www.nytimes.com Open in urlscan Pro
151.101.193.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.theskimm.com/click/27238753.4838132/aHR0cHM6Ly9za2ltbXRoLmlzLzNJWWlPSnQ/5f28f97c42e4267fdd54d1abBf26e4fed
Effective URL:
https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Submission: On April 03 via api (April 3rd 2022, 3:58:07 am UTC) from US — Scanned from DE

Summary HTTP 170 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 17 domains to perform 170 HTTP transactions. The main IP is 151.101.193.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 2376.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
68	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
6	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
19	2a00:1450:400... 2a00:1450:4001:801::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
2	52.222.236.105 52.222.236.105	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2	3.231.136.214 3.231.136.214	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3 6	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:8600:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	35.171.62.124 35.171.62.124	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
170	28

1 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

link.theskimm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

skimmth.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vp.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-105.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.231.136.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-136-214.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.62.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-62-124.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 2376 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7522 a.et.nytimes.com — Cisco Umbrella Rank: 4731 als-svc.nytimes.com — Cisco Umbrella Rank: 9843 myaccount.nytimes.com — Cisco Umbrella Rank: 11673 dd.nytimes.com — Cisco Umbrella Rank: 5599 meter-svc.nytimes.com — Cisco Umbrella Rank: 10430 purr.nytimes.com — Cisco Umbrella Rank: 9734 a.nytimes.com — Cisco Umbrella Rank: 5438 mwcm.nytimes.com — Cisco Umbrella Rank: 10782 static01.nytimes.com — Cisco Umbrella Rank: 10191	2 MB
41	nyt.com g1.nyt.com — Cisco Umbrella Rank: 8702 static01.nyt.com — Cisco Umbrella Rank: 5775 a1.nyt.com — Cisco Umbrella Rank: 6211 vp.nyt.com — Cisco Umbrella Rank: 12942 mwcm.nyt.com — Cisco Umbrella Rank: 19279	884 KB
19	google.com news.google.com — Cisco Umbrella Rank: 4848 adservice.google.com — Cisco Umbrella Rank: 76 play.google.com — Cisco Umbrella Rank: 31 www.google.com — Cisco Umbrella Rank: 7	100 KB
18	googlesyndication.com a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 125 pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	350 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 6341 ad.doubleclick.net — Cisco Umbrella Rank: 190	186 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 4897 iteratehq.com — Cisco Umbrella Rank: 4579	275 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	136 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	2 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 4928	201 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 591	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1158	14 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8069	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	100 KB
1	skimmth.is 1 redirects skimmth.is — Cisco Umbrella Rank: 264392	287 B
1	theskimm.com 1 redirects link.theskimm.com — Cisco Umbrella Rank: 134006	543 B
170	17

	Domain	Requested by
24	g1.nyt.com	www.nytimes.com g1.nyt.com a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com mwcm.nyt.com
18	a.et.nytimes.com	www.nytimes.com
15	www.nytimes.com	www.nytimes.com
10	mwcm.nyt.com	www.nytimes.com
10	samizdat-graphql.nytimes.com	www.nytimes.com
8	tpc.googlesyndication.com	a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
7	pagead2.googlesyndication.com	tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
7	play.google.com	www.gstatic.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com www.googletagservices.com
4	static01.nytimes.com	a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
4	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	static01.nyt.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	www.gstatic.com	news.google.com www.gstatic.com
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	vp.nyt.com	a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
2	ad.doubleclick.net	1 redirects a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
2	fonts.googleapis.com	client a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
2	a.nytimes.com	www.nytimes.com mwcm.nyt.com
2	fonts.gstatic.com	news.google.com fonts.googleapis.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	www.googletagservices.com	a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
1	skimmth.is	1 redirects
1	link.theskimm.com	1 redirects
170	40

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-03-20` - `2022-06-18`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-03-17` - `2022-06-15`	3 months	crt.sh
a.nytimes.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Frame ID: E5954DACBE057ACD4B9B1137E747B8A6
Requests: 109 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 8EAF1399010D72B2BFD4DDCFEE15EED7
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458043&publicationId=nytimes.com
Frame ID: 81C7E188F0349B31099394AD57398087
Requests: 12 HTTP requests in this frame

