URL: https://www.nytimes.com/1984/01/02/business/british-mo
Submission Tags: falconsandbox
Submission: On July 06 via api from US

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 68 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 151.101.13.164 54113 (FASTLY)
6 151.101.193.164 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
11 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 172.217.16.134 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 52.213.189.245 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.216.115.51 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2.16.186.40 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
68 20
Domain Requested by
10 a.et.nytimes.com www.nytimes.com
7 play.google.com www.gstatic.com
7 news.google.com www.nytimes.com
news.google.com
www.gstatic.com
7 www.nytimes.com www.nytimes.com
6 www.gstatic.com news.google.com
www.gstatic.com
3 platform.iteratehq.com www.nytimes.com
platform.iteratehq.com
3 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.nytimes.com
3 g1.nyt.com www.nytimes.com
g1.nyt.com
2 iteratehq.com platform.iteratehq.com
2 pnytimes.chartbeat.net www.nytimes.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dd.nytimes.com www.nytimes.com
dd.nytimes.com
2 samizdat-graphql.nytimes.com www.nytimes.com
1 fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 6852bd0a.akstat.io s.go-mpulse.net
1 c.go-mpulse.net s.go-mpulse.net
1 adservice.google.com 5290727.fls.doubleclick.net
1 fonts.gstatic.com news.google.com
1 insight.adsrvr.org www.nytimes.com
1 a1.nyt.com www.nytimes.com
1 static.chartbeat.com www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 s.go-mpulse.net www.nytimes.com
1 www.googletagmanager.com www.nytimes.com
68 28
Subject Issuer Validity Valid
nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-03 -
2022-04-06
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
akstat.io
DigiCert SHA2 Secure Server CA
2021-06-08 -
2022-06-13
a year crt.sh
a.et.nytimes.com
GTS CA 1D4
2021-06-03 -
2021-09-01
3 months crt.sh
*.google.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
purr.nytimes.com
GTS CA 1D4
2021-05-30 -
2021-08-28
3 months crt.sh
a.nytimes.com
GTS CA 1D4
2021-05-22 -
2021-08-20
3 months crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-04 -
2022-04-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-04 -
2022-07-03
a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2020-07-15 -
2021-09-13
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.nytimes.com/1984/01/02/business/british-mo
Frame ID: 90ADA592FB3A42D5902F2BB2828A6338
Requests: 47 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=451556
Frame ID: 5CCC4144A112C68637476F83F353CDEA
Requests: 14 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo
Frame ID: 18AC50376418E73C88A0B813BEE43519
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i

Overall confidence: 100%
Detected patterns
  • headers vary /Fastly-SSL/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

28
Subdomains

20
IPs

3
Countries

1198 kB
Transfer

4189 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo
Request Chain 61
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pd0h5fsav HTTP 302
  • https://t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 62
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pd0h5fsav HTTP 302
  • https://fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net/eum/results.txt

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request british-mo
www.nytimes.com/1984/01/02/business/
93 KB
30 KB
Document
General
Full URL
https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25cfea4372d8e7f8b685d2f4321a3243c761bd5459ddc042475d52c22d763d1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.nytimes.com
:scheme
https
:path
/1984/01/02/business/british-mo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
cache-control
s-maxage=10,no-store
x-nyt-route
vi-story
x-datadome-timer
S1625601877.142222,VS0,VE13
x-origin-time
2021-07-06 20:04:37 UTC
fastly-restarts
1
accept-ranges
bytes
date
Tue, 06 Jul 2021 20:04:37 GMT
age
2
x-served-by
cache-lga21983-LGA, cache-fra19180-FRA
x-cache
HIT, MISS
x-cache-hits
1, 0
x-timer
S1625601877.142222,VS0,VE102
vary
Accept-Encoding, Fastly-SSL
set-cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; Expires=Wed, 06 Jul 2022 20:04:37 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Wed, 06 Jul 2022 20:04:37 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com nyt-geo=DE; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com
x-datadome
protected
x-gdpr
1
x-frame-options
DENY
onion-location
https://www.nytimes3xbfgragh.onion/1984/01/02/business/british-mo
x-api-version
F-F-VI
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=63072000; preload
content-length
29586
web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
content-type
text/css; charset=utf-8
age
2318247
x-guploader-uploadid
ABg5-UyBp8dD7jijPXIyd6RzettY1GKD33NP3qnIdhMXY9G6YI9PPOR6oiFF1Hnu1DuGHNpeSqg44ErSMMjJCZLEBTlHBu3i8Q
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9775
via
1.1 varnish
x-served-by
cache-fra19147-FRA
accept-ranges
bytes
expires
Fri, 10 Jun 2022 00:07:09 GMT
last-modified
Tue, 06 Apr 2021 21:11:51 GMT
server
UploadServer
x-timer
S1625601877.281340,VS0,VE0
etag
"1b2e52261e85210b126b5076aba9359b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1617743511910294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
9775
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
19701
global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/
5 KB
3 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

