www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thedispatch.acemlna.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754
Effective URL:
https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=...
Submission: On May 15 via api (May 15th 2024, 6:39:48 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 14 domains to perform 100 HTTP transactions. The main IP is 151.101.1.164, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3670.
TLS certificate: Issued by Thawte RSA CA 2018 on March 27th 2024. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.235.205.181 54.235.205.181	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6811:cb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	13.33.218.24 13.33.218.24	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
20	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
15	52.70.193.103 52.70.193.103	14618 (AMAZON-AES) (AMAZON-AES)
1	3.160.150.23 3.160.150.23	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	13.32.27.78 13.32.27.78	16509 (AMAZON-02) (AMAZON-02)
4	13.35.58.35 13.35.58.35	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2646:4800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.80.129.100 54.80.129.100	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:310... 2a02:26f0:3100:795::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:981::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
100	20

1 54.235.205.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-205-181.compute-1.amazonaws.com

thedispatch.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cb1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thedispatch.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.1.164 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.218.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-218-24.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.65.164 (San Francisco, United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.70.193.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-193-103.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-23.fra60.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.164 (San Francisco, United States)

ASN54113 (FASTLY, US)

static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.58.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-35.fra60.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:4800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.129.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-129-100.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:981::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 3670 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 5341 a.et.nytimes.com — Cisco Umbrella Rank: 4963 als-svc.nytimes.com — Cisco Umbrella Rank: 6524 myaccount.nytimes.com — Cisco Umbrella Rank: 8314 purr.nytimes.com — Cisco Umbrella Rank: 6032 dd.nytimes.com — Cisco Umbrella Rank: 7145 a.nytimes.com — Cisco Umbrella Rank: 5592 csp.nytimes.com — Cisco Umbrella Rank: 25508	2 MB
20	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9194 static01.nyt.com — Cisco Umbrella Rank: 5829 a1.nyt.com — Cisco Umbrella Rank: 6559 typeface.nyt.com — Cisco Umbrella Rank: 24886	413 KB
7	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 5842 iteratehq.com — Cisco Umbrella Rank: 5078	29 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	191 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2615 launchpad.privacymanager.io — Cisco Umbrella Rank: 2008 geo.privacymanager.io — Cisco Umbrella Rank: 1924	45 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 647	51 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 6116	202 B
1	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 2277	3 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1718	24 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	132 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1427	50 KB
1	activehosted.com 1 redirects thedispatch.activehosted.com — Cisco Umbrella Rank: 478946	976 B
1	acemlna.com 1 redirects thedispatch.acemlna.com — Cisco Umbrella Rank: 455043	173 B
0	akamaihd.net Failed trial-eum-clientnsv4-s.akamaihd.net Failed trial-eum-clienttons-s.akamaihd.net Failed
100	14

	Domain	Requested by
13	www.nytimes.com	www.nytimes.com www.datadoghq-browser-agent.com
9	a.et.nytimes.com	www.nytimes.com www.datadoghq-browser-agent.com myaccount.nytimes.com
9	samizdat-graphql.nytimes.com	www.nytimes.com www.datadoghq-browser-agent.com
9	g1.nyt.com	www.nytimes.com g1.nyt.com
8	static01.nyt.com	www.nytimes.com www.datadoghq-browser-agent.com
5	iteratehq.com	www.datadoghq-browser-agent.com
5	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
4	csp.nytimes.com	dd.nytimes.com s.go-mpulse.net
4	dd.nytimes.com	www.nytimes.com www.datadoghq-browser-agent.com myaccount.nytimes.com dd.nytimes.com
4	pagead2.googlesyndication.com	www.nytimes.com pagead2.googlesyndication.com www.datadoghq-browser-agent.com
3	purr.nytimes.com	static01.nyt.com www.datadoghq-browser-agent.com
2	typeface.nyt.com	myaccount.nytimes.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	geo.privacymanager.io	www.datadoghq-browser-agent.com
2	a.nytimes.com	www.nytimes.com myaccount.nytimes.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	myaccount.nytimes.com
1	pnytimes.chartbeat.net
1	cdn.brandmetrics.com	www.googletagmanager.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com	pagead2.googlesyndication.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	launchpad-wrapper.privacymanager.io	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	www.datadoghq-browser-agent.com	www.nytimes.com
1	thedispatch.activehosted.com	1 redirects
1	thedispatch.acemlna.com	1 redirects
0	trial-eum-clienttons-s.akamaihd.net Failed	s.go-mpulse.net
0	trial-eum-clientnsv4-s.akamaihd.net Failed	s.go-mpulse.net
100	32

This site contains links to these domains. Also see Links.

Domain
help.nytimes.com
6sense.com
we-are-adot.com
www.adventori.com
corp.aarki.com
privacy.acuityads.com
adelement.com
samsungads.ca
adkernel.com
help.adspirit.de
adtheorent.com
myaccount.nytimes.com
www.nytco.com
advertising.nytimes.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2024-03-27` - `2025-03-13`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
a.et.nytimes.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
als-svc.nytimes.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
purr.nytimes.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
dd.nytimes.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
a.nytimes.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
iteratehq.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Frame ID: 1C157EB3C4DEF7D70581538F3A735FD5
Requests: 71 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 92662DF3123A530B08A4F67B2BF2B877
Requests: 2 HTTP requests in this frame

Frame: https://static01.nyt.com/ads/tpc-check.html
Frame ID: E5C873FE5ECF6A6AD5D40DB818F1546A
Requests: 1 HTTP requests in this frame

Frame: https://8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3DF539402321DDE26279A1CCA47F4CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A103B137238D907E0DCE75ACA07AA26D
Requests: 1 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: C05BEBC4FC802C64BE89C969A11B6423
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

At Donor Retreat, Trump Calls Biden Administration the ‘Gestapo’ - The New York Times

Page URL History Show full URLs

https://thedispatch.acemlna.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754 HTTP 307
https://thedispatch.activehosted.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754 HTTP 302
https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_mediu... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

100
Requests

95 %
HTTPS

43 %
IPv6

14
Domains

32
Subdomains

20
IPs

2
Countries

2974 kB
Transfer

11104 kB
Size

25
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://help.nytimes.com/hc/en-us/articles/10940941449492
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://6sense.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://we-are-adot.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.adventori.com/fr/rgpd/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://corp.aarki.com/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://privacy.acuityads.com/corporate-privacy-policy.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://adelement.com/privacy-policy.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://adelement.com/privacy-policy.html#legal-basis-processing
Title: Legitimate interest disclosure

Search URL Search Domain Scan URL

URL: https://samsungads.ca/en/privacy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://samsungads.ca/en/privacy/english-eu/#legal
Title: Legitimate interest disclosure

Search URL Search Domain Scan URL

URL: https://adkernel.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://help.adspirit.de/privacy.php
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://adtheorent.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2024 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://advertising.nytimes.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thedispatch.acemlna.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754 HTTP 307
https://thedispatch.activehosted.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754 HTTP 302
https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request trump-donors.html Show response
www.nytimes.com/2024/05/04/us/politics/
Redirect Chain

https://thedispatch.acemlna.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754
https://thedispatch.activehosted.com/lt.php?s=233d0caf72716b07414f708ccb25c1d5&i=2943A3374A10A107754
https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%2...

234 KB
78 KB

588ms
563ms

Document
text/html

151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f4384b8a8833aa13e41ced353ee67bf63069cbc83fdf253f33c57a9df2927750

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
age: 0
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 77530
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 18:39:42 GMT
fastly-restarts: 1
last-modified: Wed, 15 May 2024 18:39:42 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2024/05/04/us/politics/trump-donors.html
permissions-policy: browsing-topics=()
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: a0f362731a764769a9a9351f887f3aad
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1715798382.017957,VS0,VE9
x-envoy-decorator-operation: vi.nyt.net:443/*
x-envoy-upstream-service-time: 395
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-map: webview=false,preloaded=false
x-nyt-app-webview: 0
x-nyt-data-last-modified: Wed, 15 May 2024 18:39:42 GMT
x-nyt-edge-cache: MISS-MISS
x-nyt-mktg-group: group4
x-nyt-route: vi-story
x-origin-time: 2024-05-15 18:39:42 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2024-05-06T02:49:01.170Z
x-served-by: cache-lga21940-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798382.017957,VS0,VE555
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8845408dbb099104-FRA
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 18:39:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
x-request-id: 18efd7c0bc66973b2dfb599d153d1ffe
x-robots-tag: noindex

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 15ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 29 Nov 2024 03:50:04 GMT
date: Wed, 15 May 2024 18:39:42 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1152725
x-guploader-uploadid: ABPtcPrAkwTNcxAfr9X3R9Bq-HrXbr9bplto1StnldS93gIG3dx0umXgG00mbYuZ83AQn6WDAZc2hiNlGQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-fra-etou8220101-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1715798383.594312,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4841

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 8ms
8ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: R9YN3D3HMW01CD2Z
age: 2588938
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-04-01 18:36:16 UTC
x-served-by: cache-lga21963-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.586593,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
content-type: text/css
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 99324, 4495
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: xTyZFwmPR7CyF6esl8QAukp8QGG9DgVo
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 1968
x-amz-id-2: ow85rzKff+cHnTsUlldzb+Fkmj1KnxPZcNG7FhKtmxXzhIGoiqwHUFWGeK9pu1K2gXa5scRv+JO25uC5+MRoSETXjpUgJQtPSb6+AqwlmPU=
last-modified: Mon, 11 Mar 2024 20:03:25 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 adslot-6832c1952ccf59e7d305.js Show response
www.nytimes.com/vi-assets/static-assets/ 24 KB
9 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-6832c1952ccf59e7d305.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebcca56f95f0a1d4479ef481e3626eba7e48a9aa2817c3ca4ee9169b49caf082

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: 59SC6Q5TNJ2FCNME
age: 90414
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-14 17:33:13 UTC
x-served-by: cache-lga21951-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.620160,VS0,VE1
etag: "a5676f86d08a2503ddac820eaad3d639"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-6832c1952ccf59e7d305.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 18, 871
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: pjXPUYWRRRPF8Oxs28V8bXcOMoyYp0Zc
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 8408
x-amz-id-2: 2DcENcS4jaDPEt1naDVfTirArtgaAaUH0TH+WKr+EtnbMoNINdN7ubbl9rXnf2Xzv4IWKg78AfI=
last-modified: Tue, 14 May 2024 17:30:35 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v5/ 158 KB
50 KB 48ms
7ms Script
application/javascript 13.33.218.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.218.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-218-24.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 883a684beb5c962132102b07ec2ffbc0900807be0babba8e988a5a3067c63925

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:10 GMT
content-encoding: br
via: 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 11:32:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 35
x-amz-server-side-encryption: AES256
etag: W/"6403f991560738107f38a499843fbedb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: SkZIJlBrd9NK3UQaGJPhFik5q41-zQMKdot_Ke1EUqj6QXo6Q-6wvA==