Frame: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3B2DB3E036D297DF8A7C6A711723204
Requests: 1 HTTP requests in this frame

Frame: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA72A45FF5B110D40E7766428D133670
Requests: 23 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html
Frame ID: BC16BE672AB075337306CE91FC7D1EA0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4E014C5159F8AAED36CFD3DAE4BD3B07
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F755D15395D58BC2448D1CBE39E11EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD2F6100AF67A28BC82727FACCE2931D
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html
Frame ID: 4FD7DD20BCAAD130F2B8A54F73930676
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Pandemic's Hit to Awards Shows Hurts Hollywood - The New York TimesDealBook Business and PolicyThe New York Times: Digital and Home Delivery Subscriptionsplus-iconcheck

Page URL History Show full URLs

https://link.theskimm.com/click/27238753.4838132/aHR0cHM6Ly9za2ltbXRoLmlzLzNJWWlPSnQ/5f28f97c42e4267fd... HTTP 302
https://skimmth.is/3IYiOJt HTTP 301
https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

170
Requests

98 %
HTTPS

59 %
IPv6

17
Domains

40
Subdomains

28
IPs

2
Countries

3787 kB
Transfer

11966 kB
Size

32
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9XHYQ
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel
Title: Cancellation and Refund Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.theskimm.com/click/27238753.4838132/aHR0cHM6Ly9za2ltbXRoLmlzLzNJWWlPSnQ/5f28f97c42e4267fdd54d1abBf26e4fed HTTP 302
https://skimmth.is/3IYiOJt HTTP 301
https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html

Request Chain 93

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CNaAhKSA9_YCFQrNEQgdfO8GnQ;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 161

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html

170 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hollywood-pandemic-box-office.html Show response
www.nytimes.com/2022/01/10/business/dealbook/
Redirect Chain

https://link.theskimm.com/click/27238753.4838132/aHR0cHM6Ly9za2ltbXRoLmlzLzNJWWlPSnQ/5f28f97c42e4267fdd54d1abBf26e4fed
https://skimmth.is/3IYiOJt
https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

492 KB
97 KB

67ms
12ms

Document
text/html

151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d010f632cc66c27cd5f9d470dc2d8f448e0ce15b679c67c68c0d333117407fe8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 48474
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 98087
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Sun, 03 Apr 2022 03:57:57 GMT
fastly-restarts: 1
last-modified: Sat, 02 Apr 2022 14:30:02 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 67be032c0c1a4ad3a562e2c29870bad0
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1648909816.273165,VS0,VE5
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Sat, 02 Apr 2022 14:30:02 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2022-04-02 14:30:16 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2022-01-10T12:10:22.456Z
x-served-by: cache-lga21980-LGA, cache-hhn4062-HHN
x-timer: S1648958277.223490,VS0,VE5
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, max-age=90
content-length: 174
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sun, 03 Apr 2022 03:57:57 GMT
location: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
referrer-policy: unsafe-url
server: nginx
strict-transport-security: max-age=1209600

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 33ms
6ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 1395498
x-guploader-uploadid: ADPycdunXb0t0GUN7o-3h7DkIK8HJ4TOnVpE9nimgfDxiqckI4owSPm6rCf0Jk4PYYQVILPcO91nVeMd6v9BYzbiJiw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4062-HHN
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:19:38 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1648958277.288974,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12569

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 7ms
7ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1052647
x-guploader-uploadid: ADPycduf4mqwBwM188wfnVuN4skEZDJjQWGtYkR9zH-M7fIb1BjdSh28-ue0ce23WusIyHX1Tq310kRXoyIZLr6VceWQeS8AUQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-21 23:33:49 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.263396,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 12966
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Mon, 21 Mar 2022 22:27:07 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1647901627446890
expires: Tue, 21 Mar 2023 23:33:49 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-8db91333d85a08f170f7.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 7ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-8db91333d85a08f170f7.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f003d6c3dc1bc7c460f369f79c4085ac19fdc84fda7c8f178fdb57968879d373

