www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.newsletters.time.com/?qs=51899307422b3e90712838936f2ffbed067be3ed57921a68deb88d42c5558250b6b286983185056fb217a736ae87...
Effective URL:
https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Submission: On May 12 via api (May 12th 2022, 12:42:05 am UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 15 domains to perform 130 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2584.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.119.37 13.111.119.37	22606 (EXACT-7) (EXACT-7)
33	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
17	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	13.224.198.88 13.224.198.88	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2	174.129.223.242 174.129.223.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 6	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:dc00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	50.16.218.57 50.16.218.57	14618 (AMAZON-AES) (AMAZON-AES)
5	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
130	26

1 13.111.119.37 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.newsletters.time.com

click.newsletters.time.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.198.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-88.fra2.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.223.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-223-242.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:dc00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.218.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-218-57.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2584 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7870 a.et.nytimes.com — Cisco Umbrella Rank: 5178 als-svc.nytimes.com — Cisco Umbrella Rank: 11020 myaccount.nytimes.com — Cisco Umbrella Rank: 13407 dd.nytimes.com — Cisco Umbrella Rank: 10410 meter-svc.nytimes.com — Cisco Umbrella Rank: 11430 a.nytimes.com — Cisco Umbrella Rank: 6084 purr.nytimes.com — Cisco Umbrella Rank: 10207 mwcm.nytimes.com — Cisco Umbrella Rank: 11863	1 MB
28	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9458 static01.nyt.com — Cisco Umbrella Rank: 6436 a1.nyt.com — Cisco Umbrella Rank: 6855 mwcm.nyt.com — Cisco Umbrella Rank: 20038	575 KB
19	google.com news.google.com — Cisco Umbrella Rank: 4610 adservice.google.com — Cisco Umbrella Rank: 74 play.google.com — Cisco Umbrella Rank: 30 www.google.com — Cisco Umbrella Rank: 7	70 KB
14	googlesyndication.com d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130 pagead2.googlesyndication.com — Cisco Umbrella Rank: 95	124 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 ad.doubleclick.net — Cisco Umbrella Rank: 202 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 7021	176 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 5440 iteratehq.com — Cisco Umbrella Rank: 5046	276 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	125 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 5480	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 625	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1226	14 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	102 KB
1	time.com 1 redirects click.newsletters.time.com — Cisco Umbrella Rank: 636478	251 B
130	15

	Domain	Requested by
18	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
12	a.et.nytimes.com	www.nytimes.com
10	www.nytimes.com	www.nytimes.com
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
8	samizdat-graphql.nytimes.com	www.nytimes.com
7	pagead2.googlesyndication.com	tpc.googlesyndication.com www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
7	play.google.com	www.gstatic.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
6	mwcm.nyt.com	www.nytimes.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
4	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	www.gstatic.com	news.google.com www.gstatic.com
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
3	static01.nyt.com	www.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	ad.doubleclick.net	1 redirects www.nytimes.com
2	a.nytimes.com	www.nytimes.com mwcm.nyt.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	mwcm.nytimes.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	click.newsletters.time.com	1 redirects
130	36

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
nebraskaexaminer.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
nyt.qualtrics.com
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-03-20` - `2022-06-18`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
a.nytimes.com R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Frame ID: 2F30FDBAB64FAC505324421BB262CCED
Requests: 87 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 3BF9FE4EA47BA468C1D3E77FCE8ECA19
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458976&publicationId=nytimes.com
Frame ID: 25A32B6C1417CECA555CC6F24B0F6AD7
Requests: 12 HTTP requests in this frame

Frame: https://d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 534E25041230E8C7A6A329F399AFC315
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCyteQzv17uudsdPMCdxNy0Pv2zQQqvXTVdC7VOkPGAOqCelJcY5NM2bsX38XN101GGneqp5Udg_GCTiAqTclthaErlsAHpGJzT3JuN6KYF3V_NK5ZPzko4p47TgQjWvYIVwxmUyzToyGunORKanQpmnI9CiC366FMxOH3cG_aZjgH-3_q_CNjXD2qW6labFms24OEzxGJlgx91yQZf-Fd-_8Jzz8OZnyAFfnAKbEn6HJgw68kLiSjVh7ptLIiGP1kl-H5gt_x4_MtQ7iE8cKhgLfIKieVm3gPZlIuW4frsK2QotMqWD6P94r4OB4_5fL0nd5GwqICBf7E6VpNRBF5ld8Ef6l3C-UHjPRRoA&sai=AMfl-YTylFHEs8cLXNuD70ZI_ZsfROHiiMEJnDqiQWs8xwEchwh3fDpvW07ynlc7oi_Xv5zOo63XI7Xt-xI_SCIBQQXpF94Po9h4YB8rft26JVZEQwX787ZYb-jw6WlHL3V2&sig=Cg0ArKJSzHE4lqTput8-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BE7B3BFA0D8C89D1D83B1E684B88892E
Requests: 8 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html
Frame ID: 0E1E96A883EC8655FE116665EAE76508
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EC144BFE97EE04C1B0F51E655D13BBD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 168A5523B850780009AC858D3FCB7A25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B555A3BF389F309EE78F2998A738603
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html
Frame ID: BF638914F0584ACC3544A2740C69D72F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nebraska Candidate for Governor Accused of Second Groping Incident at 2019 Dinner - The New York TimesThe New York Times: Digital and Home Delivery Subscriptionsplus-iconcheck

Page URL History Show full URLs

https://click.newsletters.time.com/?qs=51899307422b3e90712838936f2ffbed067be3ed57921a68deb88d42c5558250b6b28698... HTTP 302
https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

130
Requests

99 %
HTTPS

58 %
IPv6

15
Domains

36
Subdomains

26
IPs

2
Countries

2621 kB
Transfer

7672 kB
Size

28
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://nebraskaexaminer.com/2022/04/14/gop-state-senator-seven-other-women-say-charles-herbster-groped-them-he-denies-allegations/
Title: reported earlier this month by the Nebraska Examiner

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=1281e5fc-d028-11ea-a072-340cee6a52b6&campaignId=9WJRH
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel
Title: Cancellation and Refund Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

URL: http://nyt.qualtrics.com/jfe/form/SV_6xph8FSrgDdOgap?link=DL&mtc=1&src=https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html&agt=pdy3scFI1pqngqGSbv1ruK&gwlp=2
Title: Tell us why

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.newsletters.time.com/?qs=51899307422b3e90712838936f2ffbed067be3ed57921a68deb88d42c5558250b6b286983185056fb217a736ae879da9342369741c9ca8974ad8d90b32ef842a HTTP 302
https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_pre=CKyriJvd2PcCFbUWiwodG2MH4w;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 67

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html

Request Chain 118

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request charles-herbster-groping.html Show response
www.nytimes.com/2022/04/30/us/politics/
Redirect Chain

https://click.newsletters.time.com/?qs=51899307422b3e90712838936f2ffbed067be3ed57921a68deb88d42c5558250b6b286983185056fb217a736ae879da9342369741c9ca8974ad8d90b32ef842a
https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

252 KB
64 KB

68ms
14ms

Document
text/html

151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5830d8ce4168e725e8ee90b9db20cf52564d659a7e409899daf947f7b1e49c2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36175
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 64224
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 12 May 2022 00:41:58 GMT
fastly-restarts: 1
last-modified: Wed, 11 May 2022 14:39:02 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/04/30/us/politics/charles-herbster-groping.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 008d7c387c8843de8c75f281becf84be
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1652279942.439447,VS0,VE5
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Wed, 11 May 2022 14:39:02 GMT
x-nyt-edge-cache: MISS-HIT
x-nyt-route: vi-story
x-origin-time: 2022-05-11 14:39:03 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2022-05-10T23:53:12.240Z
x-served-by: cache-lga21945-LGA, cache-hhn4027-HHN
x-timer: S1652316118.462901,VS0,VE7
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 193
Content-Type: text/html; charset=utf-8
Date: Thu, 12 May 2022 00:41:57 GMT
Location: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

GET
H2 200 web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 47ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 707349
x-guploader-uploadid: ADPycdtVwouWcHhmchvtI29kKXg5KP6JNxOhMxXXmAGRz62NsNVy-cQaMyps1A0SmdOKyMeBns0PAD4-kuRhseUKy__Rsg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9789
via: 1.1 varnish
x-served-by: cache-hhn4027-HHN
accept-ranges: bytes
expires: Wed, 03 May 2023 20:12:49 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1652316119.535691,VS0,VE0
etag: "0ae5b8ecb62ff6424a71dc89303213f5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149653041
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9789
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 16858

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 7ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2589533
x-guploader-uploadid: ADPycdvF4mLKlSbxEQ4BftZAacvsk_aUfWvO9--lusM7w0LNHiqMGXxxcHqzi4RT0HLNFcicvolRbVWyNxdilsW_kjZfm2mo_7U-
x-goog-stored-content-encoding: identity
x-origin-time: 2022-04-12 01:23:05 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316118.496492,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 45210
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Mon, 11 Apr 2022 23:44:22 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1649720662459239
expires: Wed, 12 Apr 2023 01:23:05 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-bdab2c2b89deef126a50.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 7ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-bdab2c2b89deef126a50.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c5c25ad1e63149364b1e1f2d983294d8f850a6498602a6080e6a4e7e7e3f3e9a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 180737
x-guploader-uploadid: ADPycdvOHyFz_qllPYAsYb9LOVQU0cz_QpNks9v3euJGfMD72RaB-XW9SLtlyYhei3yud1o9lsUoC1eLvTCGNVempV7UCg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-05-09 22:29:41 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.504784,VS0,VE1
etag: "94a6b80ac44aff1f0cf7994ed2905aa1"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-bdab2c2b89deef126a50.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7363
last-modified: Mon, 09 May 2022 21:23:22 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=2nlgiQ==, md5=lKa4CsRK/x8M95lO0pBaoQ==
x-goog-generation: 1652131402493301
expires: Tue, 09 May 2023 22:29:41 GMT
x-gdpr: 1
x-goog-stored-content-length: 20855
accept-ranges: bytes