:path
/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
pragma
no-cache
cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DE
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.nytimes.com
referer
https://www.nytimes.com/1984/01/02/business/british-mo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nytimes.com/1984/01/02/business/british-mo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=xVtu/Q== md5=8t/i0xcrDEvURwPHlq+SQg==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-api-version
F-X
age
8365230
x-guploader-uploadid
ABg5-UytxFr3P7VcSwK9Sxuk5C3Ai3EIze1BL19ZPQ-ghZiBF7zm0BL8RKq2l1zWQVXfA1nNUyWMO-t2pISoUP7S0mY
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-04-01 00:24:06 UTC
content-length
1832
x-served-by
cache-fra19180-FRA
last-modified
Wed, 31 Mar 2021 22:46:44 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1625601877.257713,VS0,VE1
etag
"f2dfe2d3172b0c4bd44703c796af9242"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation
1617123655801043
expires
Fri, 01 Apr 2022 00:24:06 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
4669
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie
nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
10629
adslot-a4c425a7544232c0984f.js
www.nytimes.com/vi-assets/static-assets/
18 KB
7 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-a4c425a7544232c0984f.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
98e89c31495f8dfbdf440d3afcfbe080cdf7732f9951d7655218c1b13eb92a79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

:path
/vi-assets/static-assets/adslot-a4c425a7544232c0984f.js
pragma
no-cache
cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DE
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nytimes.com
referer
https://www.nytimes.com/1984/01/02/business/british-mo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nytimes.com/1984/01/02/business/british-mo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=5h92EA== md5=xsgPM41nTol9Uk7I+qVTKA==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-api-version
F-X
age
360020
x-guploader-uploadid
ADPycdsN3JUkvn6tuT3uoW8wY7uHQaPeCgrlOUUm_4g67vzMIDG-1ySzfeo-zDEjCyWSi2HOlPqBkFLRFU1y91JxYirXUQmxPw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-07-02 16:04:22 UTC
content-length
6560
x-served-by
cache-fra19180-FRA
last-modified
Fri, 02 Jul 2021 16:02:39 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1625601877.266503,VS0,VE1
etag
"c6c80f338d674e897d524ec8faa55328"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-a4c425a7544232c0984f.js
x-goog-generation
1625241759340334
expires
Sat, 02 Jul 2022 16:04:16 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
18904
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie
nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
4444
vendor-1f3d6155f58fc37f9046.js
www.nytimes.com/vi-assets/static-assets/
264 KB
81 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-1f3d6155f58fc37f9046.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ee2616f9c5bdb1401a516c32f329495644e67bc302366e32b0920631c4119963
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

:path
/vi-assets/static-assets/vendor-1f3d6155f58fc37f9046.js
pragma
no-cache
cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DE
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nytimes.com
referer
https://www.nytimes.com/1984/01/02/business/british-mo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nytimes.com/1984/01/02/business/british-mo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=R+4adQ== md5=IdbQ04hnZrcp0GZlbyFS4w==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-api-version
F-X
age
1043191
x-guploader-uploadid
ABg5-UxhtoO9rzWHfZbJfHPMB0vsgUM_H8-TmE_2FBbRG8wcZklazRpVxrzP6SV26GS9B4XozDjVaRJVUkNh_QQ0-g
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-06-24 18:18:06 UTC
content-length
81774
x-served-by
cache-fra19180-FRA
last-modified
Thu, 24 Jun 2021 18:15:37 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1625601877.275959,VS0,VE1
etag
"21d6d0d3886766b729d066656f2152e3"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-1f3d6155f58fc37f9046.js
x-goog-generation
1624558537352048
expires
Fri, 24 Jun 2022 18:18:05 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
270803
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie
nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
14762
main-386ed2c96b299c361f2c.js
www.nytimes.com/vi-assets/static-assets/
1 MB
352 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-386ed2c96b299c361f2c.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
94b99c25e9b1b049c3a55d433c57990af143bcb4eeaf2087f5f7f9310c64d2c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