GET
H2 200 OakArticle-663677af-wfqh-jumbo.jpg
static01.nyt.com/images/2024/05/04/multimedia/OakArticle-663677af-wfqh/ 26 KB
26 KB 11ms
11ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/05/04/multimedia/OakArticle-663677af-wfqh/OakArticle-663677af-wfqh-jumbo.jpg?quality=75&auto=webp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

615c0f84874dba23a3186e558aa11a09e8789490f4b1f589735ffbf3bd38a1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 04 May 2024 19:10:30 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010216
age: 341365
x-guploader-uploadid: ABPtcPrLuUNTEwF0sohZk_vTwy7V4lDmni47QhTM6PxWpGqFfZo-Gm7aQabsWusUqBFGf-Ij5ds
x-cache: HIT, HIT
fastly-io-info: ifsz=86944 idim=1024x683 ifmt=jpeg ofsz=26246 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 26246
x-served-by: cache-iad-kjyo7100087-IAD, cache-fra-etou8220101-FRA
server: UploadServer
x-timer: S1715798383.600645,VS0,VE1
etag: "2hs92jcgUTmzux6i+Gyd8JqTkhA1YRvQfu8P/1ZXwZk"
vary: Accept
x-goog-generation: 1714849758774468
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=voROgA==, md5=MOG4TXKbldVXb6BGHkW1Tw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 86944
x-amz-checksum-crc32c: voROgA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24, 0

GET
H2 200 author-maggie-haberman-thumbLarge-v2.png
static01.nyt.com/images/2018/07/12/multimedia/author-maggie-haberman/ 27 KB
28 KB 9ms
9ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/07/12/multimedia/author-maggie-haberman/author-maggie-haberman-thumbLarge-v2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fc0cce63d0711ae3680fd749322ecf344c3413f8d5a5cdc80adeb59e04b64b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Jan 2024 19:36:08 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 382612
x-guploader-uploadid: ABPtcPrKCVx9nS-fkIDNtypk53zaojdNYdHAq_jLR6PmjPZW1Fiz3ZceUwoIfSKY4N6o3stHL94
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 27761
x-served-by: cache-iad-kiad7000119-IAD, cache-fra-etou8220101-FRA
last-modified: Tue, 16 Jan 2024 19:35:50 GMT
server: UploadServer
x-timer: S1715798383.600585,VS0,VE0
etag: "7131bc2edaf8e1866cb9b98c017a10b2"
x-goog-generation: 1705433750315705
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=rDTAXw==, md5=cTG8Ltr44YZsubmMAXoQsg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 27761
x-amz-checksum-crc32c: rDTAXw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 429

GET
H2 200 author-shane-goldmacher-thumbLarge.png
static01.nyt.com/images/2018/07/27/multimedia/author-shane-goldmacher/ 22 KB
22 KB 7ms
7ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/07/27/multimedia/author-shane-goldmacher/author-shane-goldmacher-thumbLarge.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1c6f0e14f413da84c37b8ea3f86bb298751f4452594e18dceb82e6910f640b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 05 Sep 2023 07:36:06 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 184669
x-guploader-uploadid: ADPycdvW8ekl78lD70L_KVxHRvo5EsqDvIk6cOrdPUG-HFqs9_K2n7GQdSP6FYb4orKu2WMaoaCaLbmjWyasatZlZ4vV
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 22151
x-served-by: cache-iad-kcgs7200101-IAD, cache-fra-etou8220101-FRA
last-modified: Fri, 27 Jul 2018 21:23:19 GMT
server: UploadServer
x-timer: S1715798383.610154,VS0,VE0
etag: "b18436fc7e21f5b431942f96664554ed"
x-goog-generation: 1532726599332037
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=H3YGqA==, md5=sYQ2/H4h9bQxlC+WZkVU7Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 22151
x-amz-checksum-crc32c: H3YGqA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15458, 87

GET
H2 200 vendor-7c2097fe0266d898a1c1.js Show response
www.nytimes.com/vi-assets/static-assets/ 478 KB
126 KB 12ms
11ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-7c2097fe0266d898a1c1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ef3d4d03a9389fd501267e6cf9a159884387333db0a78a2af702a09bbaf159a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: CEMSFDQ26WTG0DRD
age: 1213897
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-01 17:28:15 UTC
x-served-by: cache-lga21954-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.620156,VS0,VE1
etag: "7d36930caf5207737e09beb9ed28889f"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-7c2097fe0266d898a1c1.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 3, 9
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: CNknkY3PZwhmXvOj0k_gSrv2.Qr40eCe
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 128100
x-amz-id-2: 6WbfcP6pVd5Bh/hI4Ens5o15uEQh4sYmtAUYwIqKzUG8pk5R3lWZJEfnQWWDdGlmZQr8r84CYpw=
last-modified: Wed, 01 May 2024 17:24:58 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 story-ea2ed3897789947cee29.js Show response
www.nytimes.com/vi-assets/static-assets/ 3 MB
751 KB 13ms
13ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-ea2ed3897789947cee29.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5d143010c68b29a8f55007466ac1f9968689a1206bc735f7c81d13182626f5b7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: 7M5RZ15TR7RJ2BK2
age: 2919
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-15 17:52:44 UTC
x-served-by: cache-lga21932-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.620734,VS0,VE1
etag: "1fdd6ec2a205645f9dd3aba875ec8dc8"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-ea2ed3897789947cee29.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 21, 2
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: bfyFVtj5YiI.AkDAqNWgTWnTk6MkSnrT
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 767460
x-amz-id-2: fwUZZeh4W8gK6Lgn8Wbi3ExnH47cVCNXYnYW0ho1CpFMw/ADekiBuj8dzVZIeuQwBKtpR5gNn/SncGhV8C1BTVAd/Q5ViiV0PBhkQTDPlVA=
last-modified: Wed, 15 May 2024 17:49:19 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 livePostHeader-390999c1cd28badbeb84.js Show response
www.nytimes.com/vi-assets/static-assets/ 8 KB
4 KB 13ms
12ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/livePostHeader-390999c1cd28badbeb84.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

463c4096503e5578871e8256ef40175b5b3e6de5f4b941d3bebb7084c67bdae2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: 3N244WE6MKG9654T
age: 166320
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-13 20:27:59 UTC
x-served-by: cache-lga21936-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.620722,VS0,VE1
etag: "7896042ff764ae3e5cb581891224e050"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/livePostHeader-390999c1cd28badbeb84.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 38, 597
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: rWgVn77QOiDqY4OZUIXZnj2O2AQOjMXn
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 3280
x-amz-id-2: kgZadI3sB49Hw1sf8dYcHRY4seidwf/aOXI90fIRYM0D4suUgLtFk2zf+dllENciOsqhXsKLKPU=
last-modified: Mon, 13 May 2024 20:27:25 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 main-b2abf7deb4b1a37e3530.js Show response
www.nytimes.com/vi-assets/static-assets/ 2 MB
614 KB 13ms
12ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-b2abf7deb4b1a37e3530.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e55c92a2597feaa07529fa59513b172144a94031f61a82362e1249e6950e72d0

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: HN6QR07Z6P2DCDN1
age: 4231
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-15 17:29:24 UTC
x-served-by: cache-lga21973-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.620715,VS0,VE1
etag: "82de18a891a5fd1c2470ab1b22300c5a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-b2abf7deb4b1a37e3530.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 17, 2
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: P80hftX0cNTayNoc4ktyufYhk9dTlb_b
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 626705
x-amz-id-2: 3f+siLyapoxvqNPfVviXi+qRrbax1UQopqccwSA1IOpqIEe0Lhnq5iB9du6mTc6Lkna/tcx6/HTJWyt2MjdkZ2h0hp9Uh+ETeKors6EGiBk=
last-modified: Wed, 15 May 2024 17:17:53 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 480 KB
132 KB 56ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0618ff4d144559acb31dd5ba007968caee3e539da91880f12d8988cb1947242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135075
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fides-675e7fcafce283a12aba8ba28db11d1d.js Show response
static01.nyt.com/vi-assets/static-assets/ 287 KB
80 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/vi-assets/static-assets/fides-675e7fcafce283a12aba8ba28db11d1d.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

378ec63ef294271e3962319fd974244489f7c5e363bb883700e70cc63874ff18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 16:38:47 GMT
date: Wed, 15 May 2024 18:39:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2375599
x-guploader-uploadid: ABPtcPphcWzw7HhBWGPJ0uQRCrX0aUgYsldM1DAon5DRMjcGxZC6_ZTP_Q1gNJI1TcAK6cOodO8feuDlrw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 81302
x-served-by: cache-iad-kcgs7200086-IAD, cache-fra-etou8220101-FRA
last-modified: Wed, 10 Apr 2024 16:27:04 GMT
server: UploadServer
x-timer: S1715798383.620694,VS0,VE0
etag: "675e7fcafce283a12aba8ba28db11d1d"
vary: Accept-Encoding
x-goog-generation: 1712766424263994
content-type: application/javascript
x-goog-hash: crc32c=QZQumw==, md5=Z15/yvzig6EquouijbEdHQ==
cache-control: public,max-age=31536000
x-goog-stored-content-length: 293939
x-amz-checksum-crc32c: QZQumw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8, 3699

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 26ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 291
content-encoding: gzip
content-length: 20
date: Wed, 15 May 2024 18:39:42 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 34
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: HIT
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
x-samizdat-query-exe-id: 95c23b9bd2cbfa46
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-etou8220097-FRA
x-timer: S1715798383.633441,VS0,VE1

POST
H2 200 track
a.et.nytimes.com/ 0
0 313ms
113ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 149 B
869 B 25ms
24ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-b3-traceid: 0
age: 51
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 4135adbe7c4c0899
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
samizdat-x-canary: false
x-served-by: cache-fra-etou8220101-FRA
x-graphiti-gateway: 5562f507
x-timer: S1715798383.642240,VS0,VE1
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset, x-nyt-geoip-map
cache-control: max-age=30
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: HIT
x-samizdat-query-op-id: project-vi.v2.UserQuery
x-cache-hits: 2
x-samizdat-query-sup-code
date: Wed, 15 May 2024 18:39:42 GMT
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: 8c7a9a01
x-envoy-upstream-service-time: 76
content-length: 132
last-modified: Wed, 15 May 2024 18:38:51 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1, 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
2 KB 326ms
131ms XHR
application/json 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F7e711a3d-f8f3-5fc5-bb3e-c1bee54d75a4&typ=art&prop=nyt&plat=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-193-103.compute-1.amazonaws.com

Software

envoy /

Resource Hash

1d166b9fd33b3b62ce1f4a0cef79e16807373a24767d25968700d73c213687f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 google
content-encoding: gzip
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: als-svc.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 36
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 9266 332 B
1 KB 13ms
13ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

ba394dd66a7b355b283b75fac5d7dd7bfcbb7da0f078140309ebe633a3a6c16d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-expose-headers: X-Nyt-Mktg-Group
age: 426
cache-control: public, max-age=600
content-encoding: gzip
content-length: 254
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 18:39:42 GMT
etag: W/"14c-Zt8GJlRVDxLuKBR7zgkkcBhfhpg"
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 3
x-cloud-trace-context: 47f452c8a39f55ffa2f8008b00a10811
x-content-type-options: nosniff
x-datadog-parent-id: 62225884337619899
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 1155634343457707917
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 27
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-nyt-mktg-group: group4
x-powered-by: Express
x-served-by: cache-fra-etou8220101-FRA