GET
H2 200 merlin_205826493_bb51ef67-6ca8-49ad-8fad-0d9fcb52e733-jumbo.jpg
static01.nyt.com/images/2022/04/30/us/politics/30pol-herbster1/ 35 KB
35 KB 42ms
8ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/04/30/us/politics/30pol-herbster1/merlin_205826493_bb51ef67-6ca8-49ad-8fad-0d9fcb52e733-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 08681420ef36baad223e5aa5ba1fa6ff6f5ef44a202e0b60650df80c18f7a614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 137963
x-guploader-uploadid: ADPycdv5lAEkr4PIYzUzP0QaBRqQgl2kf9AgwEZVkMKxbppl7yJ7AlpXp44klLev114cZajWz3Rs0CQ_kcU4MEuoDC1dSQ
x-cache: HIT, HIT
fastly-io-info: ifsz=107150 idim=1024x683 ifmt=jpeg ofsz=35336 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 35336
x-served-by: cache-iad-kcgs7200066-IAD, cache-hhn4027-HHN
server: UploadServer
x-timer: S1652316119.548329,VS0,VE1
etag: "Azkecx9H0tK+h9SNAF4nZOESJ62t8d5AQRGPw77Wd3Y"
vary: Accept
x-goog-hash: crc32c=h2IDnw==, md5=2pnSqafh+R5X7xBsHVpVgg==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 10 May 2022 10:22:35 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 9e877853d8234217b58e5762253aa771-thumbLarge.png
static01.nyt.com/images/2019/06/25/reader-center/author-reid-epstein/ 22 KB
22 KB 11ms
7ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2019/06/25/reader-center/author-reid-epstein/9e877853d8234217b58e5762253aa771-thumbLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6d7550671b3c46dd3c18fe46404c5994911fdae4e7e5ddfc57d519395de78333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 60334
x-guploader-uploadid: ADPycdtbf8EJcc0dYmCw7PcYld9GBBK2C_0e7N2dVHUxOompjjJIgPTzY2OxtXZQFobJ1dMiuFvpPZ7CEB2v4sDLRTEkwzs3Mb6B
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 3
content-length: 22325
x-served-by: cache-iad-kiad7000057-IAD, cache-hhn4027-HHN
last-modified: Tue, 25 Jun 2019 14:28:26 GMT
server: UploadServer
x-timer: S1652316119.548433,VS0,VE0
etag: "a6189d8e8e213da1b03bb87ddf9a649d"
vary: Origin
x-goog-hash: crc32c=+ydeLw==, md5=phidjo4hPaGwO7h935pknQ==
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 16:28:47 GMT

GET
H2 200 vendor-e22d19e4128a4af60324.js Show response
www.nytimes.com/vi-assets/static-assets/ 273 KB
84 KB 9ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-e22d19e4128a4af60324.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bded69bae6624b5f96a4211d6880aade13e98a4f1d9de7f86568affab95bcad6

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1923307
x-guploader-uploadid: ADPycdvcYldu__xS866nAzy8N27z9KUX7Ks1Yorn2UdfVOOcnOE48qDAvPhuBLMsR1E_G4XQD4SP2J3qAGgrquNCJkrS
x-goog-stored-content-encoding: identity
x-origin-time: 2022-04-19 18:26:51 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.561459,VS0,VE1
etag: "bbfc5f64a06b73da2e37e3620525f9d3"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-e22d19e4128a4af60324.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 62269
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 85097
last-modified: Tue, 19 Apr 2022 18:18:57 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=bh3I0Q==, md5=u/xfZKBrc9ouN+NiBSX50w==
x-goog-generation: 1650392337399893
expires: Wed, 19 Apr 2023 18:26:50 GMT
x-gdpr: 1
x-goog-stored-content-length: 279566
accept-ranges: bytes

GET
H2 200 story-1f293e1da9d591aa8f6c.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
336 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-1f293e1da9d591aa8f6c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c88673de367da506ddb29c30aed224dd9cc63615dbc021bcc357bbf527142e6

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 108984
x-guploader-uploadid: ADPycdsCE-PBHSCJqiF8NCxi8-RglauyF9Dw5vm0_z3_i-TEbzvMyzsgESR4fMp74WPl6YVoLoqjhqmegTa0mz5nCsNZ2w
x-goog-stored-content-encoding: identity
x-origin-time: 2022-05-10 18:25:34 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.561614,VS0,VE1
etag: "6a9baecd77967327b2f773f588e1d42c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-1f293e1da9d591aa8f6c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 343413
last-modified: Tue, 10 May 2022 17:34:35 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=wVl//g==, md5=apuuzXeWcyey93P1iOHULA==
x-goog-generation: 1652204075789808
expires: Wed, 10 May 2023 18:25:33 GMT
x-gdpr: 1
x-goog-stored-content-length: 1298595
accept-ranges: bytes

GET
H2 200 main-7ea690774e420935ae29.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
335 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

04314e7b99d10dd76dc7c4a6a4f49344f0c7b1435884bb4521dbda789c8bc3d8

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 108964
x-guploader-uploadid: ADPycdtL45_OdVLEAHKmEsHIHzYCt4xujT6szq8N7DBF8qHheRL8onHP-MbKaAaEI-EoMbGucLH1eDk8LYrhYQg0XobgbQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-05-10 18:25:55 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.561606,VS0,VE1
etag: "04ad57fabecd54cc38589d35b9a10ac5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-7ea690774e420935ae29.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 297
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 341999
last-modified: Tue, 10 May 2022 18:07:20 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=I+JYtQ==, md5=BK1X+r7NVMw4WJ01uaEKxQ==
x-goog-generation: 1652206040179707
expires: Wed, 10 May 2023 18:25:54 GMT
x-gdpr: 1
x-goog-stored-content-length: 1219323
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 375 KB
102 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2f175b0d2417bb5d4429a362c6fd0da6f164bb74512e558f56806c9207be041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 55ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 116
content-length: 0
date: Thu, 12 May 2022 00:41:58 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: b522759c586c8887
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4064-HHN
x-timer: S1652316119.601978,VS0,VE0

POST
H2 200 track
a.et.nytimes.com/ 0
0 173ms
101ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
811 B 109ms
108ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-eae31a8 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 48239bf727f68848-36f8f83ad50b89b2-0
age: 0
x-cache: MISS
samizdat-x-instance: 17a6d33a
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 6223415321d3c7f7
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-eae31a8
x-timer: S1652316119.610364,VS0,VE102
x-nyt-region: HE
x-served-by: cache-hhn4027-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 48239bf727f68848-36f8f83ad50b89b2-0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 145 KB
45 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f33143f9f7c90f7a5345e4bc65d72db7db8152971e189c30415a2a996e1b3002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45793
x-xss-protection: 0
last-modified: Wed, 11 May 2022 20:52:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 12 May 2022 01:23:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 75ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c196a94c4800b15018a87c4b2a3e51969562f8a1281e1c5e6f5c1b83523143b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28393
x-xss-protection: 0
server: sffe
etag: "1212 / 336 of 1000 / last-modified: 1652306786"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 May 2022 00:41:58 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 974 B
1 KB 384ms
311ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F0b307c9a-c28c-5147-a9ef-54e1fcdd4c9a&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ae5f28eaf75dabb9076d6646e75fc8de7bec1cdfaad188f1c350f785a9c70519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 38ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1839208
x-guploader-uploadid: ADPycdua9iEgrnJWHTIdZld1l0t90R3YlWhM0KS85hCT1QqroJZPCgqz6XH5L0KgAhogX4ZUc-ZyMpfkTVGxoCkpsGjkHA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:29 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1652316119.600076,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180561781
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19816
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 27826

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 46ms
16ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1839208
x-guploader-uploadid: ADPycdtYVbZQXTnpchkivenylM1DmVvEd_Jx4mtIRwxhMWf3orGFfs7PX-5iK_jQy1nP0daw_tT4dnbxYPw6MEZpyfBo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:29 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1652316119.600383,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180610251
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 27957

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 37ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 15724057
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1652316119.600063,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17693

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 46ms
16ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 15121941
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1652316119.600401,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 11057

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 45ms
16ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1839209
x-guploader-uploadid: ADPycdslE5mqQygzxfg3XpYZmgl_ig-AvO33TIV9fI44SQkkvytfIX2KKX7Ua_Tpwv1Zb4lIUAqjBZ7j1E4xIqXRli11
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:29 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1652316119.600416,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180541296
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23008

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 52ms
23ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1985631
x-guploader-uploadid: ADPycdsupGZBtfyEtUZCrrlJSlP-NvKgk5h0K03F_Kb35zhaRG1G7gTSrc5Z-3asiNmJzbzG62XTmU8ab6eIlHgJq8uTAD8m1Ufh
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 19 Apr 2023 01:08:07 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1652316119.600432,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9472