:path
/vi-assets/static-assets/main-386ed2c96b299c361f2c.js
pragma
no-cache
cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DE
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nytimes.com
referer
https://www.nytimes.com/1984/01/02/business/british-mo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nytimes.com/1984/01/02/business/british-mo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=kqajQA== md5=MECONvWCxDmGrRYBt+md5w==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-api-version
F-X
age
360014
x-guploader-uploadid
ADPycdu7mQou-ZnnrAuRXreXGHB2vhQa6oso-JSUz3KrwhPvpXdNeNp32u893VTj8T-RuDx7-Bhv2LRVL8xTtaPyqA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-07-02 16:04:23 UTC
content-length
359955
x-served-by
cache-fra19180-FRA
last-modified
Fri, 02 Jul 2021 16:02:40 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1625601877.290009,VS0,VE1
etag
"30408e36f582c43986ad1601b7e99de7"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-386ed2c96b299c361f2c.js
x-goog-generation
1625241760253179
expires
Sat, 02 Jul 2022 16:04:23 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
1240583
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie
nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
18
gtm.js
www.googletagmanager.com/
358 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1d7f57f9d7b90642a253f476bf9ff51658466c0bb60b40af146ffaa68278211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86563
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-8956285 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
max-age=30
access-control-allow-methods
GET, POST
access-control-max-age
300
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin
https://www.nytimes.com
server
samizdat-graphql-8956285
access-control-allow-credentials
true
via
1.1 google, 1.1 varnish
accept-ranges
bytes
date
Tue, 06 Jul 2021 20:04:37 GMT
age
88
x-nyt-meridiem
PM
x-nyt-continent
EU
x-nyt-country
DE
x-nyt-region
NW
x-nyt-audience-target-flat
EU:PM
x-samizdat-query-exe-id
bf84ea177a000fb1
samizdat-x-instance
c6f4f9f5
samizdat-x-canary
false
x-served-by
cache-fra19151-FRA
x-cache
HIT
x-cache-hits
2
x-timer
S1625601877.388717,VS0,VE1
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin
*
content-length
0
ATH8A-MAMN8-XPXCH-N5KAX-8D239
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
br
last-modified
Thu, 17 Jun 2021 01:43:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
v2
samizdat-graphql.nytimes.com/graphql/
148 B
661 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-8956285 /
Resource Hash
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

x-samizdat-query-sup-code
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-nyt-meridiem
PM
age
0
x-cache
MISS
samizdat-x-instance
31577474
x-samizdat-query-field-errors
0
x-cache-hits
0
x-samizdat-query-exe-id
b24aed59a1e3c1ff
content-length
123
samizdat-x-canary
false
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
NW
server
samizdat-graphql-8956285
x-timer
S1625601877.396089,VS0,VE98
x-nyt-continent
EU
x-served-by
cache-fra19147-FRA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:PM
cache-control
max-age=30
access-control-allow-credentials
true
x-nyt-country
DE
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
swg.js
news.google.com/swg/js/v1/
149 KB
45 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fd1d2d5757099c5742b541105734a1d086cc8ab4b8d21a080e2bedff2c36c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45328
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 21:15:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jul 2021 20:24:12 GMT
franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin
https://www.nytimes.com
Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date
Tue, 06 Jul 2021 20:04:37 GMT
via
1.1 varnish
content-type
font/woff2
age
19698754
x-guploader-uploadid
ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
19836
x-served-by
cache-fra19181-FRA
accept-ranges
bytes
expires
Sat, 20 Nov 2021 20:12:03 GMT
last-modified
Mon, 16 Nov 2020 16:08:41 GMT
server
UploadServer
x-timer
S1625601877.412054,VS0,VE0
etag
"d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1605542921495212
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
19836
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
19550
franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin
https://www.nytimes.com
Referer
https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date
Tue, 06 Jul 2021 20:04:37 GMT
via
1.1 varnish
content-type
font/woff2
age
2319805
x-guploader-uploadid
ABg5-Uz1w0HYKtR8mLA5O7hQjvz12IBZm859sKOVfV3WIMC-t6oXkCdugzQ8Vh-S5jn9WNg11uRK103ko9m1gua8wg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20312
x-served-by
cache-fra19181-FRA
accept-ranges
bytes
expires
Thu, 09 Jun 2022 23:41:11 GMT
last-modified
Tue, 06 Apr 2021 21:11:53 GMT
server
UploadServer
x-timer
S1625601877.412034,VS0,VE0
etag
"b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1617743513200253
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20312
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
19505
swg-button.css
news.google.com/swg/js/v1/
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2972ab4e6f23916a402bb8b39984e6a1f80b9650c4889fabbf9b94e8cbe9184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
last-modified
Wed, 26 May 2021 22:02:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jul 2021 20:20:09 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 5CCC
22 KB
7 KB
Document
General
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=451556
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35f37e86ea3104da672afbf76335208ea038c447a5ddb58d0442f942c302c969
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-VFuFII5LVwV31zxVki8AYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-VFuFII5LVwV31zxVki8AYQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
news.google.com
:scheme
https
:path
/swg/_/ui/v1/serviceiframe?_=451556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.nytimes.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 06 Jul 2021 20:04:37 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-VFuFII5LVwV31zxVki8AYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-VFuFII5LVwV31zxVki8AYQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=218=UVZj5MVDWm_5GXbU4jqbDnrKY8GKtvKDhhKQspxX7a9gvdt012w-CM5HH_bTcGYT0Sl_hz8pl0LbYP-d4f2r0BjQyBR1If6SbPAjxIrvDOtonNcZzJdCi_pXy0Ea4O02lPqqul-0XGOKhyTZX6v7aVGwgFBtjS_lG8jx5m_2zO0; expires=Wed, 05-Jan-2022 20:04:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jul 2021 20:07:32 GMT
purr-cache
purr.nytimes.com/v1/
0
0
Fetch
General
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-386ed2c96b299c361f2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:37 GMT
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
6f75e9262570b5ca15ac409024ed701b
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Tue, 06 Jul 2021 20:04:37 GMT
data-layer
a.nytimes.com/svc/nyt/
1 KB
1 KB
XHR
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo&jkcb=1625601877661
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-386ed2c96b299c361f2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
19ac670ef4375b83f4b7d03a2d10a7b40851fe64ce6d506e1b4f4677e0de59b3