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/9fab0bf6-df63-42ca-acc5-caf4de668f40/ 2 KB
2 KB 39ms
8ms Script
text/javascript 3.160.150.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/9fab0bf6-df63-42ca-acc5-caf4de668f40/launchpad-liveramp.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3afe7af3db3907e46e9efeebcec1e85d343f0d38776f0b7ac08f389bedc3ae2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Cbiwxx6u6RRy3HU6PyayK1wd4jvKSjRE
content-encoding: gzip
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
date: Tue, 14 May 2024 18:45:23 GMT
x-amz-cf-pop: FRA60-P7
age: 86060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Tue, 27 Feb 2024 20:43:33 GMT
server: AmazonS3
etag: W/"9acb660612d4310660ad809feaffd43a"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: Qi9WVZYRKHABI5choZuYTEh130dDoN4TCLB9dKq3KlIZ8f1exArJZg==

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 17ms
16ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 17 Jul 2024 01:51:27 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1345711
x-guploader-uploadid: ADPycdukQL-qvgibY3peXMfS72fA6NpBf1kj7YzjAC6ujpgw_6hsjM_3grlp_k3j2T6wUPaBPjsRE7UVmYhaamjajINqRDPWPJuJ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1715798383.662197,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1673991776265363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4264

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 9ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 11 Sep 2024 23:57:04 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1954510
x-guploader-uploadid: ADPycdv9ZMb8OMU6Qx2AHDi1_OxLzA9HJM_9-S0Yx3i0fDuXfNr5Q9vtoozNl9mnV919YkvlfCM2xGVO2Ig-zaxYcK7dBQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1715798383.661817,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
x-goog-generation: 1673991776325560
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24184
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 182

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 09 Oct 2024 03:05:29 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1772444
x-guploader-uploadid: ADPycdueQ6Rnxcn3qKwC17Sqeq5rar05w5SxtnisB0ZVGGlMEml3iKvsLbMM5lB9tw0wFYOP5A8ea1gK2TDh3GwnR5gcitTps82I
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1715798383.661773,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4303

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Oct 2023 06:23:17 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3335470
x-guploader-uploadid: ADPycdtfRowwXtFVfYuq6st1QAKMrH1-0KPBtuL015QlR0fp44T3dsyEAbfW3GB9u4hZR-JqiaGSgASOtjNMEZsVZM70OTebRZ-r
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1715798383.661834,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598150991608
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3711

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 16ms
15ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 18 Sep 2024 23:34:53 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2460124
x-guploader-uploadid: ADPycdugHm5dt_wCjAcnGMLnBFPjBOh2FDwEp4oWgdJFr6EXY76--AZhjYkLX4xcH84B-KNFAzH99yACQEyeaHbpEEF2DQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1715798383.662247,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
x-goog-generation: 1673991775200429
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2482

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 17ms
16ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 25 Jan 2024 00:37:40 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1353930
x-guploader-uploadid: ADPycdt38TCVFQs07sap3a_qPNNQhOB-oNJNkUm_5NonsSEFt4KS8xlMhMrghM6zQ_O5kimI_tkdWYmaGFdi_deDSjYNLGG5VM4c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1715798383.662234,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1673991775007595
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2686

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 17ms
16ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 25 Jan 2024 00:32:20 GMT
date: Wed, 15 May 2024 18:39:42 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1341353
x-guploader-uploadid: ADPycdu8EQpQm3V7zdMFkJ8XgnencwVnT2B2YUBtaf-sewkAiBh8gRLsetmgM9V27ohK7R6xXMuURFc3DzPNRarYrc9Kgw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1715798383.662281,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4225

GET
H2 200 tpc-check.html
static01.nyt.com/ads/ Frame E5C8 0
0 30ms
7ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/ads/tpc-check.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 97134
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
content-encoding: gzip
content-length: 550
content-type: text/html
date: Wed, 15 May 2024 18:39:42 GMT
etag: "598d685c63f68aaefa1f7c474e83327c"
expires: Tue, 03 Jan 2023 16:12:46 GMT
last-modified: Wed, 03 Apr 2019 14:30:57 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 15388, 858
x-goog-generation: 1554301857669152
x-goog-hash: crc32c=4YnpCQ== md5=WY1oXGP2iq76H3xHToMyfA==
x-goog-metageneration: 3
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1371
x-guploader-uploadid: ADPycduPmvvYcUCaRXmiBukXpFVZvpQ6bcPFp-joUcZ-oQ_iVEHOArB7-w-E6voTG-V37UVtvZLAdV8rZ0k4Se98kKsvOg
x-served-by: cache-iad-kjyo7100082-IAD, cache-fra-etou8220025-FRA
x-timer: S1715798383.671318,VS0,VE0

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 9266 533 KB
186 KB 10ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=3ea28ad

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6292ebfc821267edd4f0a0ed85adc617ebf90829a9458bc90a53ad25520545b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 15 May 2024 17:23:28 GMT
date: Wed, 15 May 2024 18:39:42 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 368
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-nyt-mktg-group: group4
x-envoy-upstream-service-time: 29
content-length: 189752
x-served-by: cache-fra-etou8220101-FRA
x-nyt-backend: lire-ui
server: envoy
etag: "QcFAvQ"
content-type: application/javascript
x-cloud-trace-context: e1363e67a04a9674d57aae0f137887bb
cache-control: public, max-age=600
access-control-expose-headers: X-Nyt-Mktg-Group
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 2

GET
H3 200 gpt.js Show response
pagead2.googlesyndication.com/tag/js/ 95 KB
30 KB 67ms
50ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-6832c1952ccf59e7d305.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b822542289add6d67f4b6d391f1061668362eb4e25c3d085ff54949ca20c0788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30256
x-xss-protection: 0
server: cafe
etag: 65 / 19858 / m202405090101 / config-hash: 18444202494884921499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 May 2024 18:39:42 GMT

GET
H2 200 tcf Show response
purr.nytimes.com/v2/ 51 B
387 B 297ms
114ms Fetch
application/json 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v2/tcf

Requested by

Host: static01.nyt.com
URL: https://static01.nyt.com/vi-assets/static-assets/fides-675e7fcafce283a12aba8ba28db11d1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-193-103.compute-1.amazonaws.com

Software

envoy /

Resource Hash

16f2df588a08c3dff67f3520610dd1f3de5aec75efaa603a09fe8b9f2ff36215

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 18:39:43 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: purr.nytimes.com:443/*
server: envoy
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 2650917f3f86a787eade1d6cf6f2c376
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 23

OPTIONS
H2 204 tcf
purr.nytimes.com/v2/ Frame 0
0 298ms
112ms Preflight
text/html 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v2/tcf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-193-103.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://www.nytimes.com
content-type: text/html
date: Wed, 15 May 2024 18:39:42 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
via: 1.1 google
x-cloud-trace-context: 6fa7f723155ced0bbda8b32bfe54aff4
x-envoy-decorator-operation: purr.nytimes.com:443/*
x-envoy-upstream-service-time: 21

GET
H2 200 vendors~allAccessLandingPage~audio~bestsellers~card~collections~cookingAppDownloadLandingPage~cookin~dca93260-508a2b3d3d9a22f35801.js Show response
www.nytimes.com/vi-assets/static-assets/ 49 KB
11 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~allAccessLandingPage~audio~bestsellers~card~collections~cookingAppDownloadLandingPage~cookin~dca93260-508a2b3d3d9a22f35801.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7305b288dd46abecf3edd73f7bd248f9dc067b65eab266ad7151c407b2ded5ee

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: J973G410XJMKP48F
age: 710117
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-07 13:25:02 UTC
x-served-by: cache-lga21929-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.925695,VS0,VE1
etag: "0b88d2ac347a96fad267ee08b7899171"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~audio~bestsellers~card~collections~cookingAppDownloadLandingPage~cookin~dca93260-508a2b3d3d9a22f35801.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 15, 6426
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: GEc4ECvs4dOCADe0q9EtoLFbr_Y2h362
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 10670
x-amz-id-2: 29qVFKzKE0p0orpgUQGGkTUgHf0wWSDnJjnCmYgppMwon/Nv0DFWk21L0P8LbCBFQITUpvN6o3E=
last-modified: Tue, 07 May 2024 13:10:55 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 vendors~account~byline~capsule~clientSideCapsule~collections~explainer~getstarted~liveAsset~newslett~0c93273d-f104ba814112712f8f74.js Show response
www.nytimes.com/vi-assets/static-assets/ 15 KB
5 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~account~byline~capsule~clientSideCapsule~collections~explainer~getstarted~liveAsset~newslett~0c93273d-f104ba814112712f8f74.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

535812e094388328df26fd387e309de2ffba14f9d833fed74ab02d7f6f70c241

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: TP62SCKKV0M8MEMD
age: 1816756
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-04-24 18:02:11 UTC
x-served-by: cache-lga21935-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.925684,VS0,VE1
etag: "462c941bea80616b54c5a240dfe67df9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~account~byline~capsule~clientSideCapsule~collections~explainer~getstarted~liveAsset~newslett~0c93273d-f104ba814112712f8f74.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 31, 6068
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: L2USPqZem6mfXBqMdCwwHTwkuf7u7T4d
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 4164
x-amz-id-2: XyG6ZSW1G7zEvLWKLsWSVgotpaIYWqAcC80nHFRA97J7A1K+9yNoeAqs5SpkZjR3A/06awQ1nRHlNbK1Sa3h8KQ8i4okvdbq
last-modified: Wed, 24 Apr 2024 17:54:40 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 vendors~audio~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~~b0abd9a2-247d42685697d277893e.js Show response
www.nytimes.com/vi-assets/static-assets/ 46 KB
15 KB 11ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~~b0abd9a2-247d42685697d277893e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae03d2c324105000d8ab6d018604eadb1b8d3899e8af7e20ac7cbbd0081161a5

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: 4QDTRQBZXK0Z3J0K
age: 90413
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-14 17:33:15 UTC
x-served-by: cache-lga21931-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798383.925700,VS0,VE1
etag: "b63b61ec3448604d4dccc97a47678859"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~~b0abd9a2-247d42685697d277893e.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 18, 791
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: PnY9QesRd9MpPZ8OSz788e43QqMF1tAP
date: Wed, 15 May 2024 18:39:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 13715
x-amz-id-2: gpC3Ff0zsDLQYiRsXempPu4VJEHcSnST9x4byr6OzDboSCv38+OQ0zuNYGqnHaeePQCAVZiAfKsrEUIOE/OUl3NEqGfzkgZMdAbnBf06eJY=
last-modified: Tue, 14 May 2024 17:30:38 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 205 KB
43 KB 32ms
7ms Script
application/x-javascript 13.32.27.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/9fab0bf6-df63-42ca-acc5-caf4de668f40/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50308d3987b9d0ded74e9c8a1a41b4f44fc031b5df41486e1aec59eaf29c91cd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VlUhp0OfrEAKEObBKlt_cyydX.7m6VfY
content-encoding: br
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 17:49:37 GMT
last-modified: Mon, 13 May 2024 13:57:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 3006
x-amz-server-side-encryption: AES256
etag: W/"f3fc71071260631447e3e9cc1e56beda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: e3EUcGFaiJi0q7OtinLvw6eqa_HPBgUNKmvBsupgOidJpfNp1FsAUw==