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1032898
x-guploader-uploadid: ADPycdv0s29Ad_G4yvVWT6vLp21X-BxFZ5rcFd5IFbiqgDvhLXt2M_T3yUU9w1nlbaPitSu6Xn_EjQv3RuM3MsKg1CT2qaBiaA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-22 05:02:58 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.280995,VS0,VE1
etag: "f85b31f521e02dfdfe42f5531e6de9e5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-8db91333d85a08f170f7.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6748
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7365
last-modified: Mon, 21 Mar 2022 22:27:07 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=aBucZw==, md5=+Fsx9SHgLf3+QvVTHm3p5Q==
x-goog-generation: 1647901627433661
expires: Wed, 22 Mar 2023 05:02:58 GMT
x-gdpr: 1
x-goog-stored-content-length: 20855
accept-ranges: bytes

GET
H2 200 10db-newsletter-hollywood-jumbo.jpg
static01.nyt.com/images/2022/01/10/multimedia/10db-newsletter-hollywood/ 95 KB
96 KB 167ms
137ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/10/multimedia/10db-newsletter-hollywood/10db-newsletter-hollywood-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 626248e1e4cf20cb035e5fd63242020455446abfe1e0227b43b92623bc3b7583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 108015
x-guploader-uploadid: ADPycdsUQY3YMZyrWMXpswJUSbM590Llu9vxDGCJfn1VHnwm2XtWOYf3TiPpuYvj9r9gwFUOMVIZ0U95Zhuat5yL4O32gnLZrg
x-cache: HIT, MISS
fastly-io-info: ifsz=173789 idim=1024x683 ifmt=jpeg ofsz=97238 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 97238
x-served-by: cache-iad-kjyo7100177-IAD, cache-hhn4062-HHN
server: UploadServer
x-timer: S1648958277.320057,VS0,VE131
etag: "g9TD54VE0tiTynDt5S43Kx37etGBRFZ9lL0SOvXQ65Q"
vary: Accept
x-goog-hash: crc32c=lH4bsA==, md5=uGR9thk8p0E0lf6DJgnBbg==
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 01 Apr 2022 21:57:42 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 vendor-f6dbc528114fb1fda428.js Show response
www.nytimes.com/vi-assets/static-assets/ 243 KB
73 KB 7ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-f6dbc528114fb1fda428.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9fbbf24681bc6e5db446ad19c4165f72ffbe683d1e0a34529dcee4450bca31ba

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 305842
x-guploader-uploadid: ADPycdt4ikz8ABHAhjXELPHomx9lAhcWNv__tQoY_4ZimMUlPXJXlbHDaYUYEHTXbE8IA5uq5y9D3oNLv533J-nIzj8MYFjAMg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-30 15:00:34 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.297114,VS0,VE1
etag: "e3f46b7ea3dbd95825c3099df445dad7"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-f6dbc528114fb1fda428.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 14561
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 73704
last-modified: Wed, 30 Mar 2022 14:49:33 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=mJEbPA==, md5=4/RrfqPb2Vglwwmd9EXa1w==
x-goog-generation: 1648651773652559
expires: Thu, 30 Mar 2023 15:00:34 GMT
x-gdpr: 1
x-goog-stored-content-length: 249141
accept-ranges: bytes

GET
H2 200 story-9b83435be78aec6ff542.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
291 KB 9ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-9b83435be78aec6ff542.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