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
b944d59bc25e3e80db5711ad0225beda
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
535
expires
Tue, 06 Jul 2021 20:04:37 GMT
entitlements
news.google.com/swg/_/api/v1/publication/nytimes.com/
2 B
56 B
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
tags.js
dd.nytimes.com/
228 KB
35 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8200:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
76f3aa311c8e3348171a018b54136b09f6e260e84179387fd17c6154e1a06aff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
etag
"391f1-5c5d3473b5feb-gzip"
age
2911
x-cache
Hit from cloudfront
content-length
34905
access-control-allow-origin
*
last-modified
Mon, 28 Jun 2021 13:15:07 GMT
server
Apache
date
Tue, 06 Jul 2021 19:16:06 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ImfLOmQTpXCYyhh5Vze4iNzRB1QEZMSwZdiAwrl6VX2qz5LgOP-u4w==
expires
Tue, 06 Jul 2021 20:16:06 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
defaultSiteIndexData-f255e99b599c59b9d819.js
www.nytimes.com/vi-assets/static-assets/
4 KB
2 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/defaultSiteIndexData-f255e99b599c59b9d819.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
430e9b0cc626c2cfa48bd948a59ef33a97165b4879b070a906ad79f7f4b30a04
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

:path
/vi-assets/static-assets/defaultSiteIndexData-f255e99b599c59b9d819.js
pragma
no-cache
cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DE; purr-cache=<K0<r<C_<G_<S0; edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; nyt-jkidd=uid=0&lastRequest=1625601877744&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nytimes.com
referer
https://www.nytimes.com/1984/01/02/business/british-mo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nytimes.com/1984/01/02/business/british-mo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=i9aSBw== md5=re60SH/us1zefbRBllB4HQ==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
x-api-version
F-X
age
449224
x-guploader-uploadid
ADPycdu6QvjCiSAMLMm4jqe3QTy-Z6490Q6WDsQ6BFTMcYT5dIOtO5L6vQ5_AiA-clpLn-JhcQlmKxvYKdBty97qbkZiM58Fbg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-07-01 15:17:33 UTC
content-length
1376
x-served-by
cache-fra19180-FRA
last-modified
Thu, 01 Jul 2021 15:16:08 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1625601878.938889,VS0,VE1
etag
"adeeb4487feeb35cde7db4419650781d"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/defaultSiteIndexData-f255e99b599c59b9d819.js
x-goog-generation
1625152568045049
expires
Fri, 01 Jul 2022 15:17:33 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
3865
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie
nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:37 GMT; Path=/; Domain=.nytimes.com
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3082
swg-button.css
news.google.com/swg/js/v1/ Frame 5CCC
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=451556
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2972ab4e6f23916a402bb8b39984e6a1f80b9650c4889fabbf9b94e8cbe9184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
last-modified
Wed, 26 May 2021 22:02:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jul 2021 20:20:09 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Mg... Frame 5CCC
152 KB
53 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=451556
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d41fc2e46da0414d7d5b516346e05ec35f03d3124192ee331c850f0b7f5dfdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54658
x-xss-protection
0
last-modified
Mon, 05 Jul 2021 21:01:10 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 19:08:17 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
2332
date
Tue, 06 Jul 2021 19:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 06 Jul 2021 21:25:45 GMT
activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-...
5290727.fls.doubleclick.net/ Frame 18AC
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhN...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6...
653 B
458 B
Document
General
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
f7d8b132b2f4737617a143c4ffa66fa46bb14f2ab78a3a6f528925e87d7142b4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5290727.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl3vv02mW-QpKOKhK16zUdQtZQFZw6CmRL7XiNUBmoC6dhq9_RecDGvj0Lm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jul 2021 20:04:38 GMT
expires
Tue, 06 Jul 2021 20:04:38 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
435
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jul 2021 20:04:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:21:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
2558
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
O0TX_EOTsC-ba_OWNtDeyc1OVZhH2vpPFC3wuFLlhJUwwrAdA0lFCA==
expires
Tue, 06 Jul 2021 21:21:59 GMT
show-ads.js
a1.nyt.com/analytics/
45 B
714 B
Script
General
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date
Tue, 06 Jul 2021 20:04:37 GMT
content-encoding
gzip
content-type
application/javascript
age
72773
x-guploader-uploadid
ABg5-Uwgf45CIUJuSzefKrpbBr6eFgLPoGO6IZWBLSgRRPlpg-k8o7-Q03oLTdFGfrPhfKxqg12sXMT0148wwmuNc7Dki57aag
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
65
via
1.1 varnish
x-served-by
cache-fra19147-FRA
accept-ranges
bytes
expires
Thu, 01 Jul 2021 23:51:39 GMT
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1625601878.980522,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1608239975905841
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
45
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
709
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
activityi;register_conversion=1;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u1...
5290727.fls.doubleclick.net/
0
0
Image
General
Full URL
https://5290727.fls.doubleclick.net/activityi;register_conversion=1;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo?
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
insight.adsrvr.org/track/pxl/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=361664763
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.189.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
dd.nytimes.com/js/
210 B
543 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8200:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DataDome /
Resource Hash
2ad524ec77b58ec36cda720d6ed1a4562b9e9a972afb5b9d439726f4a586bf0d