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 13ms
13ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1583656
x-guploader-uploadid: ADPycdtokYgZtWl8rhi-79r1LKaPhecMr0dqBiwh2xc_sSDujJuf0UkYshFraNjUTvEeI6LGxxrd1zjI_Vk3FxVWonYa-DqiM-Fo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Sun, 23 Apr 2023 16:47:42 GMT
last-modified: Wed, 20 Apr 2022 13:09:41 GMT
server: UploadServer
x-timer: S1652316119.614927,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460181094705
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 25871

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 13ms
13ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Thu, 12 May 2022 00:41:58 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1386010
x-guploader-uploadid: ADPycdtIqnjeD4B7ks-jtEooS8CE2vRJpBFWQu83PaR2kEb7JwKF36P8WBHSb1QVV2HUrCI6Uyu3O27Am16m_ysTY4x3fg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Tue, 25 Apr 2023 23:41:48 GMT
last-modified: Wed, 20 Apr 2022 13:09:39 GMT
server: UploadServer
x-timer: S1652316119.615019,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460179222416
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17021

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 3BF9 393 B
984 B 28ms
8ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

4f6d68c2c6521c71826d632760c82bbf7f23b3afb1447cdf938db1184225d46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 256
cache-control: public, max-age=600
content-encoding: gzip
content-length: 277
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 12 May 2022 00:41:58 GMT
etag: W/"189-Y3OCK3/PCvjCIkDuzbbKMzwYW7c"
server: Google Frontend
strict-transport-security: max-age=300; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 1
x-cloud-trace-context: 0b33c22b027ec27e0f9789cdcd847a9c
x-content-type-options: nosniff
x-datadog-parent-id: 7428736403232275567
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
x-datadog-trace-id: 7428736403232275567
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-hhn4027-HHN

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 12 May 2022 00:56:00 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 8ms
7ms Other
image/svg+xml 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 23:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 12 May 2022 00:45:04 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 25A3 24 KB
8 KB 83ms
83ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=458976&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90b7d33f0c32ee2b1205016d2b5de50caf3877fd994806631dc79832787f0198

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-npjv029mCXa8LzYqXQCexg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-npjv029mCXa8LzYqXQCexg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-npjv029mCXa8LzYqXQCexg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-npjv029mCXa8LzYqXQCexg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Thu, 12 May 2022 00:41:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-956ef160cd1e173ef28a.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
14 KB 10ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-956ef160cd1e173ef28a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e37056e3ed73ac9020d2c7772b50f5298421758187dba9a1b400561607572af

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 707345
x-guploader-uploadid: ADPycdvc4CdK1Mz2d-mnNoRoAl7E-yH4q59W1goOoA96tZTxd7G0xh_KfrxNbC3C6-o1RyWp8m6_KXBCHVmJ_dYVl08UosQNDtry
x-goog-stored-content-encoding: identity
x-origin-time: 2022-05-03 20:12:53 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.800899,VS0,VE1
etag: "6d2b27c8b04950f525f3f1f97f8d9943"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-956ef160cd1e173ef28a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13793
last-modified: Tue, 03 May 2022 19:50:47 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=z3ZHeQ==, md5=bSsnyLBJUPUl8/H5f42ZQw==
x-goog-generation: 1651607446973868
expires: Wed, 03 May 2023 20:12:53 GMT
x-gdpr: 1
x-goog-stored-content-length: 43882
accept-ranges: bytes

GET
H2 200 vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveblog~paidpost~search~slidesh~6f0c2549-ff6678dde497f1638981.js Show response
www.nytimes.com/vi-assets/static-assets/ 37 KB
10 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveblog~paidpost~search~slidesh~6f0c2549-ff6678dde497f1638981.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

552bb27863c18c76fe2873b02a526ca78a163adea757c736a3da7d3f6eda33fb

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 638579
x-guploader-uploadid: ADPycdsKptXA45AjTOQbWsEW10wTSXDjdBdGRct-0ZTT1ZZJKg7l_a0_9-xWOH-tnX4hD27t04cveVo0vNVPz533kJhtkiqFZ3on
x-goog-stored-content-encoding: identity
x-origin-time: 2022-05-04 15:18:59 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.800875,VS0,VE1
etag: "42ae6e6ee85eb41e9e66a9340e026f6a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveblog~paidpost~search~slidesh~6f0c2549-ff6678dde497f1638981.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 17555
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 9491
last-modified: Wed, 04 May 2022 14:38:20 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=xb/nLQ==, md5=Qq5ubuhetB6eZqk0DgJvag==
x-goog-generation: 1651675100823551
expires: Thu, 04 May 2023 15:18:59 GMT
x-gdpr: 1
x-goog-stored-content-length: 38221
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-1b3ee4f66bb009a16299.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 10ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-1b3ee4f66bb009a16299.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ca0cddac183ceb8f9c4fc3418550b556c6e2aa943d4eb0c7f872f523ffab5db

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1141445
x-guploader-uploadid: ADPycdsjrDF-GagLxzR33irERXc8LINlkz-7AgrniQhxuXFKcSvwZ9tlRSCYeQ8mcdLyOzUxuv67WmWTws9-tYDXuPu2Kg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-04-28 19:37:53 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.800851,VS0,VE1
etag: "b687202a5215d9b0e84ac0a8c605500d"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-1b3ee4f66bb009a16299.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 27223
date: Thu, 12 May 2022 00:41:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13330
last-modified: Thu, 28 Apr 2022 19:10:06 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=m5bGig==, md5=tocgKlIV2bDoSsCoxgVQDQ==
x-goog-generation: 1651173006407042
expires: Fri, 28 Apr 2023 19:37:53 GMT
x-gdpr: 1
x-goog-stored-content-length: 68934
accept-ranges: bytes

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
58 B 84ms
84ms Fetch
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.nytimes.com
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022050901.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 22ms
7ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

010c2e34dbc2aaadf863b6025f837d39a6d507fcb2389f306875b60242429822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 21:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127498
x-xss-protection: 0
last-modified: Mon, 09 May 2022 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 May 2023 21:47:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
374 B 31ms
17ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

92fe78449b2ce5358354322dff1de1f518551b8192cbf0ccff2839b058b28df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 349
x-xss-protection: 0
expires: Thu, 12 May 2022 00:41:58 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 3BF9 2 KB
2 KB 19ms
19ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
x-api-version: F-X
age: 364
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 55
x-cache-hits: 1
content-length: 1252
x-served-by: cache-hhn4027-HHN
server: envoy
etag: "AW-A4Q"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: b0ea823d47e7dea3e6c36874138ba3ed
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 11 May 2022 17:51:00 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 3BF9 410 KB
138 KB 19ms
19ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=a7622d9

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ba78232fc2c41fa1ea3eb97f4481a1a62e2b0e89776f5eb348cadcdfc9fce0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:58 GMT
content-encoding: gzip
x-api-version: F-X
age: 461
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-cache-hits: 3
content-length: 141312
x-served-by: cache-hhn4027-HHN
server: Google Frontend
etag: "AW-A4Q"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: ab1d70d2dfc55e2693f6ad429bd44012
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 10 May 2022 14:50:13 GMT

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 25A3 0
25 B 27ms
26ms Other
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-57cmjgvq0beBPKlI8BT55w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-57cmjgvq0beBPKlI8BT55w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458976&publicationId=nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-57cmjgvq0beBPKlI8BT55w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-57cmjgvq0beBPKlI8BT55w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
date: Thu, 12 May 2022 00:41:58 GMT
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 253 KB
47 KB 142ms
45ms Script
text/javascript 13.224.198.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-88.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

cd710281ae1c88176e1ba7006892c47f79e5136ed50ecf599a8cc8f347b9a1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:12:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1757
x-cache: Hit from cloudfront
content-length: 47616
access-control-allow-origin: *
last-modified: Tue, 10 May 2022 08:51:55 GMT
server: Apache
etag: "3f2be-5dea46fd0d28a-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: Y9cuB_L2x8JHX2TYv8EFHXpG061hU_VUJPcyo60vcVg84SUeaG99jQ==
expires: Thu, 12 May 2022 01:12:42 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 25A3 21 KB
6 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458976&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 12 May 2022 00:56:00 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/am=MAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 25A3 165 KB
59 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/am=MAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4LR36xL71iynGFQAJGl6sYHWhhHw/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458976&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e5709c2a65cd3a0fd3f3fe33a0a4fa0685eb5950ccb19e3e802a2fc80864f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59303
x-xss-protection: 0
last-modified: Tue, 10 May 2022 22:55:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 May 2023 19:51:46 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 6ms
6ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 117
content-length: 0
date: Thu, 12 May 2022 00:41:59 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: 86f045aa379fa3ad
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4064-HHN
x-timer: S1652316119.192516,VS0,VE0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 117
content-length: 0
date: Thu, 12 May 2022 00:41:59 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 6
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: bacb8b2de268e69f
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4064-HHN
x-timer: S1652316119.296297,VS0,VE0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 117
content-length: 0
date: Thu, 12 May 2022 00:41:59 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: aef90eeb0ee91598
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4064-HHN
x-timer: S1652316119.325540,VS0,VE0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
784 B 107ms
106ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-eae31a8 /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 5ccc30c53e212784-3633feb13864c430-1
x-cache: MISS
samizdat-x-instance: 17a6d33a
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 10541766d2754cd7
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: HE
server: samizdat-graphql-eae31a8
x-timer: S1652316119.199687,VS0,VE100
x-nyt-continent: EU
x-served-by: cache-hhn4027-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 5ccc30c53e212784-3633feb13864c430-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 654 B
1 KB 290ms
204ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&pageviewID=nJ7bYd-EkujeyVOcHJP3mtIY
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: c07c93e5e1fa170fc9bc654d7d79eb17acc8a27273ca96cb072e8f1bf8a246d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 654