83d4c5a89f243f95317ce73e0319ef4994bd4c8c400b4606a9a69cc46c5b418e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 200986
x-guploader-uploadid: ADPycdvlOEHtJFv1uyX5O8h7B36MHm1Spl63o2yhsRYiNq_ukJoBHo-wQ0w1zdsG48pSg14PT_UPJPVrBg3JWJCpE2dJexbnbA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-31 20:08:12 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.317954,VS0,VE1
etag: "fe936482cf2fbcd65739c956bb2bdc47"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-9b83435be78aec6ff542.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 93
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 297841
last-modified: Thu, 31 Mar 2022 19:54:06 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=2566qg==, md5=/pNkgs8vvNZXOclWuyvcRw==
x-goog-generation: 1648756446599103
expires: Fri, 31 Mar 2023 20:08:11 GMT
x-gdpr: 1
x-goog-stored-content-length: 1125995
accept-ranges: bytes

GET
H2 200 dealbook-6e130f7e6e90a4b81d32.js Show response
www.nytimes.com/vi-assets/static-assets/ 9 KB
5 KB 9ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/dealbook-6e130f7e6e90a4b81d32.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a03fd4fa8bfe09e690a463a32059e70620da891ad3490534ff949dbbf6d4ad6e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1419999
x-guploader-uploadid: ADPycds54YpZSnTIYMotxElAmYIsJSh-bXKwts4j7vV63A0QOoFTQUxVGNkWH1mxH-9SCBajg3kRh5LlbwI_xsvZs3J216hUBw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-17 17:31:18 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.318203,VS0,VE0
etag: "d5195a19bd4f32a6675965c2bcaf7dfc"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/dealbook-6e130f7e6e90a4b81d32.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4700
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 3546
last-modified: Wed, 16 Mar 2022 22:29:23 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Y7ZLHw==, md5=1RlaGb1PMqZnWWXCvK99/A==
x-goog-generation: 1646330204363924
expires: Fri, 17 Mar 2023 17:31:18 GMT
x-gdpr: 1
x-goog-stored-content-length: 8719
accept-ranges: bytes

GET
H2 200 emailsignup-84ff77b1eb6d6d1b3e30.js Show response
www.nytimes.com/vi-assets/static-assets/ 1018 B
1 KB 11ms
9ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/emailsignup-84ff77b1eb6d6d1b3e30.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

02e536435234ddbacf0aa75050b286e42dfcefb62837b4336c259ae4c490815b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 986980
x-guploader-uploadid: ADPycdt5nsGEvYBBF_BpflC8EfVj9Ng-zX83UHO9wr0wi0bfFDztOHcLUVYTIxK5R8AFDiQEqHfhfrwknTb-u8HYCio9IN_alw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-22 17:48:17 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.318295,VS0,VE0
etag: "06c7b5c94e5c6ecb5d7fe70ff4430c1a"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/emailsignup-84ff77b1eb6d6d1b3e30.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6834
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 569
last-modified: Thu, 17 Mar 2022 22:19:39 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=mUyoDw==, md5=Bse1yU5cbstdf+cP9EMMGg==
x-goog-generation: 1647555579722011
expires: Wed, 22 Mar 2023 17:48:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 1018
accept-ranges: bytes

GET
H2 200 liveblog-e9e0ffa90e912df76539.js Show response
www.nytimes.com/vi-assets/static-assets/ 1018 KB
266 KB 12ms
10ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/liveblog-e9e0ffa90e912df76539.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e882cd327e627743fd88b31927af9f357b9f5a2432fd1e40b2fd801f3cde28a2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 200972
x-guploader-uploadid: ADPycduz9ulkKsjOE39qhLunNGRndlSLrBAwYbH-kbkkIQDfjXkbqN1xarV3klMGElI5T0WDXyCbZsnrtFuyJk5P99BuIiDEjA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-31 20:08:25 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.318391,VS0,VE0
etag: "f72a89c85e67ae9a8e697fb818e3f291"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/liveblog-e9e0ffa90e912df76539.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 20
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 271262
last-modified: Thu, 31 Mar 2022 20:08:22 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=JaYSPw==, md5=9yqJyF5nrpqOaX+4GOPykQ==
x-goog-generation: 1648757302178183
expires: Fri, 31 Mar 2023 20:08:25 GMT
x-gdpr: 1
x-goog-stored-content-length: 1042190
accept-ranges: bytes