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:38 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
server
DataDome
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
210
x-amz-cf-id
X482ZPPMesLUCXi7UgOmxeQyT7bj5YTzP08OTy1pZccc-QiiQId7MQ==
expires
0
siteIndexContent-598baf6a8b7014842a09.js
www.nytimes.com/vi-assets/static-assets/
15 KB
6 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/siteIndexContent-598baf6a8b7014842a09.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ddad13f245788245fbe393b0793b06714e9169eb3464f405dd7c47366381d305
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

:path
/vi-assets/static-assets/siteIndexContent-598baf6a8b7014842a09.js
pragma
no-cache
cookie
nyt-a=U_UNgSmg4jwRQX12lZhNE-; datadome=Ch4Ze.J0-6EV_jfCR.zIrUlB-RNIUpwXtARBdBolcmlP1gh-zI_lYUW7KiK83CF3OqvS79TUkJ7ZVOkfQ1BZEH~9h56cN5RvRQoiQWuV95; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=DE; purr-cache=<K0<r<C_<G_<S0; edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; nyt-jkidd=uid=0&lastRequest=1625601877744&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; _gcl_au=1.1.536110298.1625601878
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nytimes.com
referer
https://www.nytimes.com/1984/01/02/business/british-mo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nytimes.com/1984/01/02/business/british-mo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=dOmDvw== md5=h6tHMD+ycWU/jWhCJNrdTg==
date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
gzip
x-api-version
F-X
age
485093
x-guploader-uploadid
ADPycdt0nmjXCLjqcBT2hZ67GGGf4RYxgc7_YHwrnpSqz2nnACOfcM_n-wYKvwYUoRnendc6Jrf2CfwUnX0pKa8lIXz4VMbqRg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-07-01 05:19:45 UTC
content-length
5126
x-served-by
cache-fra19180-FRA
last-modified
Wed, 30 Jun 2021 21:33:39 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1625601878.009906,VS0,VE1
etag
"87ab47303fb271653f8d684224dadd4e"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/siteIndexContent-598baf6a8b7014842a09.js
x-goog-generation
1625088819118578
expires
Fri, 01 Jul 2022 05:19:45 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
15836
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie
nyt-gdpr=1; Expires=Wed, 07 Jul 2021 02:04:38 GMT; Path=/; Domain=.nytimes.com
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2612
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 5CCC
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=451556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://news.google.com
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:26:54 GMT
x-content-type-options
nosniff
age
49064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21464
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:42:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:26:54 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L... Frame 5CCC
36 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI636e4_iZYoLM98HD5juqFJ0hVkAw/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7639ee0378d5826b8f968e779a99bf4fdddd90cb06e015f1e0b76b87d5dc8d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13398
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 00:02:12 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 19:20:16 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=344142146&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo&dr=&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1423880833&gjid=44553094&cid=897928311.1625601878&tid=UA-58630905-2&_gid=5708616.1625601878&_r=1&gtm=2wg6u0P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo&cd2=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo&cd3=&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd21=NotFound&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd63=U_UNgSmg4jwRQX12lZhNE-&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=U_UNgSmg4jwRQX12lZhNE-&z=288773748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L... Frame 5CCC
95 KB
32 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI636e4_iZYoLM98HD5juqFJ0hVkAw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8077bb1434547038a65ab734a141c49464f803a1f540769ed64c7c902f04ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33157
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 00:02:12 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 19:20:16 GMT
ping
pnytimes.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo&u=Dc7vWLDs_JdUBlMX8m&d=nytimes.com&g=16698&g0=business_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1213&t=CsxPSOuB6-qDM2uYEBAL_txCzy7tP&V=126&i=Not%20Found%20-%20The%20New%20York%20Times&tz=-120&_acct=anon&sn=1&sv=dUJhZBmG1f3CA5hIDBV8aCBd90Dw&sd=1&im=06070403&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.115.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-115-51.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:38 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 5CCC
265 B
229 B
XHR
General
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=412020778160839957&bl=boq_subscribewithgoogleclientserver_20210705.10_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=79479&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3bfb79537cbe95c8c127f8e629812ab53b586fb303bec35e5d0471eb6918454
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=*;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined...
adservice.google.com/ddm/fls/z/ Frame 18AC
42 B
515 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=*;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLGg8POez_ECFQKkUQodi1ELYA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9362917234708;gtm=2wg6u0;auiddc=536110298.1625601878;u4=;u5=undefined;u6=undefined;u7=U_UNgSmg4jwRQX12lZhNE-;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5290727.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L... Frame 5CCC
46 KB
17 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L.B1.O/am=AoA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI636e4_iZYoLM98HD5juqFJ0hVkAw/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff81b528bcbd8d369744bc8d66d1f8ee0e67b338b3e4abbf7e2fa43621115497
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17708
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 00:02:12 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 19:20:16 GMT
m=lwddkf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L... Frame 5CCC
236 B
184 B
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L.B1.O/am=AoA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI636e4_iZYoLM98HD5juqFJ0hVkAw/m=lwddkf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 00:02:12 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 19:20:16 GMT
m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L... Frame 5CCC
781 B
458 B
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.JqBhtBrKrnM.L.B1.O/am=AoA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI636e4_iZYoLM98HD5juqFJ0hVkAw/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3abebf76c93d0922741537d9de6f439b8fa60700476d1d25885b589c1df97daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
434
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 00:02:12 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 19:20:16 GMT
config.json
c.go-mpulse.net/api/
8 KB
2 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=www.nytimes.com&t=5418673&v=1.720.0&sl=0&si=311c5f64-b27f-4872-8a49-3a493124e863-qvuafp&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bfaa12674398dae31d03f34fb580828895c8f6df71e987cc8325b985d073a657