GET
H2 200 tags.js Show response
dd.nytimes.com/ 150 KB
28 KB 70ms
9ms Script
text/javascript 13.35.58.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-35.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

2d294514c008dd4fcb83c420cea8326601d047ef50d7d7463c1ff901605ab0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 18:02:11 GMT
x-amz-cf-pop: FRA60-P10
age: 2252
x-cache: Hit from cloudfront
content-length: 28213
last-modified: Mon, 06 May 2024 13:39:35 GMT
server: Apache
etag: "25960-617c93337c0e9-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: GvXvx8-veZ-PykxEzrxr3e8I7j7Dr3wSPU3_cFd4y1D9Eyey7-DxCA==
expires: Wed, 15 May 2024 19:02:11 GMT

GET
H3 200 pubads_impl.js Show response
pagead2.googlesyndication.com/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 8ms
8ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 10:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 15 May 2025 10:33:49 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 11ms
11ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 62
content-encoding: gzip
content-length: 20
date: Wed, 15 May 2024 18:39:43 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 33
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: HIT
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
x-samizdat-query-exe-id: 84dea3b59660f842
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-etou8220097-FRA
x-timer: S1715798383.410713,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 63 B
958 B 154ms
153ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b2abf7deb4b1a37e3530.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 3b8abc18e8958864
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
samizdat-x-canary: false
x-served-by: cache-fra-etou8220101-FRA
x-graphiti-gateway: 5562f507
x-timer: S1715798383.420396,VS0,VE146
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset, x-nyt-geoip-map
cache-control: max-age=30
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: MISS
x-samizdat-query-op-id: project-vi.v2.ReadingListStatusQuery
x-cache-hits: 0
x-samizdat-query-sup-code
date: Wed, 15 May 2024 18:39:43 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: c87454a7
x-envoy-upstream-service-time: 50
content-length: 85
last-modified: Wed, 15 May 2024 18:39:43 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 state-nav.json Show response
static01.nyt.com/elections-assets/pages/data/feeds/4f474d2a-5795-47ed-ae37-7e5c83e2e463/ 8 KB
2 KB 9ms
9ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/elections-assets/pages/data/feeds/4f474d2a-5795-47ed-ae37-7e5c83e2e463/state-nav.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e1f2d16b24d78cee4ccb912149230fb7a506108876016c5c96b7356b922b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 15 May 2024 16:58:44 GMT
date: Wed, 15 May 2024 18:39:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3
x-guploader-uploadid: ABPtcPonwKrWJO0fYz7LVX6sqWJfJEbmGFfr4em9lfEYb1LjGpsAxnUthOPn94XwT9KEZHfi1LCAVFkiNg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 1137
x-served-by: cache-iad-kiad7000072-IAD, cache-fra-etou8220097-FRA
last-modified: Wed, 15 May 2024 16:56:38 GMT
server: UploadServer
x-timer: S1715798383.436535,VS0,VE1
etag: "ce95e2a313a8fff4c1b0967514996867"
vary: Accept-Encoding
x-goog-generation: 1715792198380428
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Y8qIlQ==, md5=zpXioxOo//TBsJZ1FJloZw==
cache-control: max-age=5, stale-if-error=86400, stale-while-revalidate=5, public
x-goog-stored-content-length: 8524
x-amz-checksum-crc32c: Y8qIlQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 117914, 1

GET
H2 200 purr-cache Show response
purr.nytimes.com/v1/ 0
210 B 181ms
181ms Fetch
text/html 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v1/purr-cache

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-193-103.compute-1.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:43 GMT
via: 1.1 google
x-envoy-decorator-operation: purr.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 2ac7091c240f6710f9c840425b914af7
access-control-allow-credentials: true
x-envoy-upstream-service-time: 88
content-length: 0

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 538ms
118ms Fetch
application/json 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2024%2F05%2F04%2Fus%2Fpolitics%2Ftrump-donors.html&caller_id=nyt-vi&jkcb=1715798383437&referrer=&sourceApp=nyt-vi

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b2abf7deb4b1a37e3530.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-193-103.compute-1.amazonaws.com

Software

envoy /

Resource Hash

937be681de2650afce030cf33564448f1692b9511f49428e87e4ea0ce2bd7373

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nyti-upstream: gke
date: Wed, 15 May 2024 18:39:43 GMT
x-envoy-decorator-operation: a.nytimes.com:443/*
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
access-control-allow-headers: Content-Type, x-requested-by

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
623 B 9ms
9ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.nytimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 02:32:29 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront), 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 58034
x-amzn-requestid: c4cf05d8-d2f7-4480-a2ac-be1ee284f936
x-amzn-trace-id: Root=1-66441ebd-40b04b8e7b95a6f45d4425a2;Parent=55778d87548c414e;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Xym9oGx6DoEEb6w=
content-length: 28
x-amz-cf-id: aYtIEbGq1bUg0V2_rYF70Q92ucfcqohLxXyIodU9mqO1N8ko2zcIAA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 117ms
83ms Preflight
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 15 May 2024 18:39:43 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront), 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-apigw-id: X00pfH9AjoEEO1w=
x-amz-cf-id: O-IhWtEOSuNAvqgTF0X11GNPEicHlrE_Kazcs7q7PTLXgebwowAC2g==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 17908e16-111a-4049-a5dd-0f33d00bc312
x-cache: Miss from cloudfront

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 872
content-encoding: gzip
content-length: 20
date: Wed, 15 May 2024 18:39:43 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 9
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: HIT
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
x-samizdat-query-exe-id: 8df8ec3cb32cebca
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-etou8220097-FRA
x-timer: S1715798384.564169,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 63 B
1005 B 156ms
156ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b2abf7deb4b1a37e3530.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b2064442f57238d5e04d61bacad93794e723f91204f928f6980801c400b7bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 42833896fc90a39e
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
samizdat-x-canary: false
x-served-by: cache-fra-etou8220101-FRA
x-graphiti-gateway: 5562f507
x-timer: S1715798384.549772,VS0,VE149
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset, x-nyt-geoip-map
cache-control: max-age=30
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: MISS
x-samizdat-query-op-id: project-vi.v2.trustAssetsQuery
x-cache-hits: 0
x-samizdat-query-sup-code
date: Wed, 15 May 2024 18:39:43 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 8c7a9a01
x-envoy-upstream-service-time: 47
content-length: 81
last-modified: Wed, 15 May 2024 18:37:07 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 comments-9084435f2557dcd90976.js Show response
www.nytimes.com/vi-assets/static-assets/ 55 KB
17 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-9084435f2557dcd90976.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b43c85b1b8b209ea11db91c2eb00c38e652ca147528ef62368c81d126fc60ce9

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: J952DRR2HBY0A3JF
age: 166324
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-05-13 20:27:40 UTC
x-served-by: cache-lga21975-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798384.560434,VS0,VE1
etag: "49d3b47099e88146f5a0e5284e83db6d"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-9084435f2557dcd90976.js
content-type: application/javascript
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 2, 1404
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: hboYNPdH_rCQrhzWAdE5g4zrHilho3Fs
date: Wed, 15 May 2024 18:39:43 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 16770
x-amz-id-2: rTcRnKIp1f+NSK2JJciT5CtI2aMpqqFfvmDF7NzXeAnNZZSesiORYG4nGP12ZxcOFLZi1RqEuls=
last-modified: Mon, 13 May 2024 20:27:23 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 24 KB
6 KB 355ms
355ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1ac7b59e9ba4378c491397f208b887acf4bc8b883504d9bc5a5d69e6712f834e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
x-nyt-entitlements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-nyt-programming-abtest
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-news-tenure
x-nyt-internal-meter-override
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-b3-traceid: 0
x-nyt-pass-reason: PRVT
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 2f67185499723055
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
samizdat-x-canary: false
x-served-by: cache-fra-etou8220101-FRA
x-graphiti-gateway: 5562f507
x-timer: S1715798384.572213,VS0,VE348
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset, x-nyt-geoip-map
cache-control: private, no-store
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: MISS
x-samizdat-query-op-id: project-vi.v2.getMessageSelection
x-cache-hits: 0
x-samizdat-query-sup-code
date: Wed, 15 May 2024 18:39:43 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 3e198940
x-envoy-upstream-service-time: 246
last-modified: Wed, 15 May 2024 18:39:43 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 state-nav.json Show response
static01.nyt.com/elections-assets/pages/data/feeds/4f474d2a-5795-47ed-ae37-7e5c83e2e463/ 8 KB
0 0ms
0ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/elections-assets/pages/data/feeds/4f474d2a-5795-47ed-ae37-7e5c83e2e463/state-nav.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e1f2d16b24d78cee4ccb912149230fb7a506108876016c5c96b7356b922b61fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 15 May 2024 16:58:44 GMT
date: Wed, 15 May 2024 18:39:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3
x-guploader-uploadid: ABPtcPonwKrWJO0fYz7LVX6sqWJfJEbmGFfr4em9lfEYb1LjGpsAxnUthOPn94XwT9KEZHfi1LCAVFkiNg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 1137
x-served-by: cache-iad-kiad7000072-IAD, cache-fra-etou8220097-FRA
last-modified: Wed, 15 May 2024 16:56:38 GMT
server: UploadServer
x-timer: S1715798383.436535,VS0,VE1
etag: "ce95e2a313a8fff4c1b0967514996867"
vary: Accept-Encoding
x-goog-generation: 1715792198380428
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Y8qIlQ==, md5=zpXioxOo//TBsJZ1FJloZw==
cache-control: max-age=5, stale-if-error=86400, stale-while-revalidate=5, public
x-goog-stored-content-length: 8524
x-amz-checksum-crc32c: Y8qIlQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 117914, 1

GET
H2 200 privacy-experience Show response
www.nytimes.com/fides/api/v1/ 1 MB
137 KB 10ms
9ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/fides/api/v1/privacy-experience?show_disabled=false&region=eea&component=overlay&has_notices=true&has_config=true&systems_applicable=true&include_gvl=true&include_meta=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

uvicorn /

Resource Hash

b21566496f3c03a6e259ddc817ea8c7dfd9ee727b59d6e9422f66acd402b011d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Unescape-Safestr: true
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
sec-ch-ua-platform: "Win32"

Response headers

x-nyt-app-map: webview=false,preloaded=false
date: Wed, 15 May 2024 18:39:43 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-api-version: F-X
age: 59
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
x-nyt-mktg-group: group4
x-origin-time: 2024-05-15 18:38:45 UTC
content-length: 138621
x-served-by: cache-fra-etou8220101-FRA
x-endpoint-cache-hit: true
server: uvicorn
x-timer: S1715798384.586370,VS0,VE1
x-ratelimit-remaining: 1975, 1975
vary: Accept-Encoding, Fastly-SSL
content-type: application/json
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/fides/api/v1/privacy-experience?component=overlay&has_config=true&has_notices=true&include_gvl=true&include_meta=true&region=eea&show_disabled=false&systems_applicable=true
access-control-expose-headers: X-Nyt-Mktg-Group
x-gdpr: 1
x-nyt-route: fides-api
permissions-policy: browsing-topics=()
x-ratelimit-reset: 1715798357, 1715798357
x-ratelimit-limit: 2000, 2000
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-app-webview: 0
retry-after: Wed, 15 May 2024 18:39:17 -0000
x-cache-hits: 2