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
752 B 110ms
110ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-eae31a8 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 2f69962347627fb8-73d41260885c0314-0
age: 0
x-cache: MISS
samizdat-x-instance: 0b40414a
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 2cafb6f988735612
content-length: 77
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-eae31a8
x-timer: S1652316119.303876,VS0,VE104
x-nyt-region: HE
x-served-by: cache-hhn4027-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 2f69962347627fb8-73d41260885c0314-0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 41 KB
7 KB 167ms
167ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-eae31a8 /
Resource Hash: eca08ff1732ac54d0d0d99d9c16db98c991046bbfc749a536d44d7b433c597c5

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 1c72293489610c25-6dd7399c3f3bbdf1-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 513e7adf
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: ef5351149b57756f
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Thu, 12 May 2022 00:41:59 GMT
server: samizdat-graphql-eae31a8
x-timer: S1652316119.333267,VS0,VE161
x-nyt-region: HE
x-served-by: cache-hhn4027-HHN
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 1c72293489610c25-6dd7399c3f3bbdf1-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-b3e392a3048ee146971a.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 8ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-b3e392a3048ee146971a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e1678fbf7ed9938f6dfee16013ed42cea063666bae5ef6557a575f8c9f41d38d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1141434
x-guploader-uploadid: ADPycduGzUTjgP9ufK3eDmAqrFvr9Cmqvy4BBRCMTWMwDyv5GDze57iBHqxZAU6fl-60CJaxXvPSs8LyzEgrhDH1Pu1NywgnbeOk
x-goog-stored-content-encoding: identity
x-origin-time: 2022-04-28 19:38:06 UTC
x-served-by: cache-hhn4027-HHN
x-timer: S1652316119.329915,VS0,VE1
etag: "f9eef1f976107068cdbd7d86fbb14a22"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-b3e392a3048ee146971a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 25081
date: Thu, 12 May 2022 00:41:59 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15168
last-modified: Thu, 28 Apr 2022 19:10:05 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=bhMtjg==, md5=+e7x+XYQcGjNvX2G+7FKIg==
x-goog-generation: 1651173005013598
expires: Fri, 28 Apr 2023 19:38:05 GMT
x-gdpr: 1
x-goog-stored-content-length: 51638
accept-ranges: bytes

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 437ms
141ms XHR
application/json 174.129.223.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&caller_id=nyt-vi&jkcb=1652316119340&referrer=&sourceApp=nyt-vi
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 174.129.223.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-223-242.compute-1.amazonaws.com
Software: envoy /
Resource Hash: ed70be4fb83b089e4d311d63d0141f2a57217cacd059e3b4d3c7921d912c385e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
server: envoy
access-control-allow-headers: Content-Type, x-requested-by
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: e490f1532e415126df81c0ccc4d1f818
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 12 May 2022 00:41:59 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 640ms
564ms Fetch
text/html 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 2a44403496b3f19b8334374555c7bd6d
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 12 May 2022 00:41:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 58ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 51ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 161ms
160ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=907514209831793&correlator=3353992457498247&eid=31067486%2C31067550%2C44752586&output=ldjh&gdfp_req=1&vrg=2022050901&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=1133286891&sfv=1-0-38&ecs=20220512&fsapi=false&didk=4011368107&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1142&cust_params=als_test_clientside%3Dweb_none_none_20220512004158%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1652279942584%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26per%3Dherbstercharlesw%252Ctrumpdonaldj%26org%3Drepublicanparty%26geo%3Dnebraska%26des%3Dsexualharassment%252Celectionsgovernors%252Cpoliticsandgovernment%252Cendorsements%26auth%3Dreidjepstein%26coll%3Dusnews%252Cuspolitics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008327445%26pt%3Dnt1%252Cnt10%252Cnt11%252Cnt12%252Cnt13%252Cnt15%252Cnt16%252Cnt18%252Cnt19%252Cnt21%252Cnt5%252Cnt9%252Cpt20%252Cpt6%252Cpt7%26gscat%3Dneg_citi_aa%252Cneg_ibmtest%252Cneg_chanel%252Cneg_mastercard%252Cneg_elec%252Cneg_ts%252Cneg_debeer%252Cneg_gg1%252Cneg_google%252Cgs_politics%252Cgs_law%252Cneg_bofa%252Cneg_capitalone%252Cneg_mtb%252Cneg_mttl%252Cgs_law_misc%252Cneg_ibm%252Cgs_politics_misc%252Cneg_amz_sfe%252Cgs_politics_american%252Cneg_sabic%252Cgs_business_marketing%252Cgs_business%252Cgv_safe%252Cgs_t%26tt%3D105%252C46%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_1_msginv_nocta%252Cdfp_disp_incr_1_test%252Cdfp_amzn_2_adslot_priority%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3DnJ7bYd-EkujeyVOcHJP3mtIY%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dpdy3scFI1pqngqGSbv1ruK&sc=1&cookie_enabled=1&abxe=1&dt=1652316119653&lmt=1652279942&dlt=1652316118475&idt=1119&biw=1600&bih=1200&adxs=0&adys=76&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1507356830.1652316120&ga_sid=1652316120&ga_hid=533912488&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f70b005bb078dd7b613020ebb45356405ddc8f9ba51d017bec5c32a26b023139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10080
x-xss-protection: 0
google-lineitem-id: 5939152737
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383468471
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 434 B
263 B 45ms
45ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=907514209831793&correlator=3353992457498247&eid=31067486%2C31067550%2C44752586&output=ldjh&gdfp_req=1&vrg=2022050901&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=2&adks=1723209830&sfv=1-0-38&ecs=20220512&fsapi=false&didk=2459026112&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1146&cust_params=als_test_clientside%3Dweb_none_none_20220512004158%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1652279942584%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dtrue%26per%3Dherbstercharlesw%252Ctrumpdonaldj%26org%3Drepublicanparty%26geo%3Dnebraska%26des%3Dsexualharassment%252Celectionsgovernors%252Cpoliticsandgovernment%252Cendorsements%26auth%3Dreidjepstein%26coll%3Dusnews%252Cuspolitics%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000008327445%26pt%3Dnt1%252Cnt10%252Cnt11%252Cnt12%252Cnt13%252Cnt15%252Cnt16%252Cnt18%252Cnt19%252Cnt21%252Cnt5%252Cnt9%252Cpt20%252Cpt6%252Cpt7%26gscat%3Dneg_citi_aa%252Cneg_ibmtest%252Cneg_chanel%252Cneg_mastercard%252Cneg_elec%252Cneg_ts%252Cneg_debeer%252Cneg_gg1%252Cneg_google%252Cgs_politics%252Cgs_law%252Cneg_bofa%252Cneg_capitalone%252Cneg_mtb%252Cneg_mttl%252Cgs_law_misc%252Cneg_ibm%252Cgs_politics_misc%252Cneg_amz_sfe%252Cgs_politics_american%252Cneg_sabic%252Cgs_business_marketing%252Cgs_business%252Cgv_safe%252Cgs_t%26tt%3D105%252C46%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_1_msginv_nocta%252Cdfp_disp_incr_1_test%252Cdfp_amzn_2_adslot_priority%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D3%26page_view_id%3DnJ7bYd-EkujeyVOcHJP3mtIY%26purr%3Dnpa%26uap%3Dbrowser%26aid%3Dpdy3scFI1pqngqGSbv1ruK&sc=1&cookie_enabled=1&abxe=1&dt=1652316119661&lmt=1652279942&dlt=1652316118475&idt=1119&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1507356830.1652316120&ga_sid=1652316120&ga_hid=533912488&ga_fc=false&btvi=-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9e08aa57b0d750986336c9cb3a63c85fd202dadfd71a12bb98ac0edd03e4cf9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 534E 6 KB
4 KB 69ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 00:41:59 GMT
expires: Fri, 12 May 2023 00:41:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25A3 15 KB
16 KB 57ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458976&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 113718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 10 May 2023 17:06:41 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.k2W84khHDwE.L.B1... Frame 25A3 129 KB
43 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.k2W84khHDwE.L.B1.O/am=MAAg/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6klwvjmTzi59fXCdlTqWujGLWY6w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/am=MAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI4LR36xL71iynGFQAJGl6sYHWhhHw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c47d3bd7a98b743523d351fdd30425f53ff19adf93cac4ff09f6fcf6c26c816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44283
x-xss-protection: 0
last-modified: Tue, 10 May 2022 22:21:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 May 2023 19:51:47 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
564 B 78ms
34ms XHR
application/json 13.224.198.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-88.fra2.r.cloudfront.net
Software: DataDome /
Resource Hash: 8910e94ddb3bcfdc4c258f4a3e8125cd8c7554739c07990dd395eb601253e128

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:41:59 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: J3Jym3zjh71iJFTW45tKN9D52i3PxHwR5ZGfoXkyEVQYIQo9Jx68fg==
expires: 0

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 58 KB
14 KB 595ms
577ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: dc492a2a1cc4ce6c0844b62ba2ec280897da0c5848f3b9813081df9138214a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4027-HHN
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1652316120.853547,VS0,VE571
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 7d31d859d8561246494d76884be33089
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 117ms
116ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BE7B 0
0 42ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCyteQzv17uudsdPMCdxNy0Pv2zQQqvXTVdC7VOkPGAOqCelJcY5NM2bsX38XN101GGneqp5Udg_GCTiAqTclthaErlsAHpGJzT3JuN6KYF3V_NK5ZPzko4p47TgQjWvYIVwxmUyzToyGunORKanQpmnI9CiC366FMxOH3cG_aZjgH-3_q_CNjXD2qW6labFms24OEzxGJlgx91yQZf-Fd-_8Jzz8OZnyAFfnAKbEn6HJgw68kLiSjVh7ptLIiGP1kl-H5gt_x4_MtQ7iE8cKhgLfIKieVm3gPZlIuW4frsK2QotMqWD6P94r4OB4_5fL0nd5GwqICBf7E6VpNRBF5ld8Ef6l3C-UHjPRRoA&sai=AMfl-YTylFHEs8cLXNuD70ZI_ZsfROHiiMEJnDqiQWs8xwEchwh3fDpvW07ynlc7oi_Xv5zOo63XI7Xt-xI_SCIBQQXpF94Po9h4YB8rft26JVZEQwX787ZYb-jw6WlHL3V2&sig=Cg0ArKJSzHE4lqTput8-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 May 2022 00:41:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 12 May 2022 00:41:59 GMT

GET
H3

200

B27024244.330401492;dc_pre=CKyriJvd2PcCFbUWiwodG2MH4w;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame BE7B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_pre=CKyriJvd2PcCFbUWiwodG2MH4w;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_r...