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 20:04:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1905
log
play.google.com/ Frame 5CCC
131 B
313 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 06 Jul 2021 20:04:38 GMT
log
play.google.com/ Frame 5CCC
131 B
154 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 06 Jul 2021 20:04:38 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 06 Jul 2021 20:04:38 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Jul 2021 20:04:38 GMT
cache-control
private
log
play.google.com/ Frame 5CCC
131 B
154 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 06 Jul 2021 20:04:38 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 06 Jul 2021 20:04:38 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Jul 2021 20:04:38 GMT
cache-control
private
log
play.google.com/ Frame 5CCC
131 B
154 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XExcT_t3ZCY.es5.O/am=AoA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5MgU0wzppJl8wWS_m_GEfiXdhHrQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 06 Jul 2021 20:04:38 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 06 Jul 2021 20:04:38 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Jul 2021 20:04:38 GMT
cache-control
private
loader.js
platform.iteratehq.com/
2 KB
1 KB
Script
General
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad6a2c6327b363805a6dfe45d137d25ca0e1068cdd9fee28e8039a795934ab9

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
548
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
0TY67YJHJ4SJEXWD
x-amz-id-2
id6i2PsUuGyXpvWQBhJvFRDw/Uv1ot2NCGEr93tC0HY6YPl73A0cK/FCSJjzbw+7JV6NEjkULOY=
last-modified
Thu, 01 Jul 2021 16:36:16 GMT
server
cloudflare
etag
W/"e219fae8802fbe6f6c32fec89223008c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B1f4VLhnMmBQWLpC21ROJpCapkbRE2zCmsGYxQeKT6zAkw0V2FI%2BsD1%2BqkoOERVi2RPrwllA0KR61A7RPeXF9PwXZYmudFAqExmcNilU%2Bob%2BYYib1gZdNGW4loryQQrxoERhO5a9HzjkuY2avfsG9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
66ab717c0c524ece-FRA
/
6852bd0a.akstat.io/
0
202 B
Ping
General
Full URL
https://6852bd0a.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:38 GMT
content-type
image/gif
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 06 Jul 2021 20:04:38 GMT
sdk-prod-0672427f7f8ecd8e02af.js
platform.iteratehq.com/
881 KB
239 KB
Script
General
Full URL
https://platform.iteratehq.com/sdk-prod-0672427f7f8ecd8e02af.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c33483890eb92612df6a05d4cec79e18f5fbc981fdae03da8a08086d6c1d32c

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
444405
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
61R2T48MAMEKETAM
x-amz-id-2
Q+Ve2IG2N398jMrYw0i6LagaV4KLHEuClgfIZe0Z1rCN25Nn6k/WDUYlzl+ie8Ee+7AYyFjh90Y=
last-modified
Thu, 01 Jul 2021 16:36:10 GMT
server
cloudflare
etag
W/"d7243846d72cf111bd6f4a9b924cd72a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zake88UB9d1bzU6WXQOfcqVBFL7aSlGtIP%2BP1uipSqiTX80OPaj6x0GIq93gTtxCe7ZZzhGUsmrV4hNwcKhJYHRDi0c4GURyNGYXVgJOKJ9lrND8v6VQScO0YLDE87e1X6kVcGB3t3kiA%2B1sUcOh2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
66ab717c3d484e56-FRA
style-49e408b8c1e44beafa1b.css
platform.iteratehq.com/
145 KB
12 KB
Stylesheet
General
Full URL
https://platform.iteratehq.com/style-49e408b8c1e44beafa1b.css
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9155175
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
FS8Y3QFKEWCAR432
x-amz-id-2
zuPrV/sxaKvRGft7FRGAaA+c7tjWDeGnX7Sc8f7EcyMAXbebjwfQDXjINrquIBhcIpb6Ah6Yd1o=
last-modified
Wed, 10 Mar 2021 16:57:40 GMT
server
cloudflare
etag
W/"03c7fa2d3d6a28098dd43eb9b903eced"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9YuwN3ds93VOipllsAGPEceTUA5eTXFooD2lVtaJZ%2B0CA9%2B8m8UOgAjlRl8GqACd1JYX4hRqA%2Bdi2wl9dWT8OladULxiiQM2WFgmgDOzS9wb6OE%2FxGWtagIr7Jo%2B3QXWftaNExB7BEgR4JJj6jDbaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
66ab717c3d444e56-FRA
embed
iteratehq.com/api/v1/surveys/
298 B
952 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-0672427f7f8ecd8e02af.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f38d21c48ed1f86f648c41b4047a958bc42c86cac4255b52075d9bff6e13789