GET
H2 200 collections-7576528a026f35964371.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
301 KB 15ms
14ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/collections-7576528a026f35964371.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d50ec1f5223fcbce3a13045b2f0eb4f11b186c83e9e7770b121c504d25c5fc80

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 200974
x-guploader-uploadid: ADPycduh9_u-lvBq2O8grdtuHAcCtMFklzsTIzxgnJl_0I33t_StqMhITUJ2L1DknuQmiJLBlVi9IFz3HG6YhxIjtJYFNmTtyg
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-31 20:08:23 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.318589,VS0,VE0
etag: "a6e632f4d19e158a998789fa849c21f0"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/collections-7576528a026f35964371.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 29
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 307618
last-modified: Thu, 31 Mar 2022 20:08:21 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=3bXbbw==, md5=puYy9NGeFYqZh4n6hJwh8A==
x-goog-generation: 1648757301342111
expires: Fri, 31 Mar 2023 20:08:23 GMT
x-gdpr: 1
x-goog-stored-content-length: 1193223
accept-ranges: bytes

GET
H2 200 main-19b4c4b01ddefd4eb64e.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
352 KB 16ms
14ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4951f36a5625e4e5f69e8c6f41c19ebeda96a77cf9db237cb6acd77a14d079ae

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 126603
x-guploader-uploadid: ADPycdvnD5RBQauYqwnT8kI4M5uv1V35GOmSBo4Qw1KPtYfdxi7zOiVHJhmr1UiupQZSMNgJR-4tSSYD8PMeKtyFf1HWRjCq_A
x-goog-stored-content-encoding: identity
x-origin-time: 2022-04-01 16:47:54 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958277.318667,VS0,VE0
etag: "ded091b6c426c5b85751b259708a44ee"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 440
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 359156
last-modified: Fri, 01 Apr 2022 15:48:58 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=8GNb6Q==, md5=3tCRtsQmxbhXUbJZcIpE7g==
x-goog-generation: 1648828138571669
expires: Sat, 01 Apr 2023 16:47:54 GMT
x-gdpr: 1
x-goog-stored-content-length: 1256780
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 372 KB
100 KB 60ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3057214a2c9a88c0b9b3e14eecb42227d2a60729129b4c3100ebe92370fba7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102103
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 54ms
6ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 743
content-length: 0
date: Sun, 03 Apr 2022 03:57:57 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 32
x-cloud-trace-context: 18f4bfe0724fdbb769c6dbaa54be91de/15058425021559922886
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: 922a2927754680c5
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1648958277.356734,VS0,VE0

POST
H2 200 track
a.et.nytimes.com/ 0
0 157ms
99ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 149 B
947 B 10ms
6ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d21d3a9 /
Resource Hash: 7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-nyt-meridiem: AM
x-b3-traceid: 52937b66ed9da879-71d8fd6f7be01c68-1
age: 23
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: dca5e629f39a7ff9
samizdat-x-canary: false
x-graphiti-gateway: a7293694
x-nyt-country: DE
x-timer: S1648958277.367942,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BY
x-cloud-trace-context: 4c0214b0f66337148a5bff971e8986c2/8290668308069882890;o=1
cache-control: max-age=30, public
x-cache-hits: 2
x-samizdat-query-sup-code
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: HIT
samizdat-x-instance: 7be4396c
content-length: 149
last-modified: Sun, 03 Apr 2022 03:57:33 GMT
server: samizdat-graphql-d21d3a9
x-served-by: cache-hhn4062-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 52937b66ed9da879-71d8fd6f7be01c68-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 143 KB
45 KB 59ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b07c206a26d1e917370dcc2b6289973d12afbc3868644e5985f029c68a5c85e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45382
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 22:03:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 04:46:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 48ms
19ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a3217ee0e67e47670757f7f2a980eceb0411df08ac836fb3365ba2df0567054f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28297
x-xss-protection: 0
server: sffe
etag: "1176 / 776 of 1000 / last-modified: 1648850764"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 03 Apr 2022 03:57:57 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
3 KB 389ms
344ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F99269292-283b-512c-a78d-df38572dab19&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4d9acda6183478a484afed812cf748803ff056cf5ba9da7dc3a5a576bb308a35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 29ms
5ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 15394541
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958277.352890,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 43395