14 KB
10 KB

53ms
38ms

Script
text/javascript

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_pre=CKyriJvd2PcCFbUWiwodG2MH4w;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

723367d64697853c3b13df6a2091b2859850901233e9311c9c7155f8bfedd675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10702
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 May 2022 00:41:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_pre=CKyriJvd2PcCFbUWiwodG2MH4w;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE7B 120 KB
37 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 May 2022 00:41:59 GMT

GET
H2 200 17574243841904687785
tpc.googlesyndication.com/simgad/ Frame BE7B 48 KB
48 KB 42ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17574243841904687785?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c24f3de2687b3b576b120f3f790fa8bbea560209322e6f6e4a5ed58cd2fec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 08 May 2022 13:07:40 GMT
x-content-type-options: nosniff
age: 300859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48801
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 21:37:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 May 2023 13:07:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4029
date: Wed, 11 May 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 12 May 2022 01:34:50 GMT

GET
H3

200

activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus... Show response
5290727.fls.doubleclick.net/ Frame 0E1E
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fw...

558 B
403 B

29ms
29ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

96292ba673d2bb537c8ad55412f5a9c9636cbdf490c0dd789d5a6defcd350359

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 00:41:59 GMT
expires: Thu, 12 May 2022 00:41:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 00:41:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 80ms
11ms Script
application/x-javascript 2600:9000:2315:dc00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:dc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:17:57 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:08:30 GMT
server: nginx
age: 1442
etag: W/"625f4efe-8bf5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: vS5t6Kuc4gG-BSypOvEcA8cpjRjXftFGHfhSkoCk399ENuXknOXFjw==
expires: Thu, 12 May 2022 02:17:57 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
691 B 14ms
6ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
content-type: application/javascript
age: 80827
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4027-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1652316120.932988,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 4462

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
105ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 104ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1928488993
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:42:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 25A3 437 B
330 B 36ms
36ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=8285143989028602369&bl=boq_subscribewithgoogleclientserver_20220510.10_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=2520&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41d146ed110c05e2ed3d7f79c94386bcd5145fbff652f82bdf9c78d952e4d91c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 12 May 2022 00:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.k2W84khHDwE.L.B1... Frame 25A3 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.XCsIqByFgOQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.k2W84khHDwE.L.B1.O/am=MAAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6klwvjmTzi59fXCdlTqWujGLWY6w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53dabb9327fc7d2e5869e3402132aafaebfd0d01e3bb5f56d777164ef3adb386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7451
x-xss-protection: 0
last-modified: Tue, 10 May 2022 22:21:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 May 2023 19:51:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=533912488&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&dr=&ul=en-us&de=UTF-8&dt=Nebraska%20Candidate%20for%20Governor%20Accused%20of%20Second%20Groping%20Incident%20at%202019%20Dinner%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=639558337&gjid=1670329569&cid=1507356830.1652316120&tid=UA-58630905-2&_gid=986130400.1652316120&_r=1&gtm=2wg590P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&cd3=&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000008327445&cd18=Reid%20J.%20Epstein&cd19=Nebraska%20Candidate%20for%20Governor%20Accused%20of%20Second%20Groping%20Incident%20at%202019%20Dinner&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2022&cd27=2022-04-30-11&cd28=Saturday&cd29=11&cd30=1652226792240&cd32=U.S.%20News%2CU.S.%20Politics&cd33=SECTION%2CSECTION&cd34=NEWS&cd36=30pol-herbster&cd37=467&cd38=Politics&cd42=nyt-vi&cd43=Sexual%20Harassment%2CElections%2C%20Governors%2CPolitics%20and%20Government%2CEndorsements&cd44=Republican%20Party&cd45=Herbster%2C%20Charles%20W%2CTrump%2C%20Donald%20J&cd46=Nebraska&cd48=April&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Politics&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=pdy3scFI1pqngqGSbv1ruK&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=pdy3scFI1pqngqGSbv1ruK&z=686397412

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:41:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame 25A3 131 B
672 B 69ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 12 May 2022 00:42:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 25A3 131 B
155 B 56ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 12 May 2022 00:42:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
40ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 12 May 2022 00:42:00 GMT
expires: Thu, 12 May 2022 00:42:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 25A3 131 B
155 B 57ms
43ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 12 May 2022 00:42:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
40ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 12 May 2022 00:42:00 GMT
expires: Thu, 12 May 2022 00:42:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 25A3 131 B
155 B 56ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 12 May 2022 00:42:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
41ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 12 May 2022 00:42:00 GMT
expires: Thu, 12 May 2022 00:42:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BE7B 41 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27024244.330401492;dc_trk_aid=522292649;dc_trk_cid=167477935;ord=1034446030;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 08:35:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BE7B 0
0 42ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHzf9QPPD2PynbN_OiTKToVHfEvfLsi4rC45l9pKnB5ATYQGvyCXRE5XykxL_A9FHj9QvygMA5MPQWGx2P5TnmoUszqT_OxJKOMz8CpP84TE17BvQs6EoebLeC6UZTZPdE63vRhanZ7GCtwUB_LNQfa1geFYvdce9jH78m9AngxVYsalmb2Y85PLbW4noB9s5X5NE2n5rLXl0mfUymjXAz6qmKl1r-_OFvX5wjPPb2JpbUktgOYcaH95KjQKBpQ1ANGqEfx8qCpeiQrb9PuMnqYK-IVwD_Mnc9WCsYah_ttLUmO3e3jn7lIgoCsIFmsOoyUtc&sai=AMfl-YTY_NJ-0dco20Wq075ekU-w-F-Xn1Jq6B08gZ8Q6gCGfQGhJfhI8jul0Vc4Sf63Rvsa3b-C7VanRWVygdl0mMREYud-4GHLreZYsthBS63Q7pLt9_ilHaqVMHylj5_W&sig=Cg0ArKJSzAEcWf56QFUrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 May 2022 00:42:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 12 May 2022 00:42:00 GMT

GET
DATA 200
OK truncated
/ Frame BE7B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67e1ad83c936e8240063b26e4e9ba4b369d9b235958b31cbb61174e0144934ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbste...
adservice.google.com/ddm/fls/z/ Frame 0E1E 42 B
63 B 64ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPLDjJvd2PcCFUweBgAdZjAE-Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5940405387943;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 306ms
99ms Image
image/gif 50.16.218.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&u=DnOYdNBgMjwmBBYtSe&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=Reid%20J.%20Epstein&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2222&t=CfXYbJSzuUPBN-aqY5W6b2Cj0REX&V=132&i=Nebraska%20Candidate%20for%20Governor%20Accused%20of%20Second%20Groping%20Incident%20at%202019%20Dinner&tz=0&_acct=anon&sn=1&sv=CZyf-wCQPqoyBcPaWSCcrah4Bjb6wQ&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.218.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-218-57.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:42:00 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2EC1 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 144225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 08:38:15 GMT
expires: Wed, 10 May 2023 08:38:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EC1 35 KB
14 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 21:00:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 May 2023 21:00:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EC1 0
20 B 56ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8QKo11d8Yu-1OujD7_UP9-mnsAwAAAAAOAHgBAI&bg=!mJulm9_NAAZX5TVhd-U7ACkAdvg8WkqvMOtrNw8jr_KwawHA9iG0lrZhHjItFAn6Hw0PRB0CIUs1iQIAAABTUgAAAAFoAQeZAsTLr1HXOzZmJRXuknGolLiUzEQLe-F7ju97gRIFx9_fdPvD-4RDVxs8jWsizOCDJTyI8-gJzHSE7xQpfp10vA1Mdw1UnopQSqedSqpn2rkw_LzNogbiqRX6V388Di4cw6TdQlqZEVx7EwD4llOLqUHrOjbDIoxAGy6kuq9uOXFohbvrOCkbmOCDnvJqOxR258mOze6qklc1bYGWYZVS47Yq9hsBt4kE1uQ9SfyW4SoLfXbJF9BBTkG6l2gMyDjp5pD0WBqaM-gronXvYxGdSrjyIH-gGxN3aCKDR0WejXhxq71qTrtxTZcKeItaCUPz3oax07V9Qq8PIqvp3HsIbHQ1gPg4St1d6BmwXLbacJ7H9ZexuV6EmkTSq4PbkdYrlOGOpnfAXfgcHiLY2Ltrwg_X7kF203bhQXdce0Ussom5HAJxErLKkxdLBSd8vRBASWWWaPOBicRYN1M_rrOwHVPO0O79Qr7d10tbpdVdSmYqBoo07RgQ5EWUpVN-4B3ED5F1qkF3ratCUltN4PVPMpK7H-eQG2UETyR64WdHyS388v_nHNbC_FGqNGuaLjyepEa393XKIDTTGdHS8kOGfasWDjYz_rstRD9qHKICY_iYfsnFvz3ZgE0uXJny3LRmP5YTScwx4u4yN7anxS_xOCxfpkDb1Hwibqqm1MOSmr9BLn7Eve_A74Ls8CZr7nTJ60AkpGGGE_iCQd22UvyrHb3NEgg8phL0iqEKuDLdRg0W4B-6adZZmk-rzfzZF05tX-z0S6_MTlKP_kevn373269hfd05FgOLDvP5LN5n2qnWJt6DjJHGUYGYMvBlCgJRCIHWYxNSX4gBQeVnLehIqDp-MpRnQN1JHnemVuw_5XBEyABtdcGMSQN3DKldmg_VVJxBhZTgtiToxWEhdz3sVhoKOLMZ-qy9natoCDreMEJXomA0MHw

