14:37:41 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.271107,VS0,VE1 etag "623c7fbeb526f7278067f69aab4a295f" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-81f8afe33198f504bfe9.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 3250 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 340814 last-modified Fri, 25 Mar 2022 14:24:21 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=xOLhfg==, md5=Yjx/vrUm9yeAZ/aaq0opXw== x-goog-generation 1648218260947014 expires Sat, 25 Mar 2023 14:37:41 GMT x-gdpr 1 x-goog-stored-content-length 1210842 accept-ranges bytes
GET H2	200	gtm.js Show response www.googletagmanager.com/	370 KB 100 KB	62ms 34ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a1072079ab7ef1759a217b739c3746123326e7f6df9a6f164f1146ad1ba88dbe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT content-encoding br vary * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 101587 x-xss-protection 0 pragma no-cache server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	v2 samizdat-graphql.nytimes.com/graphql/ Frame	0 0	91ms 27ms	Preflight	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,nyt-app-type,nyt-app-version,nyt-token Origin https://www.nytimes.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers x-cloud-trace-context cf88c0e797d889dff74e340f78308a7d/14451620971474925858 access-control-allow-origin https://www.nytimes.com access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-headers content-type,nyt-app-type,nyt-app-version,nyt-token access-control-max-age 300 access-control-expose-headers x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset via 1.1 google, 1.1 varnish accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT age 439 x-nyt-meridiem PM x-nyt-continent EU x-nyt-country DE x-nyt-region TH x-nyt-audience-target-flat EU:PM x-samizdat-query-exe-id a4f98a0167999beb x-samizdat-query-field-errors 0 x-served-by cache-hhn4031-HHN x-cache HIT x-cache-hits 50 x-timer S1648321091.327571,VS0,VE0 vary Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method timing-allow-origin * content-length 0
POST H2	200	track a.et.nytimes.com/	0 0	198ms 108ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	v2 Show response samizdat-graphql.nytimes.com/graphql/	149 B 922 B	19ms 19ms	XHR application/json	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software samizdat-graphql-3e5a319 / Resource Hash 7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5 Request headers Referer https://www.nytimes.com/ nyt-app-version 0.0.5 nyt-token MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 nyt-app-type project-vi Content-Type application/json Response headers x-nyt-meridiem PM x-b3-traceid 24c5595c984e9aa0-241cc1bceffe6008-1 age 2 x-nyt-audience-target-flat EU:PM x-samizdat-query-field-errors 0 x-samizdat-query-exe-id 662387a105724ca1 samizdat-x-canary false x-graphiti-gateway a7293694 x-nyt-country DE x-timer S1648321091.355584,VS0,VE1 x-nyt-continent EU vary Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin content-type application/json; charset=utf-8 x-nyt-region TH x-cloud-trace-context f59a9fd3937eea7078c1d74e976511c0/13562711595920553614 cache-control max-age=30, public x-cache-hits 1 x-samizdat-query-sup-code date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 google, 1.1 varnish access-control-allow-origin https://www.nytimes.com x-cache HIT samizdat-x-instance 34347162 content-length 149 last-modified Sat, 26 Mar 2022 18:58:08 GMT server samizdat-graphql-3e5a319 x-served-by cache-hhn4042-HHN access-control-allow-credentials true x-datadog-trace-id 24c5595c984e9aa0-241cc1bceffe6008-1 accept-ranges bytes timing-allow-origin * access-control-expose-headers x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
GET H2	200	swg.js Show response news.google.com/swg/js/v1/	143 KB 45 KB	109ms 16ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/swg.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c92375557228899da90891059a2ccd509a56f287237b5005d70e4d00edaba7b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:26:27 GMT content-encoding gzip x-content-type-options nosniff age 1904 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45383 x-xss-protection 0 last-modified Thu, 24 Mar 2022 20:21:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type text/javascript cache-control public, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 19:16:27 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	82 KB 28 KB	71ms 38ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28043 x-xss-protection 0 server sffe etag "1170 / 765 of 1000 / last-modified: 1648245909" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 26 Mar 2022 18:58:11 GMT
GET H2	200	als Show response als-svc.nytimes.com/	2 KB 2 KB	373ms 255ms	XHR application/json	35.244.188.62 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F6b3146f7-96c7-5e71-9ed2-0f5c15e36492&typ=&prop=nyt&plat=web Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 62.188.244.35.bc.googleusercontent.com Software / Resource Hash 8f69bf06e26fdcebb7eab4c2e103aae513a594b87eaf141eaa1a66174752c9a7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 google access-control-allow-headers DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.nytimes.com cache-control private, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1963
GET H2	200	franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2 g1.nyt.com/fonts/family/franklin/	19 KB 20 KB	84ms 52ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 14757355 x-guploader-uploadid ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 19836 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Thu, 06 Oct 2022 23:42:16 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321091.309374,VS0,VE0 etag "d6c06a3d84a57100edad5bf9b84ff739" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984052902 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 19836 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 24627
GET H2	200	franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2 g1.nyt.com/fonts/family/franklin/	20 KB 20 KB	57ms 25ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 843082 x-guploader-uploadid ADPycdv7Jbe5NltIEUwxTT1TqxTRwf5-ekAsOmKyFXrPrYrgg4TiuMTADqrq-dCv9GTtYZtveUDwCjikyvLwKmfHVRA x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 20312 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Fri, 17 Mar 2023 00:46:48 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321091.309190,VS0,VE0 etag "b44c88f09ca7ce914b836d4ae72891b8" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984061911 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 20312 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 24188
GET H2	200	cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2 g1.nyt.com/fonts/family/cheltenham/	28 KB 29 KB	51ms 19ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 11729029 x-guploader-uploadid ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 29076 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Fri, 11 Nov 2022 00:54:21 GMT last-modified Wed, 15 Sep 2021 19:43:02 GMT server UploadServer x-timer S1648321091.308995,VS0,VE0 etag "a3ed7afe3eaa0a873f3fbd379f8c491b" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734982705223 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 29076 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 15647
GET H2	200	cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2 g1.nyt.com/fonts/family/cheltenham-small/	20 KB 20 KB	55ms 24ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 761515 x-guploader-uploadid ADPycdv9WC0_8pJ98J2RfM1Xp9nfafHEvirtFjDvY6VBVjhBncUkqoRnvm4fZSsOJS9HchqkmKAtI41_IPpo7lPWarRXkMuSbw x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 20136 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Fri, 17 Mar 2023 23:26:15 GMT last-modified Wed, 15 Sep 2021 19:43:03 GMT server UploadServer x-timer S1648321091.309092,VS0,VE0 etag "108ce298d451197b23fefceb3e36959f" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734983132414 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 20136 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 9166
GET H2	200	franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2 g1.nyt.com/fonts/family/franklin/	20 KB 20 KB	56ms 24ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 757232 x-guploader-uploadid ADPycduw_n53qAT8mmy-Mo-L5LqjCsy6JkyHOT3xG7kMrZNreYfm5h5rJpKyKb5DtKASsqLa04epf4I4LA4o1haxBgY x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 20172 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Sat, 18 Mar 2023 00:37:38 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321091.309263,VS0,VE0 etag "bc7be4c5d8cacb780f896c5cbe0c0d7f" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734983906454 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 20172 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 19125
GET H2	200	imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2 g1.nyt.com/fonts/family/imperial/	26 KB 26 KB	57ms 56ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 843615 x-guploader-uploadid ADPycds33uvi6eLtn4gqz1FvmB4BRvguteE2sYrQdrujtZfbdywcLwNwrBUBCtCHuxeG4XJhf8PIqjJDYwKcv4VRbUk x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 26504 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Fri, 17 Mar 2023 00:37:56 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321091.316462,VS0,VE0 etag "6131cd77b6e216c7693ed925f4309ffc" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984460387 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 26504 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 22274
GET H2	200	cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2 g1.nyt.com/fonts/family/cheltenham/	28 KB 28 KB	59ms 59ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw== date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish content-type application/octet-stream age 757340 x-guploader-uploadid ADPycdvY8WJhPH2o51UBKNtWd0Dk-tItILgU4R8qBRhBzbpTrzzgW00aPTKX8rqD5dzh7pXo2P1M_W3WPANSLgfdtRw x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 28620 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Sat, 18 Mar 2023 00:35:50 GMT last-modified Wed, 15 Sep 2021 19:43:02 GMT server UploadServer x-timer S1648321091.316780,VS0,VE0 etag "f99a0459024509f157a3352e5de4f873" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734982696426 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 28620 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 8534
GET H2	200	prefetch-assets Show response myaccount.nytimes.com/auth/ Frame EE87	393 B 751 B	43ms 11ms	Document text/html	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://myaccount.nytimes.com/auth/prefetch-assets Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software envoy / Express Resource Hash c0c572d5836a69f0b4d0dc4b6199d9575d2581493f7c99c5d98160a6aafb164c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers x-powered-by Express x-datadog-trace-id 3807632075854573793 x-datadog-parent-id 2454039750846065183 x-datadog-sampled 1 x-datadog-sampling-priority 1 strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-nyt-backend lire-ui content-encoding gzip x-cloud-trace-context 7626c3c954417299f08741fb74f6e4c7 server envoy cache-control public, max-age=600 etag W/"189-axgSYlvFM4VTVDgEty/73bGVKWo" content-type text/html; charset=utf-8 x-envoy-upstream-service-time 2 x-datadome-timer (null),VE419 fastly-original-body-size 277 accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 varnish age 151 x-served-by cache-hhn4042-HHN x-cache HIT x-cache-hits 3 vary Accept-Encoding x-api-version F-X content-length 277
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	212 B 543 B	190ms 123ms	XHR application/json	2a04:4e42:400::714 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nytimes.com&domain=nytimes.com&path=%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html Requested by Host: static.chartbeat.com URL: https://static.chartbeat.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 31daa976e01de01eefac1f45f95c8f9821d0b1fadce389c63c325fae59c34dd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip x-cache-hits 0 fastly-original-body-size 166 age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 166 x-served-by cache-mxp6922-MXP access-control-allow-origin * x-timer S1648321091.450633,VS0,VE104 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json via 1.1 varnish (Varnish/6.0), 1.1 varnish cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Thu, 24 Mar 2022 18:58:11 GMT