GET
H2 200 state-nav.json Show response
static01.nyt.com/elections-assets/pages/data/feeds/4f474d2a-5795-47ed-ae37-7e5c83e2e463/ 8 KB
0 0ms
0ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/elections-assets/pages/data/feeds/4f474d2a-5795-47ed-ae37-7e5c83e2e463/state-nav.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e1f2d16b24d78cee4ccb912149230fb7a506108876016c5c96b7356b922b61fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 15 May 2024 16:58:44 GMT
date: Wed, 15 May 2024 18:39:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3
x-guploader-uploadid: ABPtcPonwKrWJO0fYz7LVX6sqWJfJEbmGFfr4em9lfEYb1LjGpsAxnUthOPn94XwT9KEZHfi1LCAVFkiNg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 1137
x-served-by: cache-iad-kiad7000072-IAD, cache-fra-etou8220097-FRA
last-modified: Wed, 15 May 2024 16:56:38 GMT
server: UploadServer
x-timer: S1715798383.436535,VS0,VE1
etag: "ce95e2a313a8fff4c1b0967514996867"
vary: Accept-Encoding
x-goog-generation: 1715792198380428
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Y8qIlQ==, md5=zpXioxOo//TBsJZ1FJloZw==
cache-control: max-age=5, stale-if-error=86400, stale-while-revalidate=5, public
x-goog-stored-content-length: 8524
x-amz-checksum-crc32c: Y8qIlQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 117914, 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 199ms
199ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
BLOB 200
OK 4f4580aa-07c9-4c81-af53-c42c3b982982
https://www.nytimes.com/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.nytimes.com/4f4580aa-07c9-4c81-af53-c42c3b982982
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 200 .status Show response
a.et.nytimes.com// 0
0 189ms
189ms Fetch
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
Referer: https://www.nytimes.com/
sec-ch-ua-platform: "Win32"

Response headers

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 397 B
932 B 43ms
20ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c4e36a1e1912f897724fb10b67d936da36d05777ad6179b0d34f3cbffd288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:43 GMT
x-amz-version-id: 5luuDEGIbJ35XqsYUhrahuImXBlSS3rO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: MEVTR2T4R772MQ7Q
age: 362
x-amz-server-side-encryption: AES256
x-amz-id-2: 8BCxONq3nRR+wc9aBBewV/zb6tPrskqf7r6rIRTG+Z/Nzl8KKnV1j0E6c7z/hOyrKdjy5+Gy27g=
last-modified: Tue, 14 May 2024 19:17:32 GMT
server: cloudflare
etag: W/"147ea5fde58a19cf1ad1311a2e8a5361"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MSxarHeYwz2p02lvdPPxfd3KihJmNrHKnElc3PhlKMu1OzmQvvvenoqLiHyPSqT4w42HOMTeelmfhtXpzWbj5FmiUiKH6EAdfzSBRZlKc%2F8ohqIQRIsLfq4AL8KgAlwCn2DzqXqXE%2FUHcuIjLrKJyyOeQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8845409bab3e65ac-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
52ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0eb3b7e36ea396a2e2f32a2ddc52e4d960b544ea8c8303fa100e230f7eaa4195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12362
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 858 B
536 B 152ms
145ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=288282133657955&correlator=1075269095521661&eid=31079956&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fif&gdpr=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1715798383937&lmt=1715798382&adxs=0&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.nytimes.com%2F2024%2F05%2F04%2Fus%2Fpolitics%2Ftrump-donors.html%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DGeorgian%2520Protests%2520Try%2520to%2520Reverse%2520Russian%2520Pivot%26utm_campaign%3DThe%2520Morning%2520Dispatch_Free%2520Subscribers%2520Only_Georgian%2520Protests%2520Try%2520to%2520Reverse%2520Russian%2520Pivot&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1461587817.1715798384&ga_sid=1715798384&ga_hid=99337524&ga_fc=false&dlt=1715798382583&idt=1003&ppid=1v6s0nrgw551xvkqkivr9aniuti7d428&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1057&cust_params=als_test_clientside%3Dweb_none_none_20240515183942%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1715798382172%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dtrumpdonaldj%252Cwilessusie%26org%3Drepublicanparty%26des%3Dpresidentialelectionof2024%252Ccampaignfinance%26auth%3Dmaggiehaberman%252Cshanegoldmacher%26coll%3Dusnews%252Cuspolitics%252C05polswiper%252C04polswiper%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000009448545%26pt%3Dnt12%252Cnt13%252Cnt15%252Cnt16%252Cnt19%252Cnt21%252Cnt3%252Cnt6%252Cnt7%252Cnt8%252Cpt2%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_gg1%252Cneg_debeer%252Cneg_chanel%252Cneg_capitalone%252Cneg_chan2%252Cneg_citi_aa%252Cneg_hms%252Cneg_njts%252Cneg_bofa%252Cneg_google%252Cneg_rchmt%252Cpolitics_sentiment%252Cgb_safe_from_high%252Cgs_politics%252Cneg_kaypemg%252Cneg_newyorkp%252Cneg_sub0%252Cneg_gg2%252Cneg_rms%252Cgs_predicts_uspoliticselection%252Cneg_mttl%252Cneg_mtb%252Cneg_am%252Cgs_predicts_legal_industry%252Cneg_ts%252Cneg_mastercard%252Cneg_sia%252Cneg_chan3%252Cneg_ihw%252Cneg_trpavd%252Cneg_elec%252Cneg_rolex%252Cneg_ms_safe%252Cgs_predicts_needinglegalcouncil%252Cneg_racism%252Cgs_law%252Cgs_politics_issues_policy%252Cgs_politics_misc%252Cneg_amerex%252Cneg_sabic%252Cneg_orep%252Cneg_amex%252Cneg_rmw%252Cneg_bp%252Cgs_predicts_moms_dads_grads%252Cgs_politics_elections%252Cneg_ssi%252Cgb_crime_edu%252Cgb_crime_high_med_low%252Cneg_mc%252Cneg_hearts%252Cneg_aramco%252Cneg_samsung%252Cgs_politics_american%252Cgs_predicts_charity%252Cneg_amz_sfe%252Cneg_chldis%252Cgb_sensitive_high_med%252Cgb_sensitive_high_med_low%252Cgb_sensitive_news-ent%252Cgs_predicts_parentsteachers%252Cgs_law_misc%252Ccc_business_lead_boards%252Cmsnbc_q3_2019%252Cgs_busfin%252Cneg_ubs%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgs_predicts_newjob%252Cgb_crime_high_med%252Cgb_crime_news-ent%252Cgs_predicts_interestedmillennial%252Cgs_predicts_findapro_taxseason%252Cgs_predicts_singlesdayshopper%252Cneg_unrest%252Cgs_predicts_collegebound%252Cgs_predicts_teens%252Cgs_predicts_insurance%252Cgs_predicts_compassion%252Cneg_korean_air%252Cgs_predicts_tropicalvacations%252Cgs_predicts_oscarsemmysglobes%252Cgs_predicts_diningindelivery%252Cgs_predicts_mlb%252Cgs_predicts_golf%252Cgs_predicts_giftgiving%252Cgs_predicts_veteransservice%252Cgs_predicts_nflncaafootball%252Cgs_predicts_brocations%252Cneg_msft%252Cgs_predicts_moviesandentertainment%252Cgs_predicts_holidayshoppers%252Cgs_predicts_travel_by_rail%252Cgv_crime%252Cgs_predicts_youngwomensinterest%252Cgs_predicts_energy_topics%252Cgs_predicts_performingarts%252Cgs_predicts_movers%252Cgs_predicts_marketers%252Cgs_predicts_doyourowntaxes%252Cgs_t%26tt%3D105%26mt%3DMT10%252CMT5%252CMT7%26abra_dfp%3D%26sov%3D3%26page_view_id%3DF58Ki5grLDzPnFKd93yJfkRS%26purr%3Dltd%26uap%3Dbrowser%26cookie%3Dfalse%26typ_materials%3D%2523news%2523%26slug%3Ddonors%26reqID%3De7ea2072-6e5f-4956-bfbe-4171d62a0863&adks=1133286891&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

023ddd73ee33088d9c34f87b95d0bf0ce9c0d3c48e12d302df624881810bcdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 507
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3DF 0
0 55ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 18:39:43 GMT
expires: Thu, 15 May 2025 18:39:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 favicon-d2483f10ef688e6f89e23806b9700298.ico
www.nytimes.com/vi-assets/static-assets/ 2 KB
3 KB 8ms
8ms Other
image/vnd.microsoft.icon 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/favicon-d2483f10ef688e6f89e23806b9700298.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94de5ae7e9bcf74727f45bb30ae37f553db4594012e2704336da5fbbf3357c3e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
x-amz-request-id: 3W7KG4F7PSJHN10C
age: 3414583
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-04-01 18:36:19 UTC
x-served-by: cache-lga13628-LGA, cache-fra-etou8220101-FRA
x-timer: S1715798384.970853,VS0,VE1
etag: "4bf96cb6a1093748bf5b3c429accb9b4"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/favicon-d2483f10ef688e6f89e23806b9700298.ico
content-type: image/vnd.microsoft.icon
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 31, 2027
x-nyt-app-map: webview=false,preloaded=false
x-amz-version-id: JXczJEDIiBLIaTeulU5gi7H178HFYRmK
date: Wed, 15 May 2024 18:39:43 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-F-X
x-cache: HIT, HIT
content-length: 1671
x-amz-id-2: mFljseE5QV8ZgsLSCr6ut10H658dO1Gdc3i/WdJEvBSes2MdfBFibp0Iz8qCIVyzJxrHoUL9rDI=
last-modified: Mon, 01 Apr 2024 18:34:00 GMT
server: AmazonS3
x-gdpr: 1
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Sep 2024 23:22:06 GMT
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1359685
x-guploader-uploadid: ADPycdtcubMiwfcQF0zjjS_rhEJ0pSZNds_QHcSrP3kcQpO23yvTug3K-UhX3yc6HixAW6WolpdoiKak_yLHyeHBzfrY6yGymjvX
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-fra-etou8220097-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1715798384.036378,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1673991776257702
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2630

POST
H2 200 / Show response
dd.nytimes.com/js/ 235 B
623 B 26ms
12ms XHR
application/json 13.35.58.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-35.fra60.r.cloudfront.net

Software

DataDome /

Resource Hash

32f5da1b6a65dbf4ed124a29813402076db92d6e5cf2cfee07c7136fe83b38ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 ebf31a208b1563522327c20ddd946a5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
x-amz-cf-id: OuAmgkGVXxvtH-iglFjFL0NomD1HWmKciCjvPTrIHGlkX6_ZTVhOjg==
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 May 2024 18:39:44 GMT