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 28ms
5ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1480268
x-guploader-uploadid: ADPycdv7Jbe5NltIEUwxTT1TqxTRwf5-ekAsOmKyFXrPrYrgg4TiuMTADqrq-dCv9GTtYZtveUDwCjikyvLwKmfHVRA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:46:48 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958277.352986,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 42691

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 34ms
11ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 12366216
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958277.353083,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 27682

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 33ms
10ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1398702
x-guploader-uploadid: ADPycdv9WC0_8pJ98J2RfM1Xp9nfafHEvirtFjDvY6VBVjhBncUkqoRnvm4fZSsOJS9HchqkmKAtI41_IPpo7lPWarRXkMuSbw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:26:15 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1648958277.353172,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 16299

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 34ms
12ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2260200
x-guploader-uploadid: ADPycdvkvhXPR6k5ZDLPCGXARjo93CnZ4rJjaGBoDLWqSmVaKzuzcMbTmko7NIIExCY0HaYxaVWR3wyW9PafkdwKJa0
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Wed, 08 Mar 2023 00:07:57 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958277.353244,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 34236

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 7ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1480802
x-guploader-uploadid: ADPycds33uvi6eLtn4gqz1FvmB4BRvguteE2sYrQdrujtZfbdywcLwNwrBUBCtCHuxeG4XJhf8PIqjJDYwKcv4VRbUk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:37:56 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958277.402539,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984460387
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 39944

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1482204
x-guploader-uploadid: ADPycdtBZqBpbz90ljo3tQBZHfz3GjPK98V-gsN5CqRG2m6oxMaWJGlqBMqEfFyxQye2GfLklS3ao7zJFnIVFotSO4-BdKZePQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:14:33 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958277.402772,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23564

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 8ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1394526
x-guploader-uploadid: ADPycdvY8WJhPH2o51UBKNtWd0Dk-tItILgU4R8qBRhBzbpTrzzgW00aPTKX8rqD5dzh7pXo2P1M_W3WPANSLgfdtRw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:35:50 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958277.402876,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14947

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 8EAF 393 B
732 B 13ms
6ms Document
text/html 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

c0c572d5836a69f0b4d0dc4b6199d9575d2581493f7c99c5d98160a6aafb164c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 292
cache-control: public, max-age=600
content-encoding: gzip
content-length: 277
content-type: text/html; charset=utf-8
date: Sun, 03 Apr 2022 03:57:57 GMT
etag: W/"189-axgSYlvFM4VTVDgEty/73bGVKWo"
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 5
x-cloud-trace-context: 7626c3c954417299f08741fb74f6e4c7
x-content-type-options: nosniff
x-datadog-parent-id: 2454039750846065183
x-datadog-sampled: 1
x-datadog-sampling-priority: 1
x-datadog-trace-id: 3807632075854573793
x-datadome-timer: (null),VE419
x-envoy-upstream-service-time: 2
x-nyt-backend: lire-ui
x-powered-by: Express
x-served-by: cache-hhn4062-HHN

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
26 KB 6ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 16602241
x-guploader-uploadid: ADPycdtpTwngcckBPmLoV9cyLEieZ80u7t1Z7KUkF0fidQNaVXPEVQWwEqTEX1aibD_hveAklZ8FM2CjjXgO9D_bvWY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 23 Sep 2022 00:13:55 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958277.472754,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984530255
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 25680
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17259

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 7ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1398600
x-guploader-uploadid: ADPycdvPhS9_UXE__rDTkj-IeqV09yNXMap0QkVflYmTfC3EBGuUnfUUoKW5OM6TkgUcY0rhWNOPKeBF0T7-IO9_wyA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:27:57 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1648958277.473172,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982884098
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 30615