GET H2	200	pubads_impl_2022031601.js Show response securepubads.g.doubleclick.net/gpt/	365 KB 124 KB	9ms 8ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:06:41 GMT content-encoding gzip x-content-type-options nosniff age 3090 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126823 x-xss-protection 0 last-modified Wed, 16 Mar 2022 08:34:12 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 26 Mar 2023 18:06:41 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	1 KB 374 B	39ms 19ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 92fe78449b2ce5358354322dff1de1f518551b8192cbf0ccff2839b058b28df9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 349 x-xss-protection 0 expires Sat, 26 Mar 2022 18:58:11 GMT
GET H2	200	vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-926c57e949e66fb279f2.js Show response www.nytimes.com/vi-assets/static-assets/	44 KB 15 KB	22ms 21ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-926c57e949e66fb279f2.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash f19559e3da165133d431a451f98b259b56ea6fd43bab5a9de1faae3e5632ac4d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 856771 x-guploader-uploadid ADPycdtUYyzwRQ4NVQkxrreSjw_XbrqmUuQSBA1Z4QxBq6ul1gIlc-LlS7Op9Ba70eo6Rkwa4QeX2bFXTmlwiFDBzFSKqZisbQ x-goog-stored-content-encoding identity x-origin-time 2022-03-16 20:58:40 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.466305,VS0,VE1 etag "baebe33eabc4cdac68b9c9d209f84fee" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-926c57e949e66fb279f2.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 36990 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 14131 last-modified Wed, 16 Mar 2022 20:44:22 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=HERBbA==, md5=uuvjPqvEzaxoucnSCfhP7g== x-goog-generation 1647463462508570 expires Thu, 16 Mar 2023 20:58:40 GMT x-gdpr 1 x-goog-stored-content-length 45454 accept-ranges bytes
GET H2	200	vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js Show response www.nytimes.com/vi-assets/static-assets/	67 KB 14 KB	22ms 22ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 3f04d7f68e9e8dedbae97d68b155a08b274f012a5a25edcd6542e199fe8cfb22 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 2222270 x-guploader-uploadid ADPycdtpfELaQQhRpjjxELa7dxe9HQvsM102446YthPvMmbb1IsGCX9az3lePrVjF492OuW7BbnBUH-jIjhNs5B17nYYbVdHjg x-goog-stored-content-encoding identity x-origin-time 2022-03-01 01:40:21 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.466396,VS0,VE1 etag "46159ad0cb7de89c83fc59e9dc0d61f9" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~programmables~9b4c8899-63fae270cdc293f255ba.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 28683 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 13291 last-modified Tue, 01 Mar 2022 00:34:04 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=goxv5A==, md5=RhWa0Mt96JyD/Fnp3A1h+Q== x-goog-generation 1646094844168914 expires Wed, 01 Mar 2023 01:40:21 GMT x-gdpr 1 x-goog-stored-content-length 68853 accept-ranges bytes
GET H2	200	vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js Show response www.nytimes.com/vi-assets/static-assets/	21 KB 6 KB	23ms 23ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 4e55c0642be0437add0b959376426d253f199419216659e073dfb788d66a1f79 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 1623030 x-guploader-uploadid ADPycduMJaUvEYSL4iUKGDHklUYlZEYHNGQQc9B_cRdZhjTuM_ATJh2Lfl6IQYVJSPvEbXkmjoZ7NIsYr9pvpLqkB3s x-goog-stored-content-encoding identity x-origin-time 2022-03-08 00:07:41 UTC x-served-by cache-hhn4042-HHN x-timer S1648321091.466882,VS0,VE1 etag "e4469edf0dfca6f7845a13a7b325dd05" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cab52b91be3068d32659.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 30772 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 5012 last-modified Mon, 07 Mar 2022 23:19:37 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=uxXxow==, md5=5Eae3w38pveEWhOnsyXdBQ== x-goog-generation 1646695177126369 expires Wed, 08 Mar 2023 00:07:41 GMT x-gdpr 1 x-goog-stored-content-length 21996 accept-ranges bytes
GET H2	200	index.js Show response myaccount.nytimes.com/lire_ui/js/common/abra/ Frame EE87	2 KB 2 KB	26ms 26ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js Requested by Host: myaccount.nytimes.com URL: https://myaccount.nytimes.com/auth/prefetch-assets Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software envoy / Resource Hash 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://myaccount.nytimes.com/auth/prefetch-assets User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip fastly-original-body-size 1252 x-api-version F-X age 424 x-cache HIT x-envoy-upstream-service-time 8 content-length 1252 x-served-by cache-hhn4042-HHN expires Sat, 26 Mar 2022 17:51:05 GMT server envoy etag "Eux5Gg" content-type application/javascript via 1.1 varnish x-cloud-trace-context 55cdaba5095d0895be3526fbf2665648 cache-control public, max-age=600 x-datadome-timer (null),VE688 accept-ranges bytes x-nyt-backend lire-ui x-cache-hits 2
GET H2	200	unified-lire.bundle.js Show response myaccount.nytimes.com/lire_ui/js/ Frame EE87	410 KB 139 KB	28ms 27ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=5190f6b Requested by Host: myaccount.nytimes.com URL: https://myaccount.nytimes.com/auth/prefetch-assets Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software envoy / Resource Hash e00e4aa270bcdab5c0083257519e64652bc2272bd36d2ebd45c9b83e03a862b5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://myaccount.nytimes.com/auth/prefetch-assets User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip x-api-version F-X age 395 x-cache HIT x-envoy-upstream-service-time 151 content-length 141677 x-served-by cache-hhn4042-HHN expires Fri, 18 Mar 2022 00:49:03 GMT server envoy etag "Eux5Gg" content-type application/javascript via 1.1 varnish x-cloud-trace-context 9fab15cad0f3f0a2547cf1a1cfcc3c8d cache-control public, max-age=600 x-datadome-timer (null),VE568 accept-ranges bytes x-nyt-backend lire-ui x-cache-hits 8
POST H2	200	track a.et.nytimes.com/	0 0	107ms 107ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	track a.et.nytimes.com/	0 0	101ms 100ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	track a.et.nytimes.com/	0 0	103ms 102ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	tags.js Show response dd.nytimes.com/	248 KB 46 KB	147ms 27ms	Script text/javascript	143.204.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dd.nytimes.com/tags.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-97.fra50.r.cloudfront.net Software Apache / Resource Hash 9b3260c60f709c88dd4695a0f16d92ea0a3b6438cc4f861cd32426cb2ec5fe9d Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:11:46 GMT content-encoding gzip vary Accept-Encoding age 2785 x-cache Hit from cloudfront content-length 46291 access-control-allow-origin * last-modified Fri, 25 Mar 2022 07:55:35 GMT server Apache etag "3e081-5db0649a113f1-gzip" strict-transport-security max-age=15768000 content-type text/javascript via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) cache-control max-age=3600, public x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id rCKwmqr0FdH6CWBNZPixzVbk5BRNNC5py_Fkmgmr7_lA9XY0-ZGZCw== expires Sat, 26 Mar 2022 19:11:46 GMT
GET H3	200	swg-button.css news.google.com/swg/js/v1/	21 KB 21 KB	28ms 8ms	Stylesheet text/css	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/swg-button.css Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:40:58 GMT x-content-type-options nosniff age 1033 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21972 x-xss-protection 0 last-modified Wed, 12 Jan 2022 22:09:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 19:30:58 GMT
GET H3	200	loader.svg news.google.com/swg/js/v1/	0 1 KB	22ms 13ms	Other image/svg+xml	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/loader.svg Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:09:55 GMT content-encoding gzip x-content-type-options nosniff age 2896 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1049 x-xss-protection 0 last-modified Mon, 16 Mar 2020 18:14:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type image/svg+xml cache-control public, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 18:59:55 GMT
GET H3	200	serviceiframe Show response news.google.com/swg/_/ui/v1/ Frame 786B	24 KB 8 KB	83ms 77ms	Document text/html	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/_/ui/v1/serviceiframe?_=457866&publicationId=nytimes.com Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 68d208c0a5af7247773766ca5f9f5b1b92df2ba9da78946059195d44cf25a055 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-7Sn/Uazuhd7+UgarcDwTTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-7Sn/Uazuhd7+UgarcDwTTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers content-type text/html; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-ua-compatible IE=edge cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 26 Mar 2022 18:58:11 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." strict-transport-security max-age=31536000 content-security-policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-7Sn/Uazuhd7+UgarcDwTTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-7Sn/Uazuhd7+UgarcDwTTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport cross-origin-resource-policy same-site content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	entitlements Show response news.google.com/swg/_/api/v1/publication/nytimes.com/	2 B 58 B	94ms 91ms	Fetch application/json	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept text/plain, application/json Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:11 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-disposition attachment; filename="json.txt"; filename*=UTF-8''json.txt alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="SubscribewithgoogleClientHttp" x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 access-control-allow-methods GET, POST content-type application/json; charset=utf-8 access-control-allow-origin https://www.nytimes.com vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	v2 samizdat-graphql.nytimes.com/graphql/ Frame	0 0	7ms 7ms	Preflight	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,nyt-app-type,nyt-app-version,nyt-token Origin https://www.nytimes.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers x-cloud-trace-context cf88c0e797d889dff74e340f78308a7d/14451620971474925858 access-control-allow-origin https://www.nytimes.com access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-headers content-type,nyt-app-type,nyt-app-version,nyt-token access-control-max-age 300 access-control-expose-headers x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset via 1.1 google, 1.1 varnish accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT age 440 x-nyt-meridiem PM x-nyt-continent EU x-nyt-country DE x-nyt-region TH x-nyt-audience-target-flat EU:PM x-samizdat-query-exe-id 8b86fb4e01f694af x-samizdat-query-field-errors 0 x-served-by cache-hhn4031-HHN x-cache HIT x-cache-hits 51 x-timer S1648321092.788849,VS0,VE0 vary Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method timing-allow-origin * content-length 0
OPTIONS H2	200	v2 samizdat-graphql.nytimes.com/graphql/ Frame	0 0	8ms 8ms	Preflight	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,nyt-app-type,nyt-app-version,nyt-token Origin https://www.nytimes.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers x-cloud-trace-context cf88c0e797d889dff74e340f78308a7d/14451620971474925858 access-control-allow-origin https://www.nytimes.com access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-headers content-type,nyt-app-type,nyt-app-version,nyt-token access-control-max-age 300 access-control-expose-headers x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset via 1.1 google, 1.1 varnish accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT age 440 x-nyt-meridiem PM x-nyt-continent EU x-nyt-country DE x-nyt-region TH x-nyt-audience-target-flat EU:PM x-samizdat-query-exe-id a20c2ad056d2a2c6 x-samizdat-query-field-errors 0 x-served-by cache-hhn4031-HHN x-cache HIT x-cache-hits 52 x-timer S1648321092.878975,VS0,VE0 vary Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method timing-allow-origin * content-length 0