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.nytimes.com/
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type
application/json

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cTp5vZEbGAvJUGetWfcnvBQFmKyK2Mel3W1FY5aBBlEgUUV1m4cnhfyJnGFz42ub%2Bry%2FRa4rBwn5A%2B8sAppYBNM6h4el7yFRe6gWIQZfc%2FFe8Wninp0%2BGi33WpRyjdusdbdgTV8g7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
66ab717e7ef2073e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 06 Jul 2021 20:04:38 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
cache-control
no-cache="set-cookie"
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dzjDSxSWA0o9PoXYsrV%2B9PaWDcVq9dNturRJYLGTxrCOFyB2tnfNKQgoY8Xc7xfLH3tgrQKveVKd813IJh3MGmnujp73SLbo4izMfPmAFGap8%2BW%2FzCb6NwM60miGQpObiqWlAcS2YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66ab717d79ca64df-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
results.txt
t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pd0h5fsav
  • https://t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 20:04:39 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Tue, 06 Jul 2021 20:04:39 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pd0h5fsav
  • https://fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Jul 2021 20:04:38 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net/eum/results.txt
Date
Tue, 06 Jul 2021 20:04:38 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/1984/01/02/business/british-mo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
ping
pnytimes.chartbeat.net/
43 B
200 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F1984%2F01%2F02%2Fbusiness%2Fbritish-mo&u=Dc7vWLDs_JdUBlMX8m&d=nytimes.com&g=16698&g0=business_desk&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1213&t=CsxPSOuB6-qDM2uYEBAL_txCzy7tP&V=126&tz=-120&_acct=anon&sn=2&sv=dUJhZBmG1f3CA5hIDBV8aCBd90Dw&sd=1&im=06070403&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.115.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-115-51.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 20:04:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| event object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| marks object| observer number| viHeadScriptSize object| NYTD object| vi object| BOOMR function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge boolean| SwGEntitlement function| onInitNativeAds object| webpackJsonp object| AdSlot4 object| AdSlot object| __preloadedData object| UrlCache object| SUBSCRIPTIONS object| SWG function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ boolean| NYT_VI_RENDERED boolean| initialDeviceTypeResizeCallback object| google_tag_manager object| nytAnalytics string| ddjskey object| ddoptions object| _0x285d function| _0x7ab4 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| ddAnalyzerData boolean| notprod object| google_tag_data string| GoogleAnalyticsObject function| ga object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType object| params boolean| adBlockDetected object| gaplugins object| gaGlobal object| gaData object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| _bmrEvents number| BOOMR_onload function| setImmediate function| clearImmediate undefined| Raven object| iterateprovider

21 Cookies

Domain/Path Name / Value
www.nytimes.com/ Name: _cb
Value: Dc7vWLDs_JdUBlMX8m
.nytimes.com/ Name: RT
Value: "z=1&dm=nytimes.com&si=6a191097-1e8b-4e51-b8d1-a531f924038a&ss=kqshdvur&sl=1&tt=169&bcn=%2F%2F6852bd0a.akstat.io%2F&ld=16f"
www.nytimes.com/ Name: _cb_ls
Value: 1
.google.com/ Name: NID
Value: 218=UVZj5MVDWm_5GXbU4jqbDnrKY8GKtvKDhhKQspxX7a9gvdt012w-CM5HH_bTcGYT0Sl_hz8pl0LbYP-d4f2r0BjQyBR1If6SbPAjxIrvDOtonNcZzJdCi_pXy0Ea4O02lPqqul-0XGOKhyTZX6v7aVGwgFBtjS_lG8jx5m_2zO0
.nytimes.com/ Name: _gat_UA-58630905-2
Value: 1
.nytimes.com/ Name: walley_gid
Value: GA1.2.5708616.1625601878
.nytimes.com/ Name: _gcl_au
Value: 1.1.536110298.1625601878
www.nytimes.com/ Name: _chartbeat2
Value: .1625601878071.1625601878071.1.dUJhZBmG1f3CA5hIDBV8aCBd90Dw.1
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1625601877744&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
www.nytimes.com/ Name: _cb_svref
Value: null
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: datadome
Value: 43OTE~c45fmCXTd3Pz9pKRltoT-iOMroG4rQn~6cWUQ4GFi38372~YUan12z91L.2DHTG0mr5khNkM7aJXhOV~l_seLxgTNFMph72FQQLM
.nytimes.com/ Name: nyt-geo
Value: DE
.nytimes.com/ Name: nyt-a
Value: U_UNgSmg4jwRQX12lZhNE-
.nytimes.com/ Name: nyt-us
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUl3vv02mW-QpKOKhK16zUdQtZQFZw6CmRL7XiNUBmoC6dhq9_RecDGvj0Lm
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0
.nytimes.com/ Name: walley
Value: GA1.2.897928311.1625601878
.nytimes.com/ Name: nyt-purr
Value: cfhspnahhud
.nytimes.com/ Name: nyt-gdpr
Value: 1