GET
H2 200 match-prod-1a15cf76997684e4de82.js Show response
platform.iteratehq.com/ 75 KB
26 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-1a15cf76997684e4de82.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edfd6dec10157922e2764b0299b90309e1505929b97100aaaba3a6c83503c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
x-amz-version-id: YTAKuILEz2iw32sn9iDFYApJcLvXYgUQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: WD9HVBKRJXFMFHHC
age: 84065
x-amz-server-side-encryption: AES256
x-amz-id-2: WVgtE7N6otxSX0CVSBo2AjSWIkguXDVN2uqc3RTLfPulredsT8T0oQmO8A6TsRrOtcfwQcB26i8=
last-modified: Tue, 14 May 2024 19:17:31 GMT
server: cloudflare
etag: W/"c167345dd0c9d4808d12575fd5c4047c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxEXQxcKoJxPKv6h2m3uxoLXiaTabvkQRShHoKhUAFDZRYcKN5a8HNvOGzzqkoCGXNiUgCJWUDtknfIymvWrkVgNh8bxuPnUFuoYjalp2Tr0wWBcbEFiNoqfbmRR0F0l2AXb%2BhubY%2BTXbppq2%2BahEY998nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8845409c3c1b65ac-FRA

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 53 KB
4 KB 225ms
225ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

761ad6c5382c60dea47194442ab113012de53514d9b6b80c3d7668d851069e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-b3-traceid: 1
x-nyt-pass-reason: PBTL
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 9446aca788c44db1
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
samizdat-x-canary: false
x-served-by: cache-fra-etou8220101-FRA
x-graphiti-gateway: 5562f507
x-timer: S1715798384.065927,VS0,VE208
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset, x-nyt-geoip-map
cache-control: max-age=30
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: MISS
x-samizdat-query-op-id: project-vi.v2.getOffer
x-cache-hits: 0
x-samizdat-query-sup-code
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: c2dd51de
x-envoy-upstream-service-time: 61
last-modified: Wed, 15 May 2024 18:29:37 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 53 KB
5 KB 191ms
191ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

761ad6c5382c60dea47194442ab113012de53514d9b6b80c3d7668d851069e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-b3-traceid: 0
x-nyt-pass-reason: PBTL
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 64f5953307a5909a
x-nyt-geoip-map: meridiem=PM,continent=EU,country=DE,region=RP
samizdat-x-canary: false
x-served-by: cache-fra-etou8220101-FRA
x-graphiti-gateway: 5562f507
x-timer: S1715798384.072668,VS0,VE170
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset, x-nyt-geoip-map
cache-control: max-age=30
x-nyt-audience-target-flat: EUDE:PM
x-nyt-edge-cache: MISS
x-samizdat-query-op-id: project-vi.v2.getOffer
x-cache-hits: 0
x-samizdat-query-sup-code
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: f8567cb7
x-envoy-upstream-service-time: 47
last-modified: Wed, 15 May 2024 18:29:37 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 29ms
7ms Script
application/x-javascript 2600:9000:2646:4800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:4800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f36aafde93df40d6a9d227ebda4377534c246d1563ae694c0e59e4e7161e6647

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:30:07 GMT
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 00:24:56 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 577
etag: W/"66172dd8-11d68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bX__jXopWdgZiWOmccozn5FFAE5pbsXnT-WUAP_oxvpEil5VJb3ZJQ==
expires: Thu, 16 May 2024 18:30:07 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
781 B 16ms
8ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 May 2023 23:50:37 GMT
date: Wed, 15 May 2024 18:39:44 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 49499
x-guploader-uploadid: ADPycdtscvtwua-aV23Ie4HH8S1lqi9QidJsXhbEqRNfxkV6tNV1KH0icsZAxhU-HV9bftk4IJw_R0mZhYygMLPaRF9Ba3aD4zym
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-fra-etou8220101-FRA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1715798384.080658,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 528

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 44ms
22ms Script
text/javascript 2606:4700:20::681a:5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dbbb146331e6d7ea9029689734e915d5f5c801dab8f1b8a8908c1a77321e4d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 May 2024 18:37:28 GMT
server: cloudflare
age: 136
cf-polished: origSize=5604
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycHzvaaD2Fvb0Bn8ysPlGuusFTBBk85KYgIgow7phuRE8WxjUwXnIa%2FNTdWSRglLjsYcAJ34ydd8aP3ZSSJVKADF4UbFnaxHO%2F6TEfz0oVahC8ZkF0ykWOiP6kRnazD9awf1VLy8BgB4KGnEWU3QvE%2F4"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8845409c998f9bd7-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A103 0
0 26ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 5777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 17:03:27 GMT
expires: Thu, 15 May 2025 17:03:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
543 B 111ms
111ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

327e30440f3c8283188f7028928ab7571a3b02cfe89982ef5c4653b2b6d736b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.nytimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZO%2BBGL4xwSNKscIjxG3xei9n3%2FNvxUXosVDYXaoBTe0XWE93RTtDUmdO8Lwk14b5gC9BiD4CPnVTVS60TqAvp5h8XPKvRE6zurU4cm4GMglEZoTzapJVxC%2F9TezkAneJ6kLbe2hVCad1X48%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8845409dddc4380d-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 131ms
103ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8845409d3cd0380d-FRA
content-length: 0
date: Wed, 15 May 2024 18:39:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WP6%2FbP81u3izeKiA8M0bVBcAsZ1zVoELNUDxKrhb%2BVGs0pW1n102z8fo%2FUxSDA7kPJAigrTCyOTD%2BEuylRPHYP8RIGtObHIH5jRnzFllkkHLuxxlW28eqciabn7M1%2BOmgGlVoa5pfLMAWaA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
202 B 283ms
91ms Image
image/gif 54.80.129.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2024%2F05%2F04%2Fus%2Fpolitics%2Ftrump-donors.html&u=Yd4NGg1k_zCGSv-x&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Maggie%20Haberman%2CShane%20Goldmacher&n=1&f=00001&c=0&x=0&m=0&y=3671&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2F2024%2F05%2F04%2Fus%2Fpolitics%2Ftrump-donors.html%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DGeorgian%2520Protests%2520Try%2520to%2520Reverse%2520Russian%2520Pivot%26utm_campaign%3DThe%2520Morning%2520Dispatch_Free%2520Subscribers%2520Only_Georgian%2520Protests%2520Try%2520to%2520Reverse%2520Russian%2520Pivot&b=2498&_c=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&_m=email&_x=ActiveCampaign&_y=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&t=B54vw9DPSjazDclZYyB8V1slDUAndI&V=145&i=At%20Donor%20Retreat%2C%20Trump%20Calls%20Biden%20Administration%20the%20%E2%80%98Gestapo%E2%80%99&tz=-120&_acct=anon&sn=1&sv=B5Txl7BnzLQLDMmA2dCMe6JGDJDva9&sr=external&sd=1&im=06679ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.129.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-129-100.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 15 May 2024 18:39:44 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 38 KB
15 KB 8ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-b2abf7deb4b1a37e3530.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

73ee4ab83868d81fb4b2f0833c68edb0a4499b7bdf56ee458b3a56ace1669249

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 15 May 2024 17:30:40 GMT
date: Wed, 15 May 2024 18:39:44 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 529
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-nyt-mktg-group: group4
x-envoy-upstream-service-time: 25
content-length: 14940
x-served-by: cache-fra-etou8220101-FRA
x-nyt-backend: lire-ui
server: envoy
etag: "QcFAvQ"
content-type: application/javascript
x-cloud-trace-context: fcc5e2f53c8c7cff75cf4644a60832e2
cache-control: public, max-age=600
access-control-expose-headers: X-Nyt-Mktg-Group
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
111ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame C05B 19 KB
9 KB 466ms
465ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

c6c07dca0f0806cc091958dac61206265d75fb4d29f8858da16fc9668ebbc91c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com https://g1.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.nytimes.com/report
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com https://g1.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.nytimes.com/report
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 18:39:44 GMT
etag: W/"4a15-fGBvis211rIn1UZl8R8SdX9t7a8"
expires: 0
fastly-restarts: 1
pragma: no-cache
resp-details: [[it:lui]]
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 66939ed33920e5aabc5079366e31c154
x-content-type-options: nosniff
x-datadog-parent-id: 7803399723091474518
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 2405123017685051981
x-datadome: protected
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 32
x-nyt-backend: lire-ui
x-nyt-edge-cache: MISS
x-nyt-mktg-group: group4
x-powered-by: Express
x-served-by: cache-fra-etou8220101-FRA

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
343 B 114ms
114ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjQ1MDE3MGMwNDk5ODAwMDFjN2RmMDciLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzE1Nzk4Mzg0fQ.KVd0DqdryO4Om3FaMw2ylZ2PG3y4591Dw9OGsF-dnHM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.nytimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCGFs21p1JocYZTXxImKOjJKlGsnpgrFBPpvyoSCyy3bxaOkJny1RkPXvzI9gpiGA7dANP0a%2FKqNHwrfrRvXSQNvLkQTi4dxxC2LpCbf13sEnGve75yt4wL5Rz0ExHjoZy3d44Hyrl%2Fl98M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 884540a03a55380d-FRA

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame C05B 533 KB
0 10ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=3ea28ad

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6292ebfc821267edd4f0a0ed85adc617ebf90829a9458bc90a53ad25520545b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2
date: Wed, 15 May 2024 18:39:42 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 368
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-nyt-mktg-group: group4
x-envoy-upstream-service-time: 29
content-length: 189752
x-served-by: cache-fra-etou8220101-FRA
x-nyt-backend: lire-ui
server: envoy
etag: "QcFAvQ"
content-type: application/javascript
x-cloud-trace-context: e1363e67a04a9674d57aae0f137887bb
cache-control: public, max-age=600
access-control-expose-headers: X-Nyt-Mktg-Group
x-nyt-edge-cache: HIT
accept-ranges: bytes
expires: Wed, 15 May 2024 17:23:28 GMT