OPTIONS H2	200	v2 samizdat-graphql.nytimes.com/graphql/ Frame	0 0	9ms 9ms	Preflight	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,nyt-app-type,nyt-app-version,nyt-token Origin https://www.nytimes.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers x-cloud-trace-context cf88c0e797d889dff74e340f78308a7d/14451620971474925858 access-control-allow-origin https://www.nytimes.com access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-headers content-type,nyt-app-type,nyt-app-version,nyt-token access-control-max-age 300 access-control-expose-headers x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset via 1.1 google, 1.1 varnish accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT age 440 x-nyt-meridiem PM x-nyt-continent EU x-nyt-country DE x-nyt-region TH x-nyt-audience-target-flat EU:PM x-samizdat-query-exe-id b19c28f8e4f34ec6 x-samizdat-query-field-errors 0 x-served-by cache-hhn4031-HHN x-cache HIT x-cache-hits 53 x-timer S1648321092.905348,VS0,VE0 vary Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method timing-allow-origin * content-length 0
OPTIONS H2	200	v2 samizdat-graphql.nytimes.com/graphql/ Frame	0 0	7ms 7ms	Preflight	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,nyt-app-type,nyt-app-version,nyt-token Origin https://www.nytimes.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers x-cloud-trace-context cf88c0e797d889dff74e340f78308a7d/14451620971474925858 access-control-allow-origin https://www.nytimes.com access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-headers content-type,nyt-app-type,nyt-app-version,nyt-token access-control-max-age 300 access-control-expose-headers x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset via 1.1 google, 1.1 varnish accept-ranges bytes date Sat, 26 Mar 2022 18:58:11 GMT age 440 x-nyt-meridiem PM x-nyt-continent EU x-nyt-country DE x-nyt-region TH x-nyt-audience-target-flat EU:PM x-samizdat-query-exe-id 9a8d2e12e28b58f8 x-samizdat-query-field-errors 0 x-served-by cache-hhn4031-HHN x-cache HIT x-cache-hits 54 x-timer S1648321092.919613,VS0,VE1 vary Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method timing-allow-origin * content-length 0
POST H2	200	v2 Show response samizdat-graphql.nytimes.com/graphql/	105 B 929 B	214ms 214ms	XHR application/json	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software samizdat-graphql-3e5a319 / Resource Hash 62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33 Request headers nyt-token MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 nyt-app-type project-vi content-type application/json accept */* Referer https://www.nytimes.com/ nyt-app-version 0.0.5 Response headers x-samizdat-query-sup-code date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 google, 1.1 varnish x-nyt-meridiem PM x-b3-traceid 6b6732b35c1e7abd-45ef1e1d6d273b1c-1 access-control-allow-origin https://www.nytimes.com access-control-expose-headers x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset x-cache MISS x-cloud-trace-context cd3d3f500d009ab052596699a3644478/2704918889448503187;o=1 samizdat-x-instance 4c9b9a3b x-samizdat-query-field-errors 0 x-samizdat-query-exe-id 7dd35aeaab4e1cc2 content-length 105 samizdat-x-canary false x-graphiti-gateway a7293694 last-modified Sat, 26 Mar 2022 18:58:11 GMT server samizdat-graphql-3e5a319 x-timer S1648321092.799094,VS0,VE205 x-nyt-continent EU x-served-by cache-hhn4042-HHN vary Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin content-type application/json; charset=utf-8 x-nyt-region TH x-nyt-audience-target-flat EU:PM cache-control private, no-store access-control-allow-credentials true x-nyt-country DE x-datadog-trace-id 6b6732b35c1e7abd-45ef1e1d6d273b1c-1 accept-ranges bytes timing-allow-origin * x-cache-hits 0
GET H2	200	meter.js Show response meter-svc.nytimes.com/	649 B 1 KB	236ms 179ms	XHR application/json	35.241.35.241 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&pageviewID=Ulm6heq8JDQRbcCwMBcQ-znw Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 241.35.241.35.bc.googleusercontent.com Software / Resource Hash ec292a7166a9e8c956221c922fde1594b8310bfcb4a83c7df667964d9c11d139 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 google access-control-allow-headers DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, * vary Accept-Encoding access-control-allow-methods GET, POST, PUT, OPTIONS content-type application/json access-control-allow-origin https://www.nytimes.com access-control-expose-headers Set-Cookie cache-control private, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true alt-svc clear content-length 649
POST H2	200	v2 Show response samizdat-graphql.nytimes.com/graphql/	63 B 282 B	130ms 129ms	XHR application/json	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software samizdat-graphql-3e5a319 / Resource Hash de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9 Request headers nyt-token MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 nyt-app-type project-vi content-type application/json accept */* Referer https://www.nytimes.com/ nyt-app-version 0.0.5 Response headers x-nyt-meridiem PM x-b3-traceid 3a5a2d7d9d61e11a-2e50e42ff399f954-1 age 0 x-nyt-audience-target-flat EU:PM x-samizdat-query-field-errors 0 x-samizdat-query-exe-id c545dc34504d375e samizdat-x-canary false x-graphiti-gateway a7293694 x-nyt-country DE x-timer S1648321092.887905,VS0,VE123 x-nyt-continent EU vary Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin content-type application/json; charset=utf-8 x-nyt-region TH x-cloud-trace-context 5933f51e90612cd5b8048bb1511371bc/11747800584534946589;o=1 cache-control max-age=30, public x-cache-hits 0 x-samizdat-query-sup-code date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 google, 1.1 varnish access-control-allow-origin https://www.nytimes.com x-cache MISS samizdat-x-instance 34347162 content-length 63 last-modified Sat, 26 Mar 2022 18:58:11 GMT server samizdat-graphql-3e5a319 x-served-by cache-hhn4042-HHN access-control-allow-credentials true x-datadog-trace-id 3a5a2d7d9d61e11a-2e50e42ff399f954-1 accept-ranges bytes timing-allow-origin * access-control-expose-headers x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
POST H2	200	v2 Show response samizdat-graphql.nytimes.com/graphql/	42 KB 7 KB	687ms 687ms	XHR application/json	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software samizdat-graphql-3e5a319 / Resource Hash 535c39460e65b11a9312db5800cfe07f149d05b32b022e4ef240c108b37f1754 Request headers nyt-token MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 nyt-app-type project-vi content-type application/json accept */* Referer https://www.nytimes.com/ nyt-app-version 0.0.5 Response headers x-samizdat-query-sup-code date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-nyt-meridiem PM x-b3-traceid 23de7ea0f2cb99fe-eb1d1bb05df8564-1 access-control-allow-origin https://www.nytimes.com access-control-expose-headers x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset x-cache MISS x-cloud-trace-context ff80da19b97fbc250101ecb114b41d9e/15841546294326367203;o=1 samizdat-x-instance 20d103f0 x-samizdat-query-field-errors 0 x-samizdat-query-exe-id e6e89355eb481ea2 samizdat-x-canary false x-nyt-continent EU x-graphiti-gateway a7293694 last-modified Sat, 26 Mar 2022 18:58:12 GMT server samizdat-graphql-3e5a319 x-timer S1648321092.912908,VS0,VE679 x-nyt-region TH x-served-by cache-hhn4042-HHN vary Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin content-type application/json; charset=utf-8 via 1.1 google, 1.1 varnish x-nyt-audience-target-flat EU:PM cache-control private, no-store access-control-allow-credentials true x-nyt-country DE x-datadog-trace-id 23de7ea0f2cb99fe-eb1d1bb05df8564-1 accept-ranges bytes timing-allow-origin * x-cache-hits 0
GET H2	200	comments-b37d124185bfdfdbad03.js Show response www.nytimes.com/vi-assets/static-assets/	50 KB 16 KB	11ms 11ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/comments-b37d124185bfdfdbad03.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 7d65862232e8c0b0c0f3864375f6f2b83699941f38f24ae4c37769fd727788d7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 961460 x-guploader-uploadid ADPycdsrP7nHkMWtUf8onLvd0YVtKAYhEKRuCNTtrHzVGwbyEbK0M7SDjyWE2pIhKck8WBwNrejkVl_-THWWel4-cYYVCv5HAw x-goog-stored-content-encoding identity x-origin-time 2022-03-15 15:53:51 UTC x-served-by cache-hhn4042-HHN x-timer S1648321092.906384,VS0,VE1 etag "59a72e407ee51631c89ef65e9e45a07d" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-b37d124185bfdfdbad03.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 29475 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 14835 last-modified Tue, 15 Mar 2022 15:53:10 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=oOxtuQ==, md5=WacuQH7lFjHInvZenkWgfQ== x-goog-generation 1647359590048152 expires Wed, 15 Mar 2023 15:53:51 GMT x-gdpr 1 x-goog-stored-content-length 50781 accept-ranges bytes
POST H2	200	v2 Show response samizdat-graphql.nytimes.com/graphql/	124 B 948 B	8ms 8ms	XHR application/json	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://samizdat-graphql.nytimes.com/graphql/v2 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software samizdat-graphql-3e5a319 / Resource Hash f20e8b3bf22a3042f9598ef6327344c65bfeaf07e13e27aace075563e619dbb3 Request headers nyt-token MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 nyt-app-type project-vi content-type application/json accept */* Referer https://www.nytimes.com/ nyt-app-version 0.0.5 Response headers x-nyt-meridiem PM x-b3-traceid 38a403422611586c-57890b5f1c1294c4-1 age 41 x-nyt-audience-target-flat EU:PM x-samizdat-query-field-errors 0 x-samizdat-query-exe-id c998a7adc20f2cf8 samizdat-x-canary false x-graphiti-gateway a7293694 x-nyt-country DE x-timer S1648321092.928255,VS0,VE1 x-nyt-continent EU vary Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin content-type application/json; charset=utf-8 x-nyt-region TH x-cloud-trace-context bf27d76490190b7d5d02c990afcfc9dc/16873589747293474536;o=1 cache-control max-age=30, public x-cache-hits 1 x-samizdat-query-sup-code date Sat, 26 Mar 2022 18:58:11 GMT via 1.1 google, 1.1 varnish access-control-allow-origin https://www.nytimes.com x-cache HIT samizdat-x-instance 4691ea08 content-length 124 last-modified Sat, 26 Mar 2022 18:57:29 GMT server samizdat-graphql-3e5a319 x-served-by cache-hhn4042-HHN access-control-allow-credentials true x-datadog-trace-id 38a403422611586c-57890b5f1c1294c4-1 accept-ranges bytes timing-allow-origin * access-control-expose-headers x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
GET H2	200	purr-cache purr.nytimes.com/v1/	0 0	168ms 113ms	Fetch text/html	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://purr.nytimes.com/v1/purr-cache Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT server Google Frontend vary Origin content-type text/html access-control-allow-origin https://www.nytimes.com x-cloud-trace-context a3c964a8147766ad5fee202548835059 cache-control private access-control-allow-credentials true content-length 0 expires Sat, 26 Mar 2022 18:58:12 GMT
GET H2	200	data-layer Show response a.nytimes.com/svc/nyt/	2 KB 2 KB	308ms 224ms	XHR application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&jkcb=1648321091918 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 348a8b3448fc09c1c2fb377e8a958b9b86428d6f8a8972111c9426dfb04ed32c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-appengine-log-flush-count 0 server Google Frontend vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://www.nytimes.com x-cloud-trace-context d05cbcab8080f3f17e5790751457ed64 cache-control private access-control-allow-credentials true access-control-allow-headers Content-Type, x-requested-by, * content-length 835 expires Sat, 26 Mar 2022 18:58:12 GMT