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 502ms
502ms Fetch
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 37ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a3232c2203cd2bd90cc323ffefc38ba75ee90e3f0b1e77c9dfbd3898c5da936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10434
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 70ms
24ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb66fb97a7d8cb1bda9e129b0b5232f640419dba7e3b0029dfadb1b84acc5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 62CNWCGX31YHXN9Y
x-amz-id-2: eBmm2QFsWV8mcFjIFH9O63ZjGD37ENX8VwjTdfCoRDS6oZJ3Ai+cc2w0WJoHsYmhsOPzHDBv/+o=
last-modified: Tue, 10 May 2022 16:23:24 GMT
server: cloudflare
etag: W/"8f713c2bcc58335b3f8eb8fca0e25066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzGEJnfEF26usHrMDcPyAfmBkT4uTjbOX7O3CGudxVQrfrUob9OMWj7J%2FJqnE57eeYVrQfvaJUHFCe%2F0AYhoMEaH2FD9X6N6XbeGTRRnTZlLGSufYRybe3L%2FLEQTXPKvxWmPKAMaAljJr3CseVXNspEJvN6U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 709f1ca8cda95a25-MXP

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 May 2022 00:42:00 GMT

GET
H2 200 merlin_205826493_bb51ef67-6ca8-49ad-8fad-0d9fcb52e733-jumbo.jpg
static01.nyt.com/images/2022/04/30/us/politics/30pol-herbster1/ 35 KB
35 KB 8ms
7ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/04/30/us/politics/30pol-herbster1/merlin_205826493_bb51ef67-6ca8-49ad-8fad-0d9fcb52e733-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 08681420ef36baad223e5aa5ba1fa6ff6f5ef44a202e0b60650df80c18f7a614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 137965
x-guploader-uploadid: ADPycdv5lAEkr4PIYzUzP0QaBRqQgl2kf9AgwEZVkMKxbppl7yJ7AlpXp44klLev114cZajWz3Rs0CQ_kcU4MEuoDC1dSQ
x-cache: HIT, HIT
fastly-io-info: ifsz=107150 idim=1024x683 ifmt=jpeg ofsz=35336 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 35336
x-served-by: cache-iad-kcgs7200066-IAD, cache-hhn4027-HHN
server: UploadServer
x-timer: S1652316120.447049,VS0,VE0
etag: "Azkecx9H0tK+h9SNAF4nZOESJ62t8d5AQRGPw77Wd3Y"
vary: Accept
x-goog-hash: crc32c=h2IDnw==, md5=2pnSqafh+R5X7xBsHVpVgg==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 10 May 2022 10:22:35 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/ 103 KB
15 KB 25ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d833cea63dd75b498747482b57fc177b4a1f5b63dcb60a65da615776f9106a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 182852
x-cache: HIT
content-length: 14700
x-served-by: cache-hhn4027-HHN
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 21:41:30 GMT
server: nginx
x-timer: S1652316120.464354,VS0,VE0
x-origin-server: mwcm-pub-est03.prd.iad1.nyt.net
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 682

GET
H2 200 untitled5
mwcm.nyt.com/dam/LP/payment-methods/ 2 KB
1 KB 24ms
7ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 197893
x-cache: HIT
content-length: 1081
x-served-by: cache-hhn4027-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
x-timer: S1652316120.464331,VS0,VE0
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 701

GET
H2 200 untitled2
mwcm.nyt.com/dam/LP/payment-methods/ 6 KB
3 KB 26ms
9ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 197893
x-cache: HIT
content-length: 2844
x-served-by: cache-hhn4027-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
x-timer: S1652316120.464667,VS0,VE0
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 693

GET
H2 200 untitled4
mwcm.nyt.com/dam/LP/payment-methods/ 790 B
475 B 25ms
8ms Image
image/svg+xml 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 197893
x-cache: HIT
content-length: 383
x-served-by: cache-hhn4027-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
x-timer: S1652316120.464552,VS0,VE0
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 695

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 138 KB
41 KB 24ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a9af79c947871f34f4645d988211aec1a0b8635a6a6b3bb9ce6e839b2010837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 182852
x-cache: HIT
content-length: 41410
x-served-by: cache-hhn4027-HHN
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 21:41:30 GMT
server: nginx
x-timer: S1652316120.464575,VS0,VE0
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 853

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/ 25 KB
6 KB 23ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7ea690774e420935ae29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30ed859bc73cfb047700fb23409d1b6f27e398d28007e90de75301ecd7f38704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 182852
x-cache: HIT
content-length: 6531
x-served-by: cache-hhn4027-HHN
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 21:41:30 GMT
server: nginx
x-timer: S1652316120.464557,VS0,VE0
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 671

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
103ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 9ms
9ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1839195
x-guploader-uploadid: ADPycdv1qBkqdX17fCPMnF6mvvgsPEfyJLCC8A-2_Sb_tgxkZWkbM3GUe_MdfpqHSJeurNJTcdV8rfyStNBLs2E-ZbC08A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:45 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1652316120.464736,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180595156
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20196
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13848

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 168A 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 May 2022 22:23:47 GMT
expires: Thu, 11 May 2023 22:23:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6B55 783 B
1 KB 41ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a919af516053164d7ab13bb24ac68e8868f56acde724feda0a2a56dd507b79b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lDYyOGY/1F9C3NQli4jZvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lDYyOGY/1F9C3NQli4jZvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 00:42:00 GMT
expires: Thu, 12 May 2022 00:42:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sdk-prod-8dcbed28ba7352ae382c.js Show response
platform.iteratehq.com/ 901 KB
261 KB 71ms
47ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-8dcbed28ba7352ae382c.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d5a136f9ac71353691b341998cbbc00e32f1f2e77354d188c5a627da957194c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GGA1X8CWMAY0YJVJ
x-amz-id-2: KHMylR1kcCjW1DlB6VPb5oZhoQgK8R8mPr3vQrnb2p3hDGPfpUlB5aZA0mKX+BfFoSYOIK22yDA=
last-modified: Tue, 10 May 2022 16:23:18 GMT
server: cloudflare
etag: W/"81ad2716964ac6d9615f33b9bed59b1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KboAJkgaZtvvl7rvGQ%2FM9CYJ7j16G8O27itmEcXHpzScdaugXFFGitCwxihI37BwTdvbHLL8mbURxTD6OrKd4TobdqxnUxMVdG0wzL3CfaO3487stzq7shmW3LObdeCqUJKSMHZqHeE8wWTCFEqyuaN9ZV4b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 709f1ca93ce23742-MXP

GET
H3 200 style-c1592ab1e1be951697f5.css
platform.iteratehq.com/ 131 KB
12 KB 52ms
28ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-c1592ab1e1be951697f5.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66ba2a518390a7d697856da93261c3714c780c0302f769b1e36dfd77ce6f3926

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 723726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 65ZE76C8409BTTT5
x-amz-id-2: gU/3OuXZ+lWGr2/xZSQb7fD+Pb5lIgG6l7dzn83p17LxNnKNjW9AoAWetfMAzaD54jNU7fPRKCE=
last-modified: Tue, 03 May 2022 15:39:21 GMT
server: cloudflare
etag: W/"1bc7d34a88ba28cedd6e8a144d513f17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB9JBmLlRZa659aU3o3Q2HkBX0ejhaHh0ROtCKC7M1xHqNQ4jwECOxzXX%2FLUYp6LYl50tsQLPGPoaHXRg6Y8cAAVTHO7mgX1Pr6u95ZLrzahJChWwzA6g4cYrsTwc08Q03cvSAed%2FVuOJsziWd1%2BPhy9itMp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 709f1ca93ce33742-MXP

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 169489
x-guploader-uploadid: ADPycdstnNBvwpdECETFddtCjRyhIUaIsQEx0jLBK12u2JySOFdqHYX5WVNmS3OyKwZGhwkmbdBr7J1ATLiu6D5ZVl8n4A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 10 May 2023 01:37:11 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1652316120.497647,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 265

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 776214
x-guploader-uploadid: ADPycdvwLyH1p1wv7dfRC5P2spUfb30mWBA_srIX64PAw_sk3keziDUo2UurwGP4PXJNg8a_M6FzJL9Y976O0aU7Ump8kl9BDrwr
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 03 May 2023 01:05:06 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1652316121.500650,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 278

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 15724059
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1652316121.502023,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17694