GET
H2 200 imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
g1.nyt.com/fonts/family/imperial/ 27 KB
27 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=l1jStw==, md5=MNYHNhPjPnQt5MEyWzEGXA==
date: Sun, 03 Apr 2022 03:57:57 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1485048
x-guploader-uploadid: ADPycduntgMtxRuY-yTXcuacL8mrRiLD5zzR0DWtnelL8hzgJ-8XwWNsEgJsJGH9n2RM83vvPba_09B0w8pbFUFwiKRLDTof2g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27268
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Thu, 16 Mar 2023 23:27:09 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958277.473251,VS0,VE0
etag: "30d6073613e33e742de4c1325b31065c"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984485418
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27268
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 16245

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-1b7cd222a9b11462d7de.js Show response
www.nytimes.com/vi-assets/static-assets/ 44 KB
15 KB 8ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-1b7cd222a9b11462d7de.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3b4806b7e1d8a1b140b681b779aa16b3ca8b124852511b0b70b024b65d9053e1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 305841
x-guploader-uploadid: ADPycds3vax1LI3AS1hwFfQNuMRnDozQl8mBMs7sx_z9V0ccyZgRUs0NCKvFa3r1kyab8zd8uLol8cavWhd5O7FzcWJ2YrHlag
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-30 15:00:35 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958278.664852,VS0,VE1
etag: "0a2151732c49c637d84de058e57bca91"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-1b7cd222a9b11462d7de.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 12630
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14130
last-modified: Wed, 30 Mar 2022 14:49:33 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=uSW7iA==, md5=CiFRcyxJxjfYTeBY5XvKkQ==
x-goog-generation: 1648651773558480
expires: Thu, 30 Mar 2023 15:00:35 GMT
x-gdpr: 1
x-goog-stored-content-length: 45454
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-e3f089a627764c56e473.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 8ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-e3f089a627764c56e473.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c50eee5fcbe9202084502bc71038eff9ee41a8091f85ebebf473293db8fa7e9c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 200985
x-guploader-uploadid: ADPycdsJPuhZaPorAMcKAaIAbEEasuJDEWrHUXcom-yjhydqImw-28vbtIlOxfqH2R-yX9Y5aE523R5m2PBage9yrWs67t75FQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-31 20:08:13 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958278.664971,VS0,VE1
etag: "e99364427281a2c3c36e28b07dcd1a42"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-e3f089a627764c56e473.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6767
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13292
last-modified: Thu, 31 Mar 2022 20:00:03 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=ocy1GA==, md5=6ZNkQnKBosPDbiiwfc0aQg==
x-goog-generation: 1648756803293537
expires: Fri, 31 Mar 2023 20:08:12 GMT
x-gdpr: 1
x-goog-stored-content-length: 68853
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 8ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cc49996658507fab7a30a2e9cf53cfb8ddd903d86ad652d776fd5fc08e2938f8

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 305841
x-guploader-uploadid: ADPycdueicFArCciYYdo9l5KTtWS0uhT0tEagauhOgjOR6ib0EJz8qqRv4oJGOiBUyf6AytbIsriSRFQMKzkXEd46E4y6mGe4w
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-30 15:00:36 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958278.665033,VS0,VE0
etag: "fa5bc2a2165f8c6daab9bef9cff51ef9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-d200ab0916f6e87d55fd.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 12541
date: Sun, 03 Apr 2022 03:57:57 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5019
last-modified: Wed, 30 Mar 2022 14:49:33 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=ZP5p3Q==, md5=+lvCohZfjG2qub75z/Ue+Q==
x-goog-generation: 1648651773531988
expires: Thu, 30 Mar 2023 15:00:35 GMT
x-gdpr: 1
x-goog-stored-content-length: 22000
accept-ranges: bytes

GET
H2 200 pubads_impl_2022032908.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
125 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

81ba1ee0ac9dd087f7bf1f9cd2b5e30d04487a018b52061323dc7c8728557d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 08:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127474
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 19:32:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 01 Apr 2023 08:53:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
382 B 30ms
16ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1ebe1ba5209cef20f97aab962fd4e5