GET H2	200	clientSideCapsule-e7b23aaf19c13515d55d.js Show response www.nytimes.com/vi-assets/static-assets/	433 KB 105 KB	10ms 10ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-e7b23aaf19c13515d55d.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash d6c4b0c8a4224e8d8117c56a58b94d6f8a29a966d65ec3799ba1dd622dad983d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-encoding gzip age 188177 x-guploader-uploadid ADPycdsqE-aIDHhd8QP7vnPWNwXDSMM_j6soGYCFQuUN1EpBPdtvm2X626e5LwjK_Md25zXYQwrnWAPU-jad_ElYzkjcHZziOQ x-goog-stored-content-encoding identity x-origin-time 2022-03-24 14:41:54 UTC x-served-by cache-hhn4042-HHN x-timer S1648321092.935493,VS0,VE1 etag "b9b7f65225013f9880f42f56d5aa2d24" vary Accept-Encoding, Fastly-SSL onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-e7b23aaf19c13515d55d.js content-type application/javascript cache-control public,max-age=31536000 x-nyt-app-webview 0 x-nyt-route vi-assets x-nyt-edge-cache HIT x-cache-hits 5819 date Sat, 26 Mar 2022 18:58:11 GMT x-api-version F-X x-cache HIT x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 content-length 106597 last-modified Thu, 24 Mar 2022 14:16:36 GMT server UploadServer strict-transport-security max-age=63072000; preload; includeSubdomains x-goog-hash crc32c=0o6Ymw==, md5=ubf2UiUBP5iA9C9W1aotJA== x-goog-generation 1648131396442275 expires Fri, 24 Mar 2023 14:41:54 GMT x-gdpr 1 x-goog-stored-content-length 443324 accept-ranges bytes
POST H3	204	cspreport news.google.com/_/SubscribewithgoogleClientUi/ Frame 786B	0 25 B	63ms 62ms	Other text/html	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/_/SubscribewithgoogleClientUi/cspreport Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-GF6I87ZEaffZK0ScgnLYCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-GF6I87ZEaffZK0ScgnLYCg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://news.google.com/swg/_/ui/v1/serviceiframe?_=457866&publicationId=nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/csp-report Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF x-frame-options SAMEORIGIN date Sat, 26 Mar 2022 18:58:12 GMT vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-GF6I87ZEaffZK0ScgnLYCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-GF6I87ZEaffZK0ScgnLYCg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="SubscribewithgoogleClientUi" expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	track a.et.nytimes.com/	0 0	123ms 123ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	track a.et.nytimes.com/	0 0	102ms 102ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	362ms 17ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	366ms 19ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	86 KB 20 KB	193ms 193ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3428909720672084&correlator=1291090133662305&eid=31064686%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=4262024170&sfv=1-0-38&ecs=20220326&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D949&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-23.442374118844185386_20220326185811%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1648320301721%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dnewjersey%26des%3Dlotteries%26auth%3Dliamstack%26coll%3Dnewyork%252Cusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000006402132%26pt%3Dnt1%252Cnt11%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt5%252Cnt9%252Cpt17%26gscat%3Dneg_mastercard%252Cgs_entertain%252Cneg_bp%252Cgs_entertain_gambling%252Cgs_event_music_festival%252Cgs_business%252Cgs_tech%252Cgv_safe%252Cgs_t%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_disp_incr_1_test%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3DUlm6heq8JDQRbcCwMBcQ-znw%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DDzjonKwtkvV-kDjV7VseHi&sc=1&cookie_enabled=1&abxe=1&dt=1648321092170&lmt=1648320301&dlt=1648321091193&idt=935&biw=1600&bih=1200&adxs=0&adys=76&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1420176414.1648321092&ga_sid=1648321092&ga_hid=2072578483&ga_fc=false&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash c09b9f7e52614b43e0c05763d773a462f8350490cbbeeee2b2f3c78f9f0f6958 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20392 x-xss-protection 0 google-lineitem-id 5909372040 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138380571220 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.nytimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	431 B 255 B	50ms 50ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3428909720672084&correlator=1291090133662305&eid=31064686%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cnyregion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&ifi=2&adks=2023797970&sfv=1-0-38&ecs=20220326&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D952&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-23.442374118844185386_20220326185811%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1648320301721%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dnewjersey%26des%3Dlotteries%26auth%3Dliamstack%26coll%3Dnewyork%252Cusnews%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dnyregion%26si_section%3Dnyregion%26id%3D100000006402132%26pt%3Dnt1%252Cnt11%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt5%252Cnt9%252Cpt17%26gscat%3Dneg_mastercard%252Cgs_entertain%252Cneg_bp%252Cgs_entertain_gambling%252Cgs_event_music_festival%252Cgs_business%252Cgs_tech%252Cgv_safe%252Cgs_t%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_disp_incr_1_test%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3DUlm6heq8JDQRbcCwMBcQ-znw%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DDzjonKwtkvV-kDjV7VseHi&sc=1&cookie_enabled=1&abxe=1&dt=1648321092177&lmt=1648320301&dlt=1648321091193&idt=935&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1420176414.1648321092&ga_sid=1648321092&ga_hid=2072578483&ga_fc=false&btvi=-1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 1cef0b64cb964c061add482e1011bd0576d9041f7149b80e777e914d7ead7c28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.nytimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4787	6 KB 4 KB	86ms 15ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 26 Mar 2022 18:58:12 GMT expires Sun, 26 Mar 2023 18:58:12 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response mwcm.nytimes.com/capi/metered_assets/	65 KB 15 KB	510ms 489ms	Fetch application/json	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=truncator&areas=gateway Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 626668459a40501ac681ac6134b1df7ce6eb9f5ecb3e3f5b1b8763ff5ea84463 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip access-control-allow-origin https://www.nytimes.com x-cache MISS x-served-by cache-hhn4042-HHN server Google Frontend x-cmots-campaign-names {"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"} x-timer S1648321092.293991,VS0,VE480 vary x-nyt-user-status, x-nyt-country, x-nyt-cmots-purr-ad-conf, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type application/json; charset=utf-8 via 1.1 varnish x-cloud-trace-context 5dbf6c1c86131c781403a5211e54ff1d cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true x-nyt-route mwcm-muassets accept-ranges bytes access-control-allow-headers Content-Type, x-requested-by, * x-cache-hits 0
POST H2	200	/ Show response dd.nytimes.com/js/	232 B 564 B	82ms 29ms	XHR application/json	143.204.98.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dd.nytimes.com/js/ Requested by Host: dd.nytimes.com URL: https://dd.nytimes.com/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-97.fra50.r.cloudfront.net Software DataDome / Resource Hash 365aec2219469997f0cf85e71838fde2a4f6414132774d9e85f7c65107b01750 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront) server DataDome x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 232 x-amz-cf-id Ll5HUrzF8AIP_rmm2qXdeCKy0YFo8oEg36hytPTYoSULS6dxR4j0gg== expires 0
POST H2	200	track a.et.nytimes.com/	0 0	4395ms 4394ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	swg-button.css news.google.com/swg/js/v1/ Frame 786B	21 KB 21 KB	7ms 7ms	Stylesheet text/css	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/swg-button.css Requested by Host: news.google.com URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=457866&publicationId=nytimes.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:40:58 GMT x-content-type-options nosniff age 1034 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21972 x-xss-protection 0 last-modified Wed, 12 Jan 2022 22:09:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 19:30:58 GMT
GET H2	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 786B	161 KB 57 KB	30ms 8ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Requested by Host: news.google.com URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=457866&publicationId=nytimes.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c2564bf548843800f23f96aa51576084459800632ac06f4597a504260b18b35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 19:05:07 GMT content-encoding gzip x-content-type-options nosniff age 85985 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57735 x-xss-protection 0 last-modified Fri, 25 Mar 2022 01:51:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 25 Mar 2023 19:05:07 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 3206 date Sat, 26 Mar 2022 18:04:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 26 Mar 2022 20:04:46 GMT
GET H3	200	activityi;dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fn... Show response 5290727.fls.doubleclick.net/ Frame 20EA Redirect Chain https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2... https://5290727.fls.doubleclick.net/activityi;dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2F...	560 B 406 B	48ms 30ms	Document text/html	142.250.185.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5290727.fls.doubleclick.net/activityi;dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f6.1e100.net Software cafe / Resource Hash 73b7e19d5e1f78d3aebaa8c3b90766e978851a3883b29d15f8e166bbc69cd161 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sat, 26 Mar 2022 18:58:12 GMT expires Sat, 26 Mar 2022 18:58:12 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 381 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sat, 26 Mar 2022 18:58:12 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://5290727.fls.doubleclick.net/activityi;dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	36 KB 14 KB	9ms 9ms	Script application/x-javascript	2600:9000:223c:bc00:18:1fcd:34f:cdc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:bc00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:21:09 GMT content-encoding gzip last-modified Thu, 10 Mar 2022 04:15:35 GMT server nginx age 2223 etag W/"62297b67-8e96" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA56-P2 x-amz-cf-id ODrgs_ejbc_eT4ZTiyYC-b369INROwwCboLYxOHqBH002SRjdlZ-DA== expires Sat, 26 Mar 2022 20:21:09 GMT
GET H2	200	show-ads.js Show response a1.nyt.com/analytics/	45 B 718 B	29ms 7ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://a1.nyt.com/analytics/show-ads.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A== date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip content-type application/javascript age 54044 x-guploader-uploadid ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ x-cache HIT x-goog-storage-class REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 65 via 1.1 varnish x-served-by cache-hhn4042-HHN accept-ranges bytes expires Mon, 23 Aug 2021 07:13:52 GMT last-modified Thu, 17 Dec 2020 21:19:35 GMT server UploadServer x-timer S1648321093.583141,VS0,VE0 etag "1d291da792456bd015b664ee1119a5e0" vary Accept-Encoding access-control-allow-methods GET, OPTIONS x-goog-generation 1608239975905841 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=86400 x-goog-stored-content-length 45 x-nyt-pagetype nyt-dti-analytic timing-allow-origin * x-cache-hits 5720