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 8ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 778960
x-guploader-uploadid: ADPycdv6wP6Dtw9nAiugXYehQ9qxV0LPrzDBn1SUwJfB2AFxvPcYtz3qcvfwpUUdGBt1SC2YIEDZ_ppeMcrjHmAtWlXfUA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 03 May 2023 00:19:20 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1652316121.502174,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 298

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 8ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2587961
x-guploader-uploadid: ADPycdtJAiPRRrrJMhPs-7FJoQlmJbFtslaZOvKLATb2wG5-JXW6gjDP-q6gVdHyYUS9NXHTwFJPLirmxryyg8nkBmJc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 12 Apr 2023 01:49:18 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1652316121.502154,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984069574
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14755

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 8ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1985633
x-guploader-uploadid: ADPycdsupGZBtfyEtUZCrrlJSlP-NvKgk5h0K03F_Kb35zhaRG1G7gTSrc5Z-3asiNmJzbzG62XTmU8ab6eIlHgJq8uTAD8m1Ufh
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 19 Apr 2023 01:08:07 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1652316121.505647,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9473

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 8ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1386012
x-guploader-uploadid: ADPycdtIqnjeD4B7ks-jtEooS8CE2vRJpBFWQu83PaR2kEb7JwKF36P8WBHSb1QVV2HUrCI6Uyu3O27Am16m_ysTY4x3fg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Tue, 25 Apr 2023 23:41:48 GMT
last-modified: Wed, 20 Apr 2022 13:09:39 GMT
server: UploadServer
x-timer: S1652316121.505635,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460179222416
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17022

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 928 B
935 B 437ms
135ms XHR
application/json 174.129.223.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 174.129.223.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-223-242.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 9c09dc08f3125b997cb6bd436b39eb158e91185403a00e1f262eee382a486be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
content-encoding: gzip
server: envoy
access-control-allow-headers: Content-Type, x-requested-by
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: d9c130f4541b485051f883d8fbab102b
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 12 May 2022 00:42:00 GMT

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Thu, 12 May 2022 00:42:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1988956
x-guploader-uploadid: ADPycdvey2WN-u6ynG73ec3C_PcV-2Iujx6ZV3m8UTANjjM_98Ix8DQ2OVgzZZ3uBEwARIF3S7Mzi7zJkJYh7lDqAA7YHNrB24cM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-hhn4046-HHN
accept-ranges: bytes
expires: Wed, 19 Apr 2023 00:12:43 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1652316121.623526,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982612741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13742

GET
H3

200

activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus... Show response
5290727.fls.doubleclick.net/ Frame BF63
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fw...

558 B
402 B

25ms
25ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

01396b4662008b7757a6de9f52871d4f28f8332725578163838e646ff6abdf21

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 379
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 00:42:00 GMT
expires: Thu, 12 May 2022 00:42:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 00:42:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
105ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=533912488&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&dr=&ul=en-us&de=UTF-8&dt=Nebraska%20Candidate%20for%20Governor%20Accused%20of%20Second%20Groping%20Incident%20at%202019%20Dinner%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gateway&ea=impression&el=MAG_web_nonsub_all_monthly-sale&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1507356830.1652316120&tid=UA-58630905-2&_gid=986130400.1652316120&gtm=2wg590P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html&cd3=&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000008327445&cd18=Reid%20J.%20Epstein&cd19=Nebraska%20Candidate%20for%20Governor%20Accused%20of%20Second%20Groping%20Incident%20at%202019%20Dinner&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2022&cd27=2022-04-30-11&cd28=Saturday&cd29=11&cd30=2022-05-10T23%3A53%3A12.240Z&cd32=U.S.%20News%2CU.S.%20Politics&cd33=SECTION%2CSECTION&cd34=NEWS&cd36=30pol-herbster&cd37=467&cd38=Politics&cd42=nyt-vi&cd43=Sexual%20Harassment%2CElections%2C%20Governors%2CPolitics%20and%20Government%2CEndorsements&cd44=Republican%20Party&cd45=Herbster%2C%20Charles%20W%2CTrump%2C%20Donald%20J&cd46=Nebraska&cd48=April&cd49=short_400_799&cd51=nyt-vi&cd52=&cd53=Politics&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=pdy3scFI1pqngqGSbv1ruK&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=pdy3scFI1pqngqGSbv1ruK&z=380710683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 06:30:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 159ms
138ms Fetch
application/json 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-8dcbed28ba7352ae382c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