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame C05B 205 KB
49 KB 101ms
33ms Script
application/javascript 2a02:26f0:3100:795::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sun, 28 Apr 2024 07:31:07 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame C05B 0
0 116ms
116ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame C05B 150 KB
0 0ms
0ms Script
text/javascript 13.35.58.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/tags.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-35.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 2d294514c008dd4fcb83c420cea8326601d047ef50d7d7463c1ff901605ab0e8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:02:11 GMT
content-encoding: gzip
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 2252
x-cache: Hit from cloudfront
content-length: 28213
last-modified: Mon, 06 May 2024 13:39:35 GMT
server: Apache
etag: "25960-617c93337c0e9-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: GvXvx8-veZ-PykxEzrxr3e8I7j7Dr3wSPU3_cFd4y1D9Eyey7-DxCA==
expires: Wed, 15 May 2024 19:02:11 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame C05B 0
0 116ms
116ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame C05B 1013 B
1 KB 305ms
123ms Fetch
application/json 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignId%253D7JFJX%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2024%25252F05%25252F04%25252Fus%25252Fpolitics%25252Ftrump-donors.html%25253Futm_source%25253DActiveCampaign%252526utm_medium%25253Demail%252526utm_content%25253DGeorgian%25252520Protests%25252520Try%25252520to%25252520Reverse%25252520Russian%25252520Pivot%252526utm_campaign%25253DThe%25252520Morning%25252520Dispatch_Free%25252520Subscribers%25252520Only_Georgian%25252520Protests%25252520Try%25252520to%25252520Reverse%25252520Russian%25252520Pivot%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2024%25252F05%25252F04%25252Fus%25252Fpolitics%25252Ftrump-donors.html%25253Futm_source%25253DActiveCampaign%252526utm_medium%25253Demail%252526utm_content%25253DGeorgian%25252520Protests%25252520Try%25252520to%25252520Reverse%25252520Russian%25252520Pivot%252526utm_campaign%25253DThe%25252520Morning%25252520Dispatch_Free%25252520Subscribers%25252520Only_Georgian%25252520Protests%25252520Try%25252520to%25252520Reverse%25252520Russian%25252520Pivot%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-217310

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=3ea28ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-193-103.compute-1.amazonaws.com

Software

envoy /

Resource Hash

6c0184ca86904447f9eeaee0ecb0fa8eac599de02c82b3197eb81d4cc369b1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nyti-upstream: gke
date: Wed, 15 May 2024 18:39:45 GMT
x-envoy-decorator-operation: a.nytimes.com:443/*
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 32
access-control-allow-headers: Content-Type, x-requested-by

POST
H2 200 track
a.et.nytimes.com/ 0
0 110ms
110ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame C05B 29 KB
29 KB 18ms
9ms Font
font/woff 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 02 Oct 2024 23:01:47 GMT
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 669466
x-guploader-uploadid: ADPycdtNG3LOIDe7kzwv1qtEDxf2fMg-pe97a6PWUbnT9GrD_Uqk5-gmyMrWVW6DJzeD09Gt6_zUXEb5_wcrz4pZYKAAQdLafNVx
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-fra-etou8220097-FRA
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1715798385.876785,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
x-goog-generation: 1605538717313763
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29324
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 2909

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame C05B 29 KB
29 KB 17ms
8ms Font
font/woff 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Sep 2024 01:35:16 GMT
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1186465
x-guploader-uploadid: ADPycdsG8di97j4Z07EFth7ONpI3jQfKDmzMsd-2pdSEBXENRIPi5N-MlO_LzCGPD1D6NsoivTUFDNKWi7_Y2SNiwBTeeCOJe-xO
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-fra-etou8220097-FRA
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1715798385.876643,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
x-goog-generation: 1605538717322939
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29504
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 2873

POST
H2 200 track
a.et.nytimes.com/ Frame C05B 0
0 112ms
112ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 429 report
csp.nytimes.com/ Frame C05B 11 B
539 B 45ms
31ms Other
text/plain 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.nytimes.com/report

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
x-cache: MISS
content-length: 11
x-served-by: cache-fra-etou8220097-FRA
server: cloudflare
x-timer: S1715798385.887672,VS0,VE25
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 884540a19e6ea031-FRA
x-cache-hits: 0

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame C05B 241 B
627 B 13ms
13ms XHR
application/json 13.35.58.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-35.fra60.r.cloudfront.net

Software

DataDome /

Resource Hash

45b5f2352e2aef7320128ca1cccb06a4bd5176ff5e3d3b15da747d563bca0022

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 15 May 2024 18:39:44 GMT
via: 1.1 ebf31a208b1563522327c20ddd946a5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA60-P10
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 241
x-amz-cf-id: SLKXYljVJZcpIyUo6tGm18lfSH4YT7tpmgT1zXqtB5oVq8osL-zMQw==
expires: 0

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 14 B
324 B 130ms
129ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b7df9e792f71647a3f207087e8734dd21031c57048e10f9ced4b5ac04e32f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjQ1MDE3MGMwNDk5ODAwMDFjN2RmMDciLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzE1Nzk4Mzg0fQ.KVd0DqdryO4Om3FaMw2ylZ2PG3y4591Dw9OGsF-dnHM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.nytimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:45 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P76vMPSQbm2fIW293Kqr%2FZwVrw%2BmgfYshO%2FK2VoPeVcLHoq%2F0xTrQyjJHbxFJJ7AhyNRqBBBkIu1TeoyUg0WYhgSujvFWBgtr%2F6cvpy7pYfzuqdSHkzC5VBjU2ZP7IQaGpf%2BiJZyjbUa8UE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 884540a20d3e380d-FRA
content-length: 14

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ Frame C05B 6 KB
2 KB 77ms
55ms XHR
application/json 2a02:26f0:3500:981::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5719328&v=1.720.0&sl=0&si=9952b558-a949-4cd2-a85a-eb6214307585-sdjii8&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7f43e2bbfd3eea344338734e73be8a803b44cdaba33162327757f20e0d09859f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1563

POST
H2 429 report
csp.nytimes.com/ Frame C05B 11 B
382 B 19ms
19ms Other
text/plain 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 May 2024 18:39:45 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
x-cache: MISS
content-length: 11
x-served-by: cache-fra-etou8220097-FRA
server: cloudflare
x-timer: S1715798385.085413,VS0,VE12
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 884540a2c8a8a031-FRA
x-cache-hits: 0

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 14 B
294 B 108ms
107ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b7df9e792f71647a3f207087e8734dd21031c57048e10f9ced4b5ac04e32f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjQ1MDE3MGMwNDk5ODAwMDFjN2RmMDciLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzE1Nzk4Mzg0fQ.KVd0DqdryO4Om3FaMw2ylZ2PG3y4591Dw9OGsF-dnHM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.nytimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 18:39:45 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyFx2Ud4KbbwxiYs4CU%2BjfUByh6%2FrAzlwX9gl4QTIX%2FzC41Y4R8vXZi4mHIdOJHlIxk863B7lWpC4OE785w%2Fyq2z9dzBqGFGnQK79LXY6h5OhKBD8KpDIJD81QamyTFfhWMvz039G0W8c3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 884540a2de70380d-FRA
content-length: 14

POST
H2 200 track
a.et.nytimes.com/ Frame C05B 0
0 109ms
109ms Ping
text/plain 52.70.193.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2024%252F05%252F04%252Fus%252Fpolitics%252Ftrump-donors.html%253Futm_source%253DActiveCampaign%2526utm_medium%253Demail%2526utm_content%253DGeorgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot%2526utm_campaign%253DThe%252520Morning%252520Dispatch_Free%252520Subscribers%252520Only_Georgian%252520Protests%252520Try%252520to%252520Reverse%252520Russian%252520Pivot&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.70.193.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-193-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 429 report
csp.nytimes.com/ Frame C05B 11 B
298 B 38ms
38ms Other
text/plain 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 May 2024 18:39:45 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
x-cache: MISS
content-length: 11
x-served-by: cache-fra-etou8220097-FRA
server: cloudflare
x-timer: S1715798385.270130,VS0,VE31
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 884540a3fa9fa031-FRA
x-cache-hits: 0

GET getdns.txt
trial-eum-clientnsv4-s.akamaihd.net/eum/ Frame C05B 0
0

POST
H2 429 report
csp.nytimes.com/ Frame C05B 11 B
297 B 87ms
86ms Other
text/plain 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://myaccount.nytimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 May 2024 18:39:45 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
x-cache: MISS
content-length: 11
x-served-by: cache-fra-etou8220097-FRA
server: cloudflare
x-timer: S1715798385.270297,VS0,VE80
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 884540a40eeaa06a-FRA
x-cache-hits: 0

GET getdns.txt
trial-eum-clienttons-s.akamaihd.net/eum/ Frame C05B 0
0

POST track
a.et.nytimes.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=288282133657955&bg=!BgWlBUrNAAbZcyKb-XM7ADQBe5WfOMjs7Up7EjNEMd1IJwX8aCZiqN16xx63BFdbFgy4giuANk1_LaDfxe72HTGcxipiAgAAACtSAAAAAWgBB34ANvsOzNDYWFUYLjVfnquOdnYcEITzQnaRmT1XXF2fvZTqWmmxPoZWbFoYs3t2_ACuZPbiWsJABpkCohkVe8IbsV-2jgYgB-VoUmZL90cs5iu1WHutZluqlPw8hRCPrGo6L-L5--2yB9giF75eH-coHm4jLfrqywavAq19P7_bthgv9zOK-RpMHb_VZVapDNBc5kr8omSBrD0YL-U26EHUiAkNjtaf2Di9ffdb1SeoEFdkWxEaq4Swy6eMmYuz1veqpZpSNC_JY2_T81DEzIOTTf1yhOuRpgmnT8titqch-cbZOl9oQmi3u8c0wGwRPQ7ZVD1dV0rewYI1OtqLjNadC0onNpZcUvB_jI53SNrajoyP475U34Q8Zu76CzYFBTg8rdkO4Oz124IBw_JK1cSm0xLZSB2R9SsMxwclumPlCa7Bmssw8fQLYxItEotznDWOGUawLd9016W7Gt3BB9qlFetQvSoHnxl4elOvqAox7wGlt6SuFnZG8pWFHg4B_SOqbVEZjF2SAbesUCMRsBvj9LeyNsMQkBSh8PoWI2Ykurp_lgkA0moUEuohUlSrL_awa7SWpgePLGsPrnJxaEGhUDWZzFhzIc9qHrzCs-sktgSiCWO-idE3tGpK7AQnZ0wP9vnvwv2b5TkrCTBl25XciZ4eC_UZkjn48gjOQPNqFXI6zUY99_TJrQTAdHbC33fLLmQ6WP117gQfpyurOsJvX1i8PTKE45ETUpRMAgo3ns7PQZcbvzjGF9EvtffP_fnPZxJsTpe3cWk0Mcz6q26kotm-VnScC2NDVjjx89vhnH_PGl532rwOsI1QmMNERnFqUQzIXLP69gVdBFWFxZq3uxEoKdRwLdA-me66qNofY4bJoU99d2840aTBJHEbSwOzsmNqgu3T3QFOUeAIIvFayYHSsjz1eXMnwgXazmrPq9_kBtVF1eqdotZSailjrI0A-5JdR6_Ok3kKxSYW

Domain: trial-eum-clientnsv4-s.akamaihd.net
URL: https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pq88r09bz

Domain: trial-eum-clienttons-s.akamaihd.net
URL: https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pq88r09bz