POST H2	200	track a.et.nytimes.com/	0 0	108ms 108ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 261 B	114ms 35ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1382135533 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	container.html Show response dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 399F	6 KB 3 KB	19ms 16ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 26 Mar 2022 18:58:12 GMT expires Sun, 26 Mar 2023 18:58:12 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 786B	15 KB 16 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: news.google.com URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=457866&publicationId=nytimes.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://news.google.com/ Origin https://news.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 22 Mar 2022 11:18:05 GMT x-content-type-options nosniff age 373207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 22 Mar 2023 11:18:05 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	31ms 14ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2072578483&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&dr=&ul=en-us&de=UTF-8&dt=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1320267158&gjid=1339784765&cid=1420176414.1648321092&tid=UA-58630905-2&_gid=287604103.1648321093&_r=1&gtm=2wg3e0P528B3&cg1=nyregion&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd3=&cd4=New%20York&cd9=9&cd10=null&cd13=null&cd14=metro_desk&cd15=earned&cd16=referring_links&cd17=100000006402132&cd18=LIAM%20STACK&cd19=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&cd20=&cd21=Article&cd23=New%20York&cd26=2019&cd27=2019-03-08-22&cd28=Friday&cd29=22&cd30=1552195663000&cd32=New%20York%2CU.S.%20News&cd33=SECTION&cd34=NEWS&cd36=08xp-lottery&cd37=837&cd38=Express&cd42=nyt-vi&cd43=Lotteries&cd46=New%20Jersey&cd48=March&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Express&cd54=metro_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=DzjonKwtkvV-kDjV7VseHi&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=DzjonKwtkvV-kDjV7VseHi&z=584935702 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.nytimes.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ping pnytimes.chartbeat.net/	43 B 201 B	397ms 100ms	Image image/gif	52.206.107.56 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&u=CFqBrkBEH374B5otYk&d=nytimes.com&g=16698&g0=nyregion%2Cmetro_desk&g1=LIAM%20STACK&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1529&t=BFmQIKCaqGU3Bv1P0lBKc303cXUnE&V=129&i=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&tz=0&_acct=anon&sn=1&sv=BNd669CmxBZkDX_3ESDPGeuQDjHMqp&sd=1&im=06679ff3&_ Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.107.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-107-56.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif content-length 43 expires 0
GET H2	200	css fonts.googleapis.com/ Frame 399F	7 KB 1 KB	43ms 17ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9c113320c2d84263ae9305df3d86529fcb0a8df6d834be835735deccc9357869 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 26 Mar 2022 18:16:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 26 Mar 2022 18:58:12 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 26 Mar 2022 18:58:12 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 399F	22 KB 7 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 14:30:35 GMT content-encoding gzip x-content-type-options nosniff age 102457 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7022 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 25 Mar 2023 14:30:35 GMT
GET H2	200	css fonts.googleapis.com/ Frame 399F	6 KB 769 B	43ms 18ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&lang=de Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5137204503a6bb4a83d9f4e415d18e526a3a453e26d4d0f358c39fa18598e34c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 26 Mar 2022 18:58:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 26 Mar 2022 18:58:12 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 26 Mar 2022 18:58:12 GMT
GET H2	200	10396418370842495583 tpc.googlesyndication.com/simgad/ Frame 399F	6 KB 6 KB	33ms 8ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10396418370842495583? Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68d7d28d6a05a851cc7af731a1a25ba0a3bc2dbb9a136c475db5c4969eed384c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 21 Mar 2022 11:00:32 GMT x-content-type-options nosniff age 460660 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6083 x-xss-protection 0 last-modified Fri, 17 Aug 2018 16:14:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 21 Mar 2023 11:00:32 GMT
GET H2	200	3283352760089767256 tpc.googlesyndication.com/simgad/ Frame 399F	260 KB 260 KB	36ms 11ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3283352760089767256? Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a51a7750ffb93e6128a8df4a00722d39b406719f795924391e6286230d88055e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 22 Mar 2022 15:11:54 GMT x-content-type-options nosniff age 359178 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 266461 x-xss-protection 0 last-modified Mon, 31 Jan 2022 16:52:15 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 22 Mar 2023 15:11:54 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 399F	119 KB 37 KB	64ms 27ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36904 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1648035241783118" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 18:58:12 GMT
GET H3	200	m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.23U0XnXlwdg.L.B1... Frame 786B	130 KB 44 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.23U0XnXlwdg.L.B1.O/am=GAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7O1zYJyZEii0fD2hgA10naKfJKmg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2e74657de71e808ae265c4d368bfacbcf600b0c410a82e6c261541f8df4874d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 19:07:26 GMT content-encoding gzip x-content-type-options nosniff age 85846 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44987 x-xss-protection 0 last-modified Fri, 25 Mar 2022 01:51:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 25 Mar 2023 19:07:26 GMT
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.23U0XnXlwdg.L.B1... Frame 786B	17 KB 7 KB	17ms 6ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.23U0XnXlwdg.L.B1.O/am=GAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7O1zYJyZEii0fD2hgA10naKfJKmg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 976e4df2d0e7ce6ed9a136095f895c514fbef9b7ebad60687e427bd0abe3b112 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 19:07:26 GMT content-encoding gzip x-content-type-options nosniff age 85846 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7283 x-xss-protection 0 last-modified Fri, 25 Mar 2022 01:51:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 25 Mar 2023 19:07:26 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 399F	0 0	43ms 43ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukQvh2FJPDaxHPh_J-U3pguZZQ_vIDrz9fkDYcBcr8zYAOeLN23zs7IRSe9ZiEMm0Ig_cYk7oPRCzILcMCmfxXeX11MwbrgPf52SOiBsW9yC5g6a0ZlVqNOVXWdbIh4LYDH5YItvyc6QsyTA9PoHTigEA52FdRMcLDBZvjzdoGm50Q_sosipqPxa0hG9_YojLyrYV2xdQie3Nen2q_tVZE_nqckSJY_jsNmXGzk-vVYgAfx6-WAUfyuJulJFdtpsKhjz0tmQV4Vf2bmx_EZ1t0WU6umPOLQa-pb7AtpIJN48pX-ZfJcetO6eiMY7NVmqQy0gMnBc9iOphNbKs&sai=AMfl-YSn44XOEQAsBoU_7OQlaoz3A--m5ydnJewi9oxNwA9lCUFQ6Z58wjuNNDhm4-41PYp3v_DD-bDESoPHZ3aekQZZbUXYwOYlS4YHlACzNFadvj-D0zgP-BM5vkkuuw&sig=Cg0ArKJSzN0v1__Duwb9EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 18:58:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Sat, 26 Mar 2022 18:58:12 GMT
GET H3	200	B27199400.327605816;dc_pre=CJrW08m65PYCFe6GdwodSV4AdA;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame 399F Redirect Chain https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatme... https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CJrW08m65PYCFe6GdwodSV4AdA;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rd...	14 KB 11 KB	38ms 38ms	Script text/javascript	142.250.185.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CJrW08m65PYCFe6GdwodSV4AdA;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=? Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f6.1e100.net Software cafe / Resource Hash 06fe02fc1287acafcd1993ee09472d27dc230abb3b0703c5e924381aa31bc1d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10808 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 location https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CJrW08m65PYCFe6GdwodSV4AdA;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=? cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	log Show response play.google.com/ Frame 786B	131 B 672 B	40ms 17ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://news.google.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://news.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Sat, 26 Mar 2022 18:58:12 GMT
GET H2	200	audio-on.svg static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame 399F	1 KB 1 KB	28ms 7ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/audio-on.svg Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash e44027ee643a87c2b6ee2cbd3e738302be02274940dede3f3aa13d0bd15aae57 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 392922 x-guploader-uploadid ADPycdtx-uFobrenObWKVUXlJ7lY3JY7dimIFrCKzhjONXhxJcJf3yvEK_srJ5z0u_EVDLgVATb6NFrI8drefEMuoq1J3DyBTw x-cache HIT, HIT x-goog-storage-class REGIONAL content-length 591 x-served-by cache-iad-kiad7000104-IAD, cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 11 Mar 2020 20:20:42 GMT server UploadServer x-timer S1648321093.748288,VS0,VE0 etag "346f9807dd0b6feb5e3b3dcb6313c24b" vary Accept-Encoding x-goog-hash crc32c=2lfk7A==, md5=NG+YB90Lb+teOz3LYxPCSw== content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Tue, 01 Mar 2022 05:49:29 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 846, 13
GET H2	200	audio-off.svg static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame 399F	880 B 988 B	29ms 8ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/audio-off.svg Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 19195533133b2d5cf2cc8fc1d489120e453dd814075b3a95a09db6c339c6d1d3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 217830 x-guploader-uploadid ADPycdsAOOUfMNyTGZSu_piyfJio3SyD1fbOl5SmKnBHdBMZXR6g-w-SOF0KdrFNV0NIs0GvfJPEn3p6mVDyIdmNHCE x-cache HIT, HIT x-goog-storage-class REGIONAL content-length 520 x-served-by cache-iad-kjyo7100049-IAD, cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 11 Mar 2020 20:20:43 GMT server UploadServer x-timer S1648321093.748576,VS0,VE0 etag "61f5aa96fb4cd2d84623ea97b5ec005e" vary Accept-Encoding x-goog-hash crc32c=sSTh/w==, md5=YfWqlvtM0thGI+qXtewAXg== content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Tue, 01 Mar 2022 09:04:27 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 2142, 13
GET H2	200	pause.svg static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame 399F	702 B 726 B	28ms 7ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/pause.svg Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash c9fb083529541e219ad17a00cb201b3dba9dabcdcc01eae4eb9ac04b8cb72216 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 135290 x-guploader-uploadid ADPycduwm8-HqsFSDYtiprvWoxaU7B901EwK7nptLF3DCyy63BuYmOfkSmJXhixkTuUCW1ddCFWu83GZzDgXVpKazmaf35uk9g x-cache HIT, HIT x-goog-storage-class REGIONAL content-length 435 x-served-by cache-iad-kiad7000167-IAD, cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 11 Mar 2020 20:20:42 GMT server UploadServer x-timer S1648321093.748145,VS0,VE0 etag "67652da3a119c795c417355d9e1ac31a" vary Accept-Encoding x-goog-hash crc32c=GdvCsQ==, md5=Z2Uto6EZx5XEFzVdnhrDGg== content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Tue, 08 Mar 2022 06:03:43 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 3687, 13
GET H2	200	play.svg static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame 399F	681 B 743 B	28ms 7ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/play.svg Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 8658fc44ca45cf40ee56d54bccb269e8cbca4ad85f1ea1bfbbc5faf127a7dec3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 382653 x-guploader-uploadid ADPycdueAOEGrOtCUggr-AOXGRUxO1eTgjgxfwmmi74hi0sy9qpXGXLtXPnMSgxIClyRMg8ls36VMIa8HeucvFjI4Ko x-cache HIT, HIT x-goog-storage-class REGIONAL content-length 440 x-served-by cache-iad-kiad7000055-IAD, cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 11 Mar 2020 20:20:43 GMT server UploadServer x-timer S1648321093.748481,VS0,VE0 etag "ac79f9cf6aa8bd6f20fc5bc3a629e040" vary Accept-Encoding x-goog-hash crc32c=9xm5Gw==, md5=rHn5z2qovW8g/FvDpingQA== content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Tue, 25 Jan 2022 08:40:38 GMT cache-control max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public accept-ranges bytes timing-allow-origin * x-cache-hits 3911, 1953
GET H3	200	container.html dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 399F	6 KB 6 KB	23ms 8ms	Image text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3108 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/html cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 26 Mar 2023 18:58:12 GMT