148caae3752250136d60c95912bd3c3ee5092312700bbb5ddd535040fdb24758

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Thu, 12 May 2022 00:42:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS8E12CZQsWSkz%2B6wKjcICCHx2dtWSyt0OD9LB5e42zQjvUCXertthAGY%2BPfmyDmO3DO%2BHkt3sJO9hhlYlwqH1Ng543nSt%2BFAdPaaag2UVE8BQ9JTE4M63uiDQqUBDfWzSaqbSntRCeIFdtU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 709f1cabea6083b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 191ms
135ms Preflight 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 709f1caafc6983b2-MXP
content-length: 0
date: Thu, 12 May 2022 00:42:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfN1UrqIIIZvLn9CQCgCAN%2FMdo5LuK0DIZd%2FXCeh0s1d0SVVt6VhDHBkZsbS6Ly%2BPy86ay1%2Fpez%2BoreMFEkl7SsEEqjQAKo51a8zz%2FZCTHpYqqG%2BhkmSGcGZswIGQFFFe7k2GylEPlo6lY6h"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6B55 0
0 44ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050901&jk=907514209831793&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbste...
adservice.google.com/ddm/fls/z/ Frame BF63 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGjtZvd2PcCFR8TBgAdnHgG9A;src=5290727;type=remar0;cat=gatew0;ord=1;num=9537537482340;gtm=2wg590;auiddc=702833378.1652316120;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F04%2F30%2Fus%2Fpolitics%2Fcharles-herbster-groping.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 168A 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13472
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 07:35:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 168A 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t5g1EA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 00:42:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BE7B 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw8j41YDA-mbjSAUvQj6bmTvNptRJOjxlQDWEpSOUe5RpG_C59pdawZrO5di84pZz6WrIq0dG5ixOeJWsAoARtLG4E-2Bx74atvD5SfF6zlxzWQTA_&sig=Cg0ArKJSzPw0F0Gw68WeEAE&id=lidar2&mcvt=1000&p=76,315,326,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220509&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1133286891&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652316119859&rpt=148&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 May 2022 00:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050901&jk=907514209831793&bg=!mpmlmd3NAAZX5TVhd-U7ACkAdvg8Wsh76Cclif42ZzCD3HrVNyV42XPjEHiTckgSkKzJJFfrYgIdlwIAAABMUgAAAAJoAQeZAp8R2lzCbYAcZCGyz1E9gHPeArYJ5Fp5uLtxFXxIeJ1g7WOsi95Cx6HFikE3giOLkrzf-HWhzNMLSoXWnvZtNp3PeEgAE5My3EjKMNmjQar3Y8UXpCa1jqXmk7TzCY6P4-qUfbNLHs1ePktaXj6hH27AbHSNrSbNO8U3TyvF1xfppbWBWQyExZK_S4v0AvTmRWa4rCk1C4_pKtLR4MN7USm_0zJmGXGwfk-mw8WB3Eu1kWs4CUdgml0RjFrukKlehYrEZqlox73QxrudMlT4yvBZ76ivnSWAauGzmBedvjTDKlAZivBuoTqr6XmDW0kliydSnpnQJl4hKJK0dgjztPdxhmpdKzaphJSXup8niN4k-x7pS7cKSUtVM0jsA_n5ujA_Of_KnpIIjgYeV-jcD4t1a6NzxR-t1u1isnBbQkidJrgLrFFcOk-fDJKJsqmsvw5VGl5s0WJLB1phWn8xWNKgUg3I_vrOrZD2FeXjtRIDGuuWTm3J_KVY5PCYxddbU932EinGQn9253SUY4-R_r4qgTMbuvD3SCwcE5zgP6DTRgqsmvIyWcb7xEgQEq6ETf4SIzQeGafWHHoIcWUuWyLg6eVoiF57SLTaNyGfIvyqR6ES-_Q7zujShsIX3OJwSgA1p8Eqj-IZZYBw30rieSJ8XhjGR7rTvLs1ndaBBqBcm0MxzaKz4uDEkz5uQZpmagOVP5D_gvgpkCmlF3QgfaZsD2DGOD5Y-2RwOWGK-c3E-sUAybf687LXBrz9_WDfG9v-Re1JSYwR1szkrcPjJey7N5LiaKcQ6BwkGp6B5p5VFk6OnGdVG2fAPPahuSAbPmqrY81KsVmzZ9qBb0GInzQ10dGZNnpmbON7DuwnIExMpQNErOuBqp4j3d57gMb_tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 110ms
108ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 11:44:12	Name: nyt-a Value: pdy3scFI1pqngqGSbv1ruK
.nytimes.com/	1970-01-20 02:58:57	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 11:44:12	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 02:58:57	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 02:58:57	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 7db160d825844f25a27dfc607be183d3
.et.nytimes.com/	1970-01-20 02:58:37	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 11:44:12	Name: sessionIndex Value: 1\|1652316118667\|pdy3scFI1pqngqGSbv1ruK\|1652316118667
.et.nytimes.com/	1970-01-20 03:00:02	Name: et-ppvid Value: https://www.nytimes.com/2022/04/30/us/politics/charles-herbster-groping.html=nJ7bYd-EkujeyVOcHJP3mtIY
.google.com/	1970-01-20 07:22:07	Name: NID Value: 511=VlfitBVCtLato_aMRb2mBUGk0MhiLZt2RhHBC0UgoFiPvm-ZwRGo2V-vjhmv6Kjpe0OiyRRnWoDUqFAJF84F1hPvyTxbhroB3mZkkqOmtuP_G0QRTmtQllMwctp9Lp7iIDw5fGgLUtoVD_5V2tK0ulbR0Bu33P_0PJGFBqL9pyg
.nytimes.com/	1970-01-21 22:48:02	Name: nyt-m Value: B27A1CCAF72FBE9642386A1CF8359918&ird=i.0&imv=i.0&uuid=s.597583b9-5643-41cf-91d7-d9812a7aaae6&prt=i.0&iru=i.1&ira=i.0&iir=i.0&pr=l.4.0.0.0.0&cav=i.1&ier=i.0&iub=i.0&s=s.core&rc=i.0&iue=i.0&iga=i.0&igf=i.0&imu=i.1&e=i.1654070400&t=i.0&n=i.2&fv=i.0&igu=i.1&ica=i.0&ifv=i.0&igd=i.1&v=i.0&er=i.1652316119&vp=i.0&ft=i.0&g=i.1&vr=l.4.0.0.0.0
.a.nytimes.com/	1970-01-20 11:44:12	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 02:59:59	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 02:59:59	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 12:20:12	Name: __gads Value: ID=d5e758bcecdd2e0e-22cd962b92cd00f7:T=1652316119:S=ALNI_MZBEcLeI4sQ7KHxdPxn3anQjXZjjA
.nytimes.com/	1970-01-20 11:44:12	Name: datadome Value: _gaC6JvnnUrge3~lK4B_8PWi4nyiYfWLuSPWJQApRZ~P~Nllh.Q-7aLrI_bu-a3pV19G8T~InYGupvtDZE~hknTPZlRS-pxBUJvkMN-3en7dZoJDuO5666qUcBoE~g8
.doubleclick.net/	1970-01-20 12:20:12	Name: IDE Value: AHWqTUm3xh0B_RWxvBRflhZDkt_TgwLp5aRzdMSjwhuO0UXZYMbW1LzQGDgUpf__6Bc
.nytimes.com/	1970-01-20 05:08:12	Name: _gcl_au Value: 1.1.702833378.1652316120
.nytimes.com/	1970-01-20 20:29:48	Name: walley Value: GA1.2.1507356830.1652316120
.nytimes.com/	1970-01-20 03:00:02	Name: walley_gid Value: GA1.2.986130400.1652316120
.nytimes.com/	1970-01-20 02:58:36	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 12:28:06	Name: purr-cache Value: <K0<r<C_<G_<S0
www.nytimes.com/	1970-01-20 12:27:24	Name: _cb Value: DnOYdNBgMjwmBBYtSe
www.nytimes.com/	1970-01-20 12:27:24	Name: _chartbeat2 Value: .1652316120057.1652316120057.1.CZyf-wCQPqoyBcPaWSCcrah4Bjb6wQ.1
www.nytimes.com/	1970-01-20 02:58:37	Name: _cb_svref Value: null
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1652316119696&isNew=0&pageIndex=2
.nytimes.com/	1970-01-20 11:44:12	Name: nyt-jkidd Value: uid=0&lastRequest=1652316120936&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-23 18:34:36	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MjdjNTdkOTg2ODhhMTAwMDE5NTgzYzEiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjUyMzE2MTIxfQ.eDZAhnpzwfwXTra0bxY-ndebSzMer2NJfJFjfuY2zIQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
als-svc.nytimes.com
click.newsletters.time.com
d26a5804423cb2c64b1e2a2cf9abf997.safeframe.googlesyndication.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
13.111.119.37
13.224.198.88
142.250.186.66
151.101.1.164
151.101.193.164
172.217.23.102
174.129.223.242
2600:9000:2315:dc00:18:1fcd:351:7bc1
2a00:1450:4001:800::200e
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2013
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a06:98c1:3120::a
35.241.35.241
35.244.188.62
50.16.218.57
52.223.40.198
010c2e34dbc2aaadf863b6025f837d39a6d507fcb2389f306875b60242429822
01396b4662008b7757a6de9f52871d4f28f8332725578163838e646ff6abdf21
04314e7b99d10dd76dc7c4a6a4f49344f0c7b1435884bb4521dbda789c8bc3d8
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
08681420ef36baad223e5aa5ba1fa6ff6f5ef44a202e0b60650df80c18f7a614
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0c47d3bd7a98b743523d351fdd30425f53ff19adf93cac4ff09f6fcf6c26c816
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148caae3752250136d60c95912bd3c3ee5092312700bbb5ddd535040fdb24758
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2ca0cddac183ceb8f9c4fc3418550b556c6e2aa943d4eb0c7f872f523ffab5db
2cb66fb97a7d8cb1bda9e129b0b5232f640419dba7e3b0029dfadb1b84acc5b8
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
30ed859bc73cfb047700fb23409d1b6f27e398d28007e90de75301ecd7f38704
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
3a919af516053164d7ab13bb24ac68e8868f56acde724feda0a2a56dd507b79b
3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49
3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41d146ed110c05e2ed3d7f79c94386bcd5145fbff652f82bdf9c78d952e4d91c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4c88673de367da506ddb29c30aed224dd9cc63615dbc021bcc357bbf527142e6
4e37056e3ed73ac9020d2c7772b50f5298421758187dba9a1b400561607572af
4f6d68c2c6521c71826d632760c82bbf7f23b3afb1447cdf938db1184225d46f
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53dabb9327fc7d2e5869e3402132aafaebfd0d01e3bb5f56d777164ef3adb386
552bb27863c18c76fe2873b02a526ca78a163adea757c736a3da7d3f6eda33fb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5830d8ce4168e725e8ee90b9db20cf52564d659a7e409899daf947f7b1e49c2d
5d5a136f9ac71353691b341998cbbc00e32f1f2e77354d188c5a627da957194c
5e5709c2a65cd3a0fd3f3fe33a0a4fa0685eb5950ccb19e3e802a2fc80864f6c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ba2a518390a7d697856da93261c3714c780c0302f769b1e36dfd77ce6f3926
67e1ad83c936e8240063b26e4e9ba4b369d9b235958b31cbb61174e0144934ed
6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7550671b3c46dd3c18fe46404c5994911fdae4e7e5ddfc57d519395de78333
723367d64697853c3b13df6a2091b2859850901233e9311c9c7155f8bfedd675
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8910e94ddb3bcfdc4c258f4a3e8125cd8c7554739c07990dd395eb601253e128
8a3232c2203cd2bd90cc323ffefc38ba75ee90e3f0b1e77c9dfbd3898c5da936
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90b7d33f0c32ee2b1205016d2b5de50caf3877fd994806631dc79832787f0198
92fe78449b2ce5358354322dff1de1f518551b8192cbf0ccff2839b058b28df9
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
96292ba673d2bb537c8ad55412f5a9c9636cbdf490c0dd789d5a6defcd350359
9a9af79c947871f34f4645d988211aec1a0b8635a6a6b3bb9ce6e839b2010837
9c09dc08f3125b997cb6bd436b39eb158e91185403a00e1f262eee382a486be7
9e08aa57b0d750986336c9cb3a63c85fd202dadfd71a12bb98ac0edd03e4cf9a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ae5f28eaf75dabb9076d6646e75fc8de7bec1cdfaad188f1c350f785a9c70519
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
ba78232fc2c41fa1ea3eb97f4481a1a62e2b0e89776f5eb348cadcdfc9fce0ba
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bded69bae6624b5f96a4211d6880aade13e98a4f1d9de7f86568affab95bcad6
c07c93e5e1fa170fc9bc654d7d79eb17acc8a27273ca96cb072e8f1bf8a246d7
c196a94c4800b15018a87c4b2a3e51969562f8a1281e1c5e6f5c1b83523143b0
c2f175b0d2417bb5d4429a362c6fd0da6f164bb74512e558f56806c9207be041
c5c25ad1e63149364b1e1f2d983294d8f850a6498602a6080e6a4e7e7e3f3e9a
cd710281ae1c88176e1ba7006892c47f79e5136ed50ecf599a8cc8f347b9a1fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d833cea63dd75b498747482b57fc177b4a1f5b63dcb60a65da615776f9106a8f
dc492a2a1cc4ce6c0844b62ba2ec280897da0c5848f3b9813081df9138214a94
e1678fbf7ed9938f6dfee16013ed42cea063666bae5ef6557a575f8c9f41d38d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
eca08ff1732ac54d0d0d99d9c16db98c991046bbfc749a536d44d7b433c597c5
ed70be4fb83b089e4d311d63d0141f2a57217cacd059e3b4d3c7921d912c385e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33143f9f7c90f7a5345e4bc65d72db7db8152971e189c30415a2a996e1b3002
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
f70b005bb078dd7b613020ebb45356405ddc8f9ba51d017bec5c32a26b023139
f7c24f3de2687b3b576b120f3f790fa8bbea560209322e6f6e4a5ed58cd2fec1

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

99 %HTTPS

58 %IPv6

15 Domains

36 Subdomains

26 IPs

2 Countries

2621 kBTransfer

7672 kBSize

28 Cookies

17 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

99 %
HTTPS

58 %
IPv6

15
Domains

36
Subdomains

26
IPs

2
Countries

2621 kB
Transfer

7672 kB
Size

28
Cookies

130 HTTP transactions
1 data transactions