6 Console Messages

Source Level URL
Text
console-api log URL: https://news.google.com/swg/js/v1/swg.js(Line 10)
Message:
Subscriptions Runtime: 0.1.22.172
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-386ed2c96b299c361f2c.js(Line 33)
Message:
<!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api warning (Line 2)
Message:
et2 snippet should only load once per page
console-api warning URL: https://news.google.com/swg/js/v1/swg.js(Line 10)
Message:
SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api warning URL: https://news.google.com/swg/js/v1/swg.js(Line 10)
Message:
SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-386ed2c96b299c361f2c.js(Line 51)
Message:
Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
6852bd0a.akstat.io
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
c.go-mpulse.net
dd.nytimes.com
fiaqj6absjkbikqce3ygyaaaabqojn2w-pd0h5f-8c4e7e3c6-clienttons-s.akamaihd.net
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
news.google.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
static.chartbeat.com
t4ydkniccc5cqyhew5lq-pd0h5f-f919da380-clientnsv4-s.akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
151.101.13.164
151.101.193.164
172.217.16.134
2.16.186.40
2600:9000:20eb:2600:18:1fcd:34f:cdc1
2600:9000:2156:8200:a:a8c5:a040:93a1
2606:4700:3032::ac43:c7c7
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:808::2013
2a00:1450:4001:809::2013
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
2a00:1450:4001:830::2003
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
3.216.115.51
52.213.189.245
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
19ac670ef4375b83f4b7d03a2d10a7b40851fe64ce6d506e1b4f4677e0de59b3
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1ad6a2c6327b363805a6dfe45d137d25ca0e1068cdd9fee28e8039a795934ab9
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
25cfea4372d8e7f8b685d2f4321a3243c761bd5459ddc042475d52c22d763d1e
2ad524ec77b58ec36cda720d6ed1a4562b9e9a972afb5b9d439726f4a586bf0d
35f37e86ea3104da672afbf76335208ea038c447a5ddb58d0442f942c302c969
3abebf76c93d0922741537d9de6f439b8fa60700476d1d25885b589c1df97daf
430e9b0cc626c2cfa48bd948a59ef33a97165b4879b070a906ad79f7f4b30a04
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c33483890eb92612df6a05d4cec79e18f5fbc981fdae03da8a08086d6c1d32c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5a8077bb1434547038a65ab734a141c49464f803a1f540769ed64c7c902f04ea
5fd1d2d5757099c5742b541105734a1d086cc8ab4b8d21a080e2bedff2c36c60
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7639ee0378d5826b8f968e779a99bf4fdddd90cb06e015f1e0b76b87d5dc8d28
76f3aa311c8e3348171a018b54136b09f6e260e84179387fd17c6154e1a06aff
7f38d21c48ed1f86f648c41b4047a958bc42c86cac4255b52075d9bff6e13789
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94b99c25e9b1b049c3a55d433c57990af143bcb4eeaf2087f5f7f9310c64d2c2
98e89c31495f8dfbdf440d3afcfbe080cdf7732f9951d7655218c1b13eb92a79
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bfaa12674398dae31d03f34fb580828895c8f6df71e987cc8325b985d073a657
c2972ab4e6f23916a402bb8b39984e6a1f80b9650c4889fabbf9b94e8cbe9184
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d7f57f9d7b90642a253f476bf9ff51658466c0bb60b40af146ffaa68278211
d3bfb79537cbe95c8c127f8e629812ab53b586fb303bec35e5d0471eb6918454
d41fc2e46da0414d7d5b516346e05ec35f03d3124192ee331c850f0b7f5dfdfc
ddad13f245788245fbe393b0793b06714e9169eb3464f405dd7c47366381d305
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ee2616f9c5bdb1401a516c32f329495644e67bc302366e32b0920631c4119963
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7d8b132b2f4737617a143c4ffa66fa46bb14f2ab78a3a6f528925e87d7142b4
ff81b528bcbd8d369744bc8d66d1f8ee0e67b338b3e4abbf7e2fa43621115497