GET H2	200	cheltenham-normal-300.woff g1.nyt.com/fonts/family/cheltenham/ Frame 399F	35 KB 35 KB	9ms 8ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09 Request headers Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ Origin https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=b2NKXw==, md5=gst5XYxXu+Nn0P++uojrUw== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish content-type application/octet-stream age 756051 x-guploader-uploadid ADPycdvwkBlAQ6GI11l6l-idbT5q4GvLPZyuk4YunHvyRKSS_QGjl6DfKymtH9LADrqf10ZuzXe3rAJt2Y1YUyGiSH8 x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 35940 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Sat, 18 Mar 2023 00:57:21 GMT last-modified Wed, 15 Sep 2021 19:43:02 GMT server UploadServer x-timer S1648321093.729117,VS0,VE0 etag "82cb795d8c57bbe367d0ffbeba88eb53" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734982644086 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 35940 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 7
GET H2	200	franklin-normal-700.woff2 g1.nyt.com/fonts/family/franklin/ Frame 399F	20 KB 20 KB	12ms 11ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff2 Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57 Request headers Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ Origin https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish content-type application/octet-stream age 849025 x-guploader-uploadid ADPycdv5N-dPY-34WYSvUfcSbGEsL_gABzL3k_PcvEO-pPdpJARjGP1WriQY9KD8QKqPYQ25tyCbsa9Jqm_ZD19xe4A x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 20312 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Thu, 16 Mar 2023 23:07:47 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321093.729344,VS0,VE0 etag "b44c88f09ca7ce914b836d4ae72891b8" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984072337 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 20312 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 5
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v19/ Frame 399F	13 KB 13 KB	22ms 8ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 23 Mar 2022 18:02:06 GMT x-content-type-options nosniff age 262566 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 23 Feb 2022 17:39:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 23 Mar 2023 18:02:06 GMT
GET H3	200	dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mi... adservice.google.com/ddm/fls/z/ Frame 20EA	42 B 63 B	66ms 51ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html Requested by Host: 5290727.fls.doubleclick.net URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKDuz8m65PYCFc6ehQodIa8IfA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=7592707139881;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://5290727.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	batchexecute Show response news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 786B	436 B 322 B	35ms 35ms	XHR application/json	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=902869049363078595&bl=boq_subscribewithgoogleclientserver_20220324.10_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=68293&rt=c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 935107651250f94d586babf057f6965db986d6700df3756123860a91895e469c Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-Same-Domain 1 Referer https://news.google.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy same-site content-disposition attachment; filename="response.bin"; filename*=UTF-8''response.bin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="SubscribewithgoogleClientUi" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 399F	41 KB 15 KB	144ms 19ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=341990039;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 09:34:28 GMT content-encoding gzip x-content-type-options nosniff age 206624 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 24 Mar 2023 09:34:28 GMT
GET H2	200	main.css mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/	103 KB 15 KB	29ms 9ms	Stylesheet text/css	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d833cea63dd75b498747482b57fc177b4a1f5b63dcb60a65da615776f9106a8f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 284008 x-cache HIT content-length 14700 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Tue, 22 Mar 2022 17:45:02 GMT server nginx x-timer S1648321093.844322,VS0,VE1 x-origin-server mwcm-pub-est08.prd.iad1.nyt.net vary Accept-Encoding content-type text/css;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 1682
GET H2	200	untitled5 mwcm.nyt.com/dam/LP/payment-methods/	2 KB 1 KB	27ms 8ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled5 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 242162 x-cache HIT content-length 1081 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 26 Jan 2022 18:05:19 GMT server nginx x-timer S1648321093.844349,VS0,VE0 x-origin-server mwcm-pub-est06.prd.iad1.nyt.net vary Accept-Encoding content-type image/svg+xml;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 387
GET H2	200	untitled2 mwcm.nyt.com/dam/LP/payment-methods/	6 KB 3 KB	29ms 10ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled2 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 238347 x-cache HIT content-length 2844 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 26 Jan 2022 18:05:20 GMT server nginx x-timer S1648321093.844458,VS0,VE0 x-origin-server mwcm-pub-est04.prd.iad1.nyt.net vary Accept-Encoding content-type image/svg+xml;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 1211
GET H2	200	untitled3 mwcm.nyt.com/dam/LP/payment-methods/	7 KB 7 KB	30ms 11ms	Image image/png	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled3 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d075009cee62d0a87d946a0104e53e0c4710a4981cb768ae1716c2a84330887e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish last-modified Wed, 26 Jan 2022 18:05:19 GMT server nginx age 436473 x-served-by cache-hhn4042-HHN x-cache HIT content-type image/png;charset=UTF-8 x-origin-server mwcm-pub-est04.prd.iad1.nyt.net cache-control no-cache, must-revalidate accept-ranges bytes x-timer S1648321093.844515,VS0,VE0 access-control-allow-origin * content-length 7212 x-cache-hits 2449
GET H2	200	untitled mwcm.nyt.com/dam/LP/payment-methods/	8 KB 8 KB	30ms 11ms	Image image/png	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d7d22efecc1ac7058e7cd58bf4319d05257b446be0ac2fb3df96902eb3062906 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish last-modified Wed, 26 Jan 2022 18:05:20 GMT server nginx age 436473 x-served-by cache-hhn4042-HHN x-cache HIT content-type image/png;charset=UTF-8 x-origin-server mwcm-pub-est04.prd.iad1.nyt.net cache-control no-cache, must-revalidate accept-ranges bytes x-timer S1648321093.844645,VS0,VE0 access-control-allow-origin * content-length 8589 x-cache-hits 377
GET H2	200	untitled1 mwcm.nyt.com/dam/LP/payment-methods/	2 KB 889 B	30ms 11ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled1 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 502b6c6c8971aa0e41511b25ba01c7383dcd68d56aad8c86c36e31c7c62e8bff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 239978 x-cache HIT content-length 777 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 26 Jan 2022 18:05:20 GMT server nginx x-timer S1648321093.844634,VS0,VE0 x-origin-server mwcm-pub-est04.prd.iad1.nyt.net vary Accept-Encoding content-type image/svg+xml;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 353
GET H2	200	untitled0 mwcm.nyt.com/dam/LP/payment-methods/	9 KB 9 KB	8ms 8ms	Image image/png	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled0 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d9a720db6eb6308cbab1a6a56eda103c0f38919581d36ca79e97ff44bb58c146 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish last-modified Wed, 26 Jan 2022 18:05:19 GMT server nginx age 436473 x-served-by cache-hhn4042-HHN x-cache HIT content-type image/png;charset=UTF-8 x-origin-server mwcm-pub-est10.prd.iad1.nyt.net cache-control no-cache, must-revalidate accept-ranges bytes x-timer S1648321093.852275,VS0,VE1 access-control-allow-origin * content-length 9593 x-cache-hits 385
GET H2	200	untitled4 mwcm.nyt.com/dam/LP/payment-methods/	790 B 545 B	7ms 7ms	Image image/svg+xml	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mwcm.nyt.com/dam/LP/payment-methods/untitled4 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 198367 x-cache HIT content-length 383 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Wed, 26 Jan 2022 18:05:19 GMT server nginx x-timer S1648321093.855975,VS0,VE0 x-origin-server mwcm-pub-est06.prd.iad1.nyt.net vary Accept-Encoding content-type image/svg+xml;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 378
GET H2	200	franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2 g1.nyt.com/fonts/family/franklin/	20 KB 20 KB	10ms 10ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish content-type application/octet-stream age 761471 x-guploader-uploadid ADPycdv6PyHIk6iHv1QkgLg-uhdcZPZA2SjOpMhjiidXloCJ23pawvgsVOMEpC3EuJp7ues2JDDif0n4z4fom2Xy0xI x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 20212 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Fri, 17 Mar 2023 23:27:01 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321093.832935,VS0,VE0 etag "abe1b34d5a429f8e034860c86c483446" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984010934 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 20212 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 14387
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 399F	0 0	42ms 42ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHyBdi3x3-yQVF6wI3WF9sIR_RJHX-_KgGBIj1Fk6IYVCqDIdt12jGZkWPcyGsxizfDS8tVwHvM8c0gztchGOdJYYBnxQrjBxX-t0_Q6J_O8sGUQWtinmG3Oy-ep8K6FHWQ_NFoBa5IXq2O14AHgpVldx2_8IW7mUm9MN3DU2Yk8Flq465sZnUqly0DA-sksZrxc90SFzv8Kw1DDs4OAwsFkH7IMt1zsckryyY37bmVb_TugVKctcGdeQNHHTAeLPnKQzgQ36r-LL5htikHkHe2ghHF4w_8GklxmkcSTMW0MAVqdQlD8sX85bA-CN8SMc&sai=AMfl-YTP6QycHA7_r4axjgw51Bpam9uYPIuxUv8uaV26_1NkwFwsWtWJabiaq6WLsNM8CQpf3xIPLdqEQJl3MVU7mfgAP7ZDoDKHfsJO0z21qx8945OAzq0vuvWKAQHC6w&sig=Cg0ArKJSzKl-F3jaqFmcEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 18:58:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Sat, 26 Mar 2022 18:58:12 GMT
POST H3	200	log Show response play.google.com/ Frame 786B	131 B 155 B	28ms 27ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://news.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Sat, 26 Mar 2022 18:58:12 GMT
POST H3	200	log Show response play.google.com/ Frame 786B	131 B 155 B	28ms 27ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://news.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Sat, 26 Mar 2022 18:58:12 GMT
POST H3	200	log Show response play.google.com/ Frame 786B	131 B 155 B	27ms 27ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.g44OS5ggPzM.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4uOFb1nhI5SZw6gPwG41EFvnHOAw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://news.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://news.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Sat, 26 Mar 2022 18:58:12 GMT
GET H2	200	common.js Show response mwcm.nyt.com/.resources/mkt-wcm/dist/	139 KB 41 KB	8ms 8ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash dfe53b6293dc23048099cd1a65be73e2a734c668cca2f950304d78af4ca42749 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip age 284010 x-cache HIT content-length 41845 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Tue, 22 Mar 2022 17:45:02 GMT server nginx x-timer S1648321093.868331,VS0,VE0 x-origin-server mwcm-pub-est01.prd.iad1.nyt.net vary Accept-Encoding content-type application/javascript;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 2101
GET H2	200	main.js Show response mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/	23 KB 6 KB	10ms 10ms	Script application/javascript	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/vi-assets/static-assets/main-81f8afe33198f504bfe9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a1f629246648e29793e262cdc526d5b24b932cc87220d9d95e74b6121cfdcd10 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:12 GMT content-encoding gzip fastly-original-body-size 6163 age 284010 x-cache HIT content-length 6163 x-served-by cache-hhn4042-HHN access-control-allow-origin * last-modified Tue, 22 Mar 2022 17:45:02 GMT server nginx x-timer S1648321093.868457,VS0,VE0 x-origin-server mwcm-pub-est10.prd.iad1.nyt.net vary Accept-Encoding content-type application/javascript;charset=UTF-8 via 1.1 varnish cache-control no-cache, must-revalidate accept-ranges bytes x-cache-hits 1659