Domain: a.et.nytimes.com
URL: https://a.et.nytimes.com/track

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thedispatch.activehosted.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 27a9bec087007f134bfe4f6477a0aebc
.thedispatch.activehosted.com/	1970-01-20 21:19:50	Name: cmp651308815 Value: 0f9d93adfe41ba75f40906de8f480125
.activehosted.com/	1970-01-20 20:36:40	Name: __cf_bm Value: WgI061p5aHM06NHABF3OcF8e79WLGt.tx66I1sGmNhA-1715798381-1.0.1.1-qrNBrl5w4P37dXizJIP3ZC1bUlUX_DyLfNmAdtfURNKYKJ9FH2BpQ7xaWWlc8LlI6rtL96TlY4Z5zf7actKYQQ
.nytimes.com/	1970-01-21 05:22:14	Name: nyt-a Value: TQj934KFof56K3aYbsHfqw
.nytimes.com/	1970-01-20 20:36:59	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-21 05:22:14	Name: nyt-purr Value: cfhhpnahhudlhulssdd
.nytimes.com/	1970-01-20 20:36:59	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 20:36:59	Name: nyt-geo Value: DE
.nytimes.com/	1970-01-20 20:36:38	Name: nyt.et.dd Value: iv=B46C7172930B47A1A0C031600A1D5D21&val=pYdMwHcj3HU9v5MJaD3tPVvVgKq7Ev7oj/6rTpHXJuY0DvgmE4ak8OZLa51BuN7Gp3x4lT+VAF89O286fem9skzkh+VT98LlE5ogtho26nGpGN/4Z8fgj7CH59Y31Dyx+VmZ7693LTwe1BmPALzWNcN0YyohsWcg78Jtga8eLavBN/dW2QnfLpVPaUtgj37R1/JgH6QJp7yWnn0PnmMiFbNBUxzf5b6K4+Ro+VYbwDo=
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: a0f362731a764769a9a9351f887f3aad
.et.nytimes.com/	1970-01-20 20:36:40	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-21 05:22:14	Name: sessionIndex Value: 1\|1715798382867\|TQj934KFof56K3aYbsHfqw\|1715798382867
.nytimes.com/	1970-01-21 06:06:08	Name: purr-cache Value: <K0<r<C_<G_<S0<a0<ua<T0<Tp_<Tp1_<Tp2_<Tp3_<Tp4_<Tp5_
a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1715798383911&isNew=1&pageIndex=1
a.nytimes.com/	1970-01-21 05:22:14	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-21 05:22:14	Name: nyt-jkidd Value: uid=0&lastRequest=1715798383911&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.www.nytimes.com/	1970-01-21 05:22:14	Name: datadome Value: Rm037lgnrBLRMeTdFtH3Ck8xuh4ZhfOvlEZm7MoNGhJ5hxVKRRewVoOGHre17ZfqYRh72IZx024ZR9iOSIL1io9j2XtO0V_yJNFWt5uDD3bmUaVwRKb35wa0SoQtu19G
.nytimes.com/	1970-01-21 06:05:26	Name: _cb Value: Yd4NGg1k_zCGSv-x
.nytimes.com/	1970-01-21 06:05:26	Name: _chartbeat2 Value: .1715798384167.1715798384167.1.B5Txl7BnzLQLDMmA2dCMe6JGDJDva9.1
.nytimes.com/	1970-01-20 20:36:40	Name: _cb_svref Value: external
.nytimes.com/	1970-01-21 06:12:38	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjQ1MDE3MGMwNDk5ODAwMDFjN2RmMDciLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzE1Nzk4Mzg0fQ.KVd0DqdryO4Om3FaMw2ylZ2PG3y4591Dw9OGsF-dnHM
.myaccount.nytimes.com/	1970-01-21 05:22:14	Name: datadome Value: gI4b8bzbw89KdS8LDeo~9cx3VcuW_4gDAl3imFDGTFk2iGroqDcB_E9~cajpkxD4J3sOlUzEmvkUrhOzlF3Wwp4j9ema~XmZkeTDn5DeBCVg3eJxTH6de0G1UrIA56dF
.et.nytimes.com/	1970-01-20 20:38:04	Name: et-ppvid Value: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html=F58Ki5grLDzPnFKd93yJfkRS^https://myaccount.nytimes.com/auth/iframe/enter-email=Bi-xn65MMrH3kmn645OgIqcA
.nytimes.com/	1970-01-20 20:46:43	Name: RT Value: "z=1&dm=nytimes.com&si=1cb921c1-252b-4fa5-90c1-c2b988923c21&ss=lw8622fm&sl=1&tt=f8&bcn=%2F%2F684dd328.akstat.io%2F&ld=k8"
www.nytimes.com/	1970-01-20 20:36:39	Name: _dd_s Value: rum=0&expire=1715799283059

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	URL: https://www.nytimes.com/2024/05/04/us/politics/trump-donors.html?utm_source=ActiveCampaign&utm_medium=email&utm_content=Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot&utm_campaign=The%20Morning%20Dispatch_Free%20Subscribers%20Only_Georgian%20Protests%20Try%20to%20Reverse%20Russian%20Pivot(Line 192) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://dd.nytimes.com/tags.js(Line 1) Message: Refused to create a worker from 'blob:https://myaccount.nytimes.com/867ab3b8-fc8b-4b9b-b439-387214260483' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://csp.nytimes.com/report Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://684dd328.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.nytimes.com/report Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pq88r09bz' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pq88r09bz' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.nytimes.com/report Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://csp.nytimes.com/report Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8be88f111e9b133b950588a8d4d60a55.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
als-svc.nytimes.com
c.go-mpulse.net
cdn.brandmetrics.com
csp.nytimes.com
dd.nytimes.com
g1.nyt.com
geo.privacymanager.io
iteratehq.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
myaccount.nytimes.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
static.chartbeat.com
static01.nyt.com
thedispatch.acemlna.com
thedispatch.activehosted.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
typeface.nyt.com
www.datadoghq-browser-agent.com
www.googletagmanager.com
www.nytimes.com
a.et.nytimes.com
pagead2.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
13.32.27.78
13.32.99.122
13.33.218.24
13.35.58.35
142.250.185.130
151.101.1.164
151.101.129.164
151.101.65.164
2600:9000:2646:4800:18:1fcd:353:c61
2606:4700:20::681a:5a
2606:4700:20::681a:7e5
2606:4700::6811:cb1f
2a00:1450:4001:811::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a02:26f0:3100:795::11a6
2a02:26f0:3500:981::11a6
3.160.150.23
52.70.193.103
54.235.205.181
54.80.129.100
023ddd73ee33088d9c34f87b95d0bf0ce9c0d3c48e12d302df624881810bcdce
03b7df9e792f71647a3f207087e8734dd21031c57048e10f9ced4b5ac04e32f4
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0dbbb146331e6d7ea9029689734e915d5f5c801dab8f1b8a8908c1a77321e4d6
0eb3b7e36ea396a2e2f32a2ddc52e4d960b544ea8c8303fa100e230f7eaa4195
16f2df588a08c3dff67f3520610dd1f3de5aec75efaa603a09fe8b9f2ff36215
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1ac7b59e9ba4378c491397f208b887acf4bc8b883504d9bc5a5d69e6712f834e
1c6f0e14f413da84c37b8ea3f86bb298751f4452594e18dceb82e6910f640b50
1d166b9fd33b3b62ce1f4a0cef79e16807373a24767d25968700d73c213687f7
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2d294514c008dd4fcb83c420cea8326601d047ef50d7d7463c1ff901605ab0e8
327e30440f3c8283188f7028928ab7571a3b02cfe89982ef5c4653b2b6d736b0
32f5da1b6a65dbf4ed124a29813402076db92d6e5cf2cfee07c7136fe83b38ce
378ec63ef294271e3962319fd974244489f7c5e363bb883700e70cc63874ff18
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3ef3d4d03a9389fd501267e6cf9a159884387333db0a78a2af702a09bbaf159a
45b5f2352e2aef7320128ca1cccb06a4bd5176ff5e3d3b15da747d563bca0022
463c4096503e5578871e8256ef40175b5b3e6de5f4b941d3bebb7084c67bdae2
50308d3987b9d0ded74e9c8a1a41b4f44fc031b5df41486e1aec59eaf29c91cd
535812e094388328df26fd387e309de2ffba14f9d833fed74ab02d7f6f70c241
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5d143010c68b29a8f55007466ac1f9968689a1206bc735f7c81d13182626f5b7
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
615c0f84874dba23a3186e558aa11a09e8789490f4b1f589735ffbf3bd38a1be
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6292ebfc821267edd4f0a0ed85adc617ebf90829a9458bc90a53ad25520545b8
6c0184ca86904447f9eeaee0ecb0fa8eac599de02c82b3197eb81d4cc369b1f4
7305b288dd46abecf3edd73f7bd248f9dc067b65eab266ad7151c407b2ded5ee
73ee4ab83868d81fb4b2f0833c68edb0a4499b7bdf56ee458b3a56ace1669249
761ad6c5382c60dea47194442ab113012de53514d9b6b80c3d7668d851069e34
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
79c4e36a1e1912f897724fb10b67d936da36d05777ad6179b0d34f3cbffd288c
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
7f43e2bbfd3eea344338734e73be8a803b44cdaba33162327757f20e0d09859f
883a684beb5c962132102b07ec2ffbc0900807be0babba8e988a5a3067c63925
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
937be681de2650afce030cf33564448f1692b9511f49428e87e4ea0ce2bd7373
94de5ae7e9bcf74727f45bb30ae37f553db4594012e2704336da5fbbf3357c3e
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
ae03d2c324105000d8ab6d018604eadb1b8d3899e8af7e20ac7cbbd0081161a5
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b2064442f57238d5e04d61bacad93794e723f91204f928f6980801c400b7bea6
b21566496f3c03a6e259ddc817ea8c7dfd9ee727b59d6e9422f66acd402b011d
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b43c85b1b8b209ea11db91c2eb00c38e652ca147528ef62368c81d126fc60ce9
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b822542289add6d67f4b6d391f1061668362eb4e25c3d085ff54949ca20c0788
ba394dd66a7b355b283b75fac5d7dd7bfcbb7da0f078140309ebe633a3a6c16d
c3afe7af3db3907e46e9efeebcec1e85d343f0d38776f0b7ac08f389bedc3ae2
c6c07dca0f0806cc091958dac61206265d75fb4d29f8858da16fc9668ebbc91c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0618ff4d144559acb31dd5ba007968caee3e539da91880f12d8988cb1947242
de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9
e1f2d16b24d78cee4ccb912149230fb7a506108876016c5c96b7356b922b61fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e55c92a2597feaa07529fa59513b172144a94031f61a82362e1249e6950e72d0
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ebcca56f95f0a1d4479ef481e3626eba7e48a9aa2817c3ca4ee9169b49caf082
edfd6dec10157922e2764b0299b90309e1505929b97100aaaba3a6c83503c5d5
f36aafde93df40d6a9d227ebda4377534c246d1563ae694c0e59e4e7161e6647
f4384b8a8833aa13e41ced353ee67bf63069cbc83fdf253f33c57a9df2927750
fc0cce63d0711ae3680fd749322ecf344c3413f8d5a5cdc80adeb59e04b64b34

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

95 %HTTPS

43 %IPv6

14 Domains

32 Subdomains

20 IPs

2 Countries

2974 kBTransfer

11104 kBSize

25 Cookies

24 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

95 %
HTTPS

43 %
IPv6

14
Domains

32
Subdomains

20
IPs

2
Countries

2974 kB
Transfer

11104 kB
Size

25
Cookies

100 HTTP transactions
1 data transactions