POST H2	200	track a.et.nytimes.com/	0 0	123ms 123ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	track a.et.nytimes.com/	0 0	117ms 117ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET DATA	200 OK	truncated / Frame 399F	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a297a2048fbd2e4666799f65fb35d049081686cd6b0f60a5f862c8973ea2eb48 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
POST H2	200	track a.et.nytimes.com/	0 0	116ms 115ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	206	98654_1_MKTG-IndependentJournalism-Liannav2-2022_wg_360p.mp4 vp.nyt.com/video/2022/02/02/ Frame 399F	287 KB 0	24ms 9ms	Media video/mp4	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vp.nyt.com/video/2022/02/02/98654_1_MKTG-IndependentJournalism-Liannav2-2022_wg_360p.mp4 Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash Request headers Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers x-goog-hash crc32c=qYzONQ==, md5=YHvPvfiMImFD7jFk3LcW0Q== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish, 1.1 varnish age 851382 x-guploader-uploadid ADPycduahpAR-IYSpiCxWqWiWfB05iggygSYr2qPghhnnBJXfxvU370lk3skhxY7NO5GF9Zxqoy8LVIXtRlAMJRwmA x-cache HIT, HIT x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity Content-Length 3819769 x-served-by cache-mdw17364-MDW, cache-hhn4042-HHN Content-Range bytes 0-3819768/3819769 last-modified Wed, 02 Feb 2022 20:09:00 GMT server UploadServer x-timer S1648321093.897816,VS0,VE1 etag "607bcfbdf88c226143ee3164dcb716d1" access-control-allow-methods GET, HEAD, OPTIONS x-goog-generation 1643832540731720 access-control-allow-origin * expires Thu, 16 Mar 2023 22:28:31 GMT cache-control public, max-age=1, s-maxage=31536000 x-goog-stored-content-length 3819769 accept-ranges bytes content-type video/mp4 x-cache-hits 1, 0
GET H2	200	franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2 g1.nyt.com/fonts/family/franklin/	24 KB 24 KB	14ms 13ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish content-type application/octet-stream age 758233 x-guploader-uploadid ADPycdvIPZIYw1NBkpHTTfpG7gkHRGYKe3NHNPoDMZQ-r1e4cxzgfdFSi-IRYEfNNAE7QphfAYgf9Rv9u21FU8tdr0rL-ggwGA x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 24184 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Sat, 18 Mar 2023 00:21:00 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1648321093.900260,VS0,VE0 etag "fdc7cad17deeec2db1fe2f9f8c0520ed" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984069574 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 24184 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 13134
OPTIONS H3	200	log play.google.com/ Frame	0 0	33ms 14ms	Preflight text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://news.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://news.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Sat, 26 Mar 2022 18:58:12 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 26 Mar 2022 18:58:12 GMT cache-control private
OPTIONS H3	200	log play.google.com/ Frame	0 0	30ms 13ms	Preflight text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://news.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://news.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Sat, 26 Mar 2022 18:58:12 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 26 Mar 2022 18:58:12 GMT cache-control private
OPTIONS H3	200	log play.google.com/ Frame	0 0	31ms 14ms	Preflight text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://news.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://news.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Sat, 26 Mar 2022 18:58:12 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 26 Mar 2022 18:58:12 GMT cache-control private
GET H2	200	cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2 g1.nyt.com/fonts/family/cheltenham/	27 KB 27 KB	20ms 20ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish content-type application/octet-stream age 845019 x-guploader-uploadid ADPycdtBZqBpbz90ljo3tQBZHfz3GjPK98V-gsN5CqRG2m6oxMaWJGlqBMqEfFyxQye2GfLklS3ao7zJFnIVFotSO4-BdKZePQ x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 27260 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Fri, 17 Mar 2023 00:14:33 GMT last-modified Wed, 15 Sep 2021 19:43:02 GMT server UploadServer x-timer S1648321093.937288,VS0,VE0 etag "7ea91ebd036309e1fe756ee3aab272da" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734982738365 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 27260 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 13410
GET H2	206	98654_1_MKTG-IndependentJournalism-Liannav2-2022_wg_360p.mp4 vp.nyt.com/video/2022/02/02/ Frame 399F	18 KB 18 KB	52ms 52ms	Media video/mp4	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vp.nyt.com/video/2022/02/02/98654_1_MKTG-IndependentJournalism-Liannav2-2022_wg_360p.mp4 Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 0d2f31c74852132dc10375b9317cc8afd22946d997eee17fb487d77ad74ec22c Request headers Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=3801088- Response headers x-goog-hash crc32c=qYzONQ==, md5=YHvPvfiMImFD7jFk3LcW0Q== date Sat, 26 Mar 2022 18:58:12 GMT via 1.1 varnish, 1.1 varnish age 851382 x-guploader-uploadid ADPycduahpAR-IYSpiCxWqWiWfB05iggygSYr2qPghhnnBJXfxvU370lk3skhxY7NO5GF9Zxqoy8LVIXtRlAMJRwmA x-cache HIT, HIT x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity Content-Length 18681 x-served-by cache-mdw17364-MDW, cache-hhn4042-HHN Content-Range bytes 3801088-3819768/3819769 last-modified Wed, 02 Feb 2022 20:09:00 GMT server UploadServer x-timer S1648321093.941518,VS0,VE1 etag "607bcfbdf88c226143ee3164dcb716d1" access-control-allow-methods GET, HEAD, OPTIONS x-goog-generation 1643832540731720 access-control-allow-origin * expires Thu, 16 Mar 2023 22:28:31 GMT cache-control public, max-age=1, s-maxage=31536000 x-goog-stored-content-length 3819769 accept-ranges bytes content-type video/mp4 x-cache-hits 1, 0
POST H2	200	track a.et.nytimes.com/	0 0	4526ms 4526ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	track a.et.nytimes.com/	0 0	105ms 105ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	data-layer Show response a.nytimes.com/svc/nyt/	928 B 936 B	146ms 146ms	XHR application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.nytimes.com/svc/nyt/data-layer Requested by Host: mwcm.nyt.com URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 6de4c8a47ebda586567e0412df707826f3c7c0f6abd69a21b025973e8813aeb1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:13 GMT content-encoding gzip x-appengine-log-flush-count 0 server Google Frontend vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://www.nytimes.com x-cloud-trace-context 11b65a671ded765cda0e6bef351862c4 cache-control private access-control-allow-credentials true access-control-allow-headers Content-Type, x-requested-by, * content-length 469 expires Sat, 26 Mar 2022 18:58:13 GMT
GET H2	200	cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2 g1.nyt.com/fonts/family/cheltenham/	26 KB 26 KB	8ms 8ms	Font application/octet-stream	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css Origin https://www.nytimes.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg== date Sat, 26 Mar 2022 18:58:13 GMT via 1.1 varnish content-type application/octet-stream age 758210 x-guploader-uploadid ADPycduQGIVJj6hHfoUzoMRwTg2rofc5qVLBreF2HCHdUiLhZEBx-dHvQBc32PDQHvWYghNsuSiIXMKaCdHb0FB3Y7vRqN3EaQ x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 26448 x-served-by cache-hhn4069-HHN accept-ranges bytes expires Sat, 18 Mar 2023 00:21:22 GMT last-modified Wed, 15 Sep 2021 19:43:02 GMT server UploadServer x-timer S1648321093.039885,VS0,VE0 etag "40ccfe2cc61a71e6617e56162d49b896" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734982612741 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 26448 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 12291
GET H3	200	activityi;dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fn... Show response 5290727.fls.doubleclick.net/ Frame B7B9 Redirect Chain https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2... https://5290727.fls.doubleclick.net/activityi;dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2F...	560 B 405 B	28ms 28ms	Document text/html	142.250.185.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5290727.fls.doubleclick.net/activityi;dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f6.1e100.net Software cafe / Resource Hash 255d75696c98a6838f6d20389aeee059e7eb5f6c68b01581908074406f5356d9 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer about:blank Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sat, 26 Mar 2022 18:58:13 GMT expires Sat, 26 Mar 2022 18:58:13 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 382 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Sat, 26 Mar 2022 18:58:13 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://5290727.fls.doubleclick.net/activityi;dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	track a.et.nytimes.com/	0 0	130ms 130ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2072578483&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&dr=&ul=en-us&de=UTF-8&dt=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gateway&ea=impression&el=MAG_web_nonsub_all_monthly-sale&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1420176414.1648321092&tid=UA-58630905-2&_gid=287604103.1648321093&gtm=2wg3e0P528B3&cg1=nyregion&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html&cd3=&cd4=New%20York&cd9=9&cd10=null&cd13=null&cd14=metro_desk&cd15=earned&cd16=referring_links&cd17=100000006402132&cd18=Liam%20Stack&cd19=A%20Stranger%20Returned%20His%20Lost%20Lottery%20Tickets.%20Then%20He%20Won%20%24273%20Million.&cd20=&cd21=Article&cd23=New%20York&cd26=2019&cd27=2019-03-08-22&cd28=Friday&cd29=22&cd30=2019-03-10T05%3A27%3A42.529Z&cd32=New%20York%2CU.S.%20News&cd33=SECTION&cd34=NEWS&cd36=08xp-lottery&cd37=837&cd38=Express&cd42=nyt-vi&cd43=Lotteries&cd46=New%20Jersey&cd48=March&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Express&cd54=metro_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=DzjonKwtkvV-kDjV7VseHi&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=DzjonKwtkvV-kDjV7VseHi&z=676257919 Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 02:56:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 57731 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 6B39	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Thu, 24 Mar 2022 09:34:28 GMT expires Fri, 24 Mar 2023 09:34:28 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 206625 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	206	98654_1_MKTG-IndependentJournalism-Liannav2-2022_wg_360p.mp4 vp.nyt.com/video/2022/02/02/ Frame 399F	3 MB 0	10ms 10ms	Media video/mp4	151.101.129.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vp.nyt.com/video/2022/02/02/98654_1_MKTG-IndependentJournalism-Liannav2-2022_wg_360p.mp4 Requested by Host: dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com URL: https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash Request headers Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=262144- Response headers x-goog-hash crc32c=qYzONQ==, md5=YHvPvfiMImFD7jFk3LcW0Q== date Sat, 26 Mar 2022 18:58:13 GMT via 1.1 varnish, 1.1 varnish age 851382 x-guploader-uploadid ADPycduahpAR-IYSpiCxWqWiWfB05iggygSYr2qPghhnnBJXfxvU370lk3skhxY7NO5GF9Zxqoy8LVIXtRlAMJRwmA x-cache HIT, HIT x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity Content-Length 3557625 x-served-by cache-mdw17364-MDW, cache-hhn4042-HHN Content-Range bytes 262144-3819768/3819769 last-modified Wed, 02 Feb 2022 20:09:00 GMT server UploadServer x-timer S1648321093.084719,VS0,VE1 etag "607bcfbdf88c226143ee3164dcb716d1" access-control-allow-methods GET, HEAD, OPTIONS x-goog-generation 1643832540731720 access-control-allow-origin * expires Thu, 16 Mar 2023 22:28:31 GMT cache-control public, max-age=1, s-maxage=31536000 x-goog-stored-content-length 3819769 accept-ranges bytes content-type video/mp4 x-cache-hits 1, 0
GET H2	200	XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response pagead2.googlesyndication.com/bg/ Frame 6B39	35 KB 14 KB	67ms 25ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 22 Mar 2022 19:56:45 GMT content-encoding br x-content-type-options nosniff age 342088 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13744 x-xss-protection 0 last-modified Tue, 22 Mar 2022 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 22 Mar 2023 19:56:45 GMT
GET H3	200	dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mi... adservice.google.com/ddm/fls/z/ Frame B7B9	42 B 63 B	70ms 70ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html Requested by Host: 5290727.fls.doubleclick.net URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=COir6Mm65PYCFU5CHQkdJRQNxw;src=5290727;type=remar0;cat=gatew0;ord=1;num=3283520432310;gtm=2wg3e0;auiddc=1142420740.1648321093;u17=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2019%2F03%2F08%2Fnyregion%2Fnj-lottery-winner-mike-weirsky.html? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://5290727.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	.status a.et.nytimes.com//	0 0	188ms 187ms	Fetch application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com//.status Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept */* Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 content-type text/plain;charset=UTF-8 Response headers
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 10 KB	84ms 46ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1787a61274fddd0a3fd40148ad18caf580ef770604067023ea5f3ecbe09b3ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 18:58:13 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10588 x-xss-protection 0
GET H2	200	loader.js Show response platform.iteratehq.com/	2 KB 1 KB	182ms 64ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platform.iteratehq.com/loader.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa3cc3b75f047e0168ce21f11ef0dc4c4fd2365a260affc0eca72ddf54555d66 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:13 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 317 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id BTRBW55EN4VWFKV1 x-amz-id-2 rdCvxLPqSGqNsyJBETOFSsNVYWsSnXRW8bSDmF+Cw6bvvKJgqH/sjwYGby6TSjpJjF8JVxl2rWM= last-modified Wed, 02 Mar 2022 17:05:47 GMT server cloudflare etag W/"2dab361630d1f8d71f67e535d1f0848a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23yZrGihEB2aUA%2BRZ5Gp3ZHUjWxNyUITg65n2etQsfdq%2FMK%2FEAsYZVfVqrsp5WWx43x33%2BYLRdCnUw1yWcXCtQVUy9gSn6FgOtUJ%2BxXJ3cOTiEXbPkidYX2vXOuZqTTeaeQYoXdTmte0NxpdY4EkI%2BrsxZRL"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1800 cf-ray 6f221dd15fb983ae-MXP
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	44ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 18:58:13 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6B39	0 20 B	120ms 78ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOE5QRGI_YrCeLsuC3gOiyZu4BwAAAAA4AeAEAg&bg=!8vGl8bXNAAbzJazn0yU7ACkAdvg8Wo__bmAxHaxTTQWkTUOz_DvQyxC9JTfs3QUV6hwgJUnKooxLJAIAAABlUgAAAAJoAQcKAE8o1yNWH-W547o3KrHEOhi8O_QfR4vaoK3MOist-N18NTrgPsBtdHzDE4KrTUuciLQSaGIdXKrM3_TxN-wZsFANrFRjLxGEWGhZhm8MSJ_6mQMM9Jd3XgL8vdTDIcAMbKC0T7ZxzDBNTrqUu8mI3F9CoqrL9rVNYLAKMs6zqmadSYqTiDss3hHXIF5RiUEA5hAIZ4j7_rYr-p57ybVviowngO96sjwXh2YD4ReVbYVIFPazVZ89v2uOsCsVz7S2T6nvqIEFRfilk_scWY67jvnLKSuSPqpYiBcw7pNa3Ab6Z8vVBgyTqUMj35PGUWZzv5RZxOjZ_hWWLhmWm3ghxsGb3svdKhukNFcNDXZp5m2xtWjrM3EFnvR_pycnGpBIzxkUxfz2iGSw6YSuQ688Klh11Xz4Un0y0sY5U8OYuL2Jj4utNlty7hMfo1efSwPGcezdToveL6eJVcmO3s1V63Jh_MMJYLAJsWt0odSMMeOfr0jUAW4I2qE7_yGjjWPW5meGObm9j_BjKO0ObyatKJJqmAZx3ATsh_XAIrIek_FkaQ1TXmPax_OlTTr0ZsSojq_ShUQisdCr7UXfdCjv7xXlDFoDJZSa3oYEgnyY5EKe2LtP_vrxMna7WTWTB7zshCgGyNpMuZcM5VjWIJOgEK1sZUbb31tJDpLitYJ5q5GU6vlQZSz8Tghgi7T-O7y91V_Yq_7RfwihDId01J7qr9wpDHmyTbJF9wLaDaospBjsdttiCUQ_Pobdj-JrBIKuqSiSka1dAOwPdw7Zp8O0zgQP40DTnVM9gVti463stjJ_2lBOzfd0Mz7GZvbSwxwP0rOSj2YWc2l0qaUch2c-V15V2H7cQ0ByYrOxdtpD32km85XYBC5oTmDrVvL3HTsIuCT1iUJJ7SAFbVWomqh1tM8KS7JAUXctP-9DkTH7miLT6q_nGhBOlgCYD8krI_pDEcOhSVA6aKIMJwF_DXxalvVnJZCsE51QV3u6tlhzGXGAXeGO3cLlDScF7hxNcvRGxi_fwa_BxKly-gG-bZR8MFAgD06jY1H_HfzA3eNLcKbzmpwvzkD-IhORZSMJlzlI--0UZdXEZOHGqCiC1-kIBehF1oxU8sbbIVhjjbAjkwp1Y66QmA6m4maxPTQmCn9b Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 403A	13 KB 5 KB	37ms 37ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 26 Mar 2022 18:07:54 GMT expires Sun, 26 Mar 2023 18:07:54 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 3019 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 4B08	783 B 1 KB	112ms 23ms	Document text/html	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1878cf52e93e6c8f026821f6f1e5163dc1b076b5208ec9253f8dd496f7432bae Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-sCidZiXkuFFKEWAGzdtlLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 26 Mar 2022 18:58:13 GMT date Sat, 26 Mar 2022 18:58:13 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-sCidZiXkuFFKEWAGzdtlLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	track a.et.nytimes.com/	0 0	110ms 110ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response pagead2.googlesyndication.com/bg/ Frame 403A	35 KB 13 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 16:54:28 GMT content-encoding br x-content-type-options nosniff age 93825 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13638 x-xss-protection 0 last-modified Tue, 22 Mar 2022 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 25 Mar 2023 16:54:28 GMT
GET H3	200	sdk-prod-86b9fd3e0466066c0e3b.js Show response platform.iteratehq.com/	897 KB 260 KB	105ms 52ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platform.iteratehq.com/sdk-prod-86b9fd3e0466066c0e3b.js Requested by Host: platform.iteratehq.com URL: https://platform.iteratehq.com/loader.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6ca48de751ff3f006cefa78db99f8b0223e88b6d0564ea70e3c708d9312767f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:13 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2080328 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id BTRD2F399JQE2R3X x-amz-id-2 wtEnUEfo4OPnYTkGdW+5NbMSYICcKsx2qx6bsemQQaCz94Aw1gnMrKJnTKeNvUxR64NmTniNgDg= last-modified Wed, 02 Mar 2022 17:05:43 GMT server cloudflare etag W/"eda1f516804755a17a5fb9ad0484d4f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nhQONQ7hSUcUR270F%2BY0cwLVTAu6IlJkP2MZWUypnmpVQd1duqg4uRC10p8e8sigfdKpC2pd1jETHG%2BQQjGG1iGtaE6LiL4CK%2F0AYbDhaARZ9FKqs2iT2S8p5JMGNc3szo0uRBh2LzjLTctQH8gtQ3a7qk8"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 6f221dd21bca3756-MXP
GET H3	200	style-2bdbffb0210cc2e386f1.css platform.iteratehq.com/	130 KB 12 KB	82ms 30ms	Stylesheet text/css	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css Requested by Host: platform.iteratehq.com URL: https://platform.iteratehq.com/loader.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:13 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4944445 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 0YMXT7WWEMYNMMX4 x-amz-id-2 ri93IscdBGQdLvL5d0uj7IKq/5YSWyL6lQKpq5AAzfNkuEOcIh7ffHaBMfpyuDXGDk1BvDDLTWE= last-modified Tue, 21 Dec 2021 18:11:11 GMT server cloudflare etag W/"4737fd744e2551cae9a2bc8884efd7ba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caBYJCIcMbicoa4KJQOX12Hy%2B0o1AtWBJnVLbAk8cum6W%2BbK0r5%2FtrP1KQCsZxi3OxhM70jRUB99ogPV2xRTQDKwvsT9I%2FcADaYWlG8Eun%2BPs6O9BExvouFSZARaIuMsXS9MPyjDLt5VwFikzSx%2F%2Bd8CCyFo"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 6f221dd21bcc3756-MXP
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 4B08	0 0	93ms 92ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=3428909720672084&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 403A	0 9 B	8ms 8ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?PacObQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 18:58:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
POST H3	200	embed Show response iteratehq.com/api/v1/surveys/	298 B 1 KB	166ms 145ms	Fetch application/json	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iteratehq.com/api/v1/surveys/embed Requested by Host: platform.iteratehq.com URL: https://platform.iteratehq.com/sdk-prod-86b9fd3e0466066c0e3b.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46a02d30c1860db142c630b2d853d2df694009e27ba466d7c15f1c8067caf179 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o Content-Type application/json Response headers date Sat, 26 Mar 2022 18:58:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ggNy%2BIN2tHTmJ3Um1wRgylYJLoIDTJp6HNbkuTpebOmrn0pBTlZNn53FwM%2FUY6jsNPmAFynIUuVCddq82%2FVM7WL3aN6kmsyXzVTqC%2B%2F2v52sxIxP%2FJNoxafg%2Frr8EANWbK7gMC85gSBJjld"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * access-control-allow-credentials true strict-transport-security max-age=0; includeSubDomains cf-ray 6f221dd4ddc983ac-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H2	200	embed iteratehq.com/api/v1/surveys/ Frame	0 0	228ms 182ms	Preflight	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iteratehq.com/api/v1/surveys/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://www.nytimes.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sat, 26 Mar 2022 18:58:13 GMT content-length 0 access-control-allow-credentials true access-control-allow-headers Authorization, Content-Type access-control-allow-methods POST access-control-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6tuI60lrtskd3KRG2pruO9SyPo1uJN7gDlPYUdX5%2FDksSGPH2HWLn6xE9bcGTkBid4blwenfOV7PP07WO9zE7kKiPNHfl98ycZ3Bv01SWzLfhHHLu5dUc5%2BFBi%2FjCf2M1KiZ2JF%2FpZRA1Qs"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0; includeSubDomains server cloudflare cf-ray 6f221dd38c54f937-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 399F	42 B 64 B	42ms 42ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmbkppWwiHLXLjs9eYNgukws2KXdIuduy5wS4Soy81U1JTmF76WayUCwbfvXmpclzR9lArqcDS0WOuZDSKuac29L-m5xG7eiyF8SUYPMhCEuVJtuAe&sig=Cg0ArKJSzFGBS4i5kui2EAE&id=lidar2&mcvt=1000&p=77,0,347,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=4262024170&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648321092571&rpt=283&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dd3c8dc01caaae906055e9148604823a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	43ms 43ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=3428909720672084&bg=!d3SldDDNAAbzJazn0yU7ACkAdvg8WlCZS4cpp2FcG-J8x_aQ9npwsECIPTbjRBIQHNrT7Tn8oeWugwIAAABYUgAAAAJoAQcKAHiLSk-oTLO4hTxrBTF6DcrERx8SoJvZevl84igbASJHuWuduClGYCzWcngkVqHandP93HveuR30YZ6Q5PwpAGDB35ID2MLDGTq6f2DQmnXpAAzpsAEAKh1wxiTPj4QeqYepEfBetgBAsoZOAk6PkOnk3zdJ4qySmq2ZAtk-fU3O_cvZCdFksBd1vgl0KMJ5kSD8uo8JM1gOaQxtTZXAoICVozcpAglumoQ1Fp3wlrcwmtI0glLXl_YMFMzcujJCDckvGG6KwflLKgQyjFcep9m385MdqmPr9GFCmcV4JLZJYy8nSpId485buP_rd84GXCZyr4FWJfXX3gSXxtl9Bv5SO8auEEubcqmNmR5aX-C_xCvRSIIyVe9Yrrxujzk1ja7yhgn5a_UMHAQrdayROOrzqKaPKImgKV7irWk-CYLT_L1gGfD-DnXiz2zhkgmgSurWSC8Y1wg2fes85YEDUrEB3ZitoQCveBEGdZxmzseUR5eQpBm9Jrqe-DlwW7pTBl_67hXLjJ0xpVaisTbE3MPB94zNOW2mLap2XJyUUm9XWc6lcElGo1IhtJ5itPlMz40vqZDKW6ed5WtH76IS_GVjZhh3kElIUJ7vHnAQu6fs-UiPQfVbLzUCj054GRu2bzArECfoqt3y71S3VyUfV7Dm64oDjLpc7Db1sS2Ou1DfMCC-yJdf-5XnVF0kS6ZjvhJTRXYiEmTMDiOBKxPvyJfcS1EkDzkKQcoqSegVLI7L4PTxztX3TUnq4nboBb_ON8SIlMIsKvMpAtNvQpNw8mNE5aggxcFr5q4FkbdABq52Wmv2dAoHhhHLV_QbJvoXU2hLagZwtpMePeeAeti1fnzuDl4pn3TwkndsMchtej9AkI-ade728v4uGs1G6c-6U3JCjcYB4NkM1Bdpx73cM0XBwW5tlEAJBr83BsC39ADjvIdG1BISF6cujQbHSjw5pf-fNXc8WNplds8u0D7ce6MiXHPVtI7jUqF6KmRLUbTcj8JcJUolWFIAGThABDtccmc4I4LsGQFU9dxJNTCnYnP-hJ_4yJmT8EWxgXJx2Lvm2-bbRyIMFSHlE4VjXKyukF3gO5InP7oYEkPGaOWlzZ-Gmd6iBlQ_gTnrARUEtyLM-N-CPzI Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 18:58:14 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	track a.et.nytimes.com/	0 0	106ms 105ms	Ping application/json	2a00:1450:4001:811::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a.et.nytimes.com/track Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2019/03/08/nyregion/nj-lottery-winner-mike-weirsky.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.nytimes.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST		track a.et.nytimes.com/	0 0
POST		ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg== collectors.sumologic.com/receiver/v1/http/	0 0
OPTIONS		ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg== collectors.sumologic.com/receiver/v1/http/ Frame	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

a.et.nytimes.com

URL

https://a.et.nytimes.com/track

Domain

collectors.sumologic.com

URL

https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent

Domain

collectors.sumologic.com

URL

https://collectors.sumologic.com/receiver/v1/http/ZaVnC4dhaV0-HeboJ6818lTuKxRBececk4jDqTCENG6P3EEnbph5RHWdBPvQT3HRVFQSGDmsPzXTyYrsnJS80IznOeaWt-m6EIiNmwnfwv6WiKXpRRMNYg==?callback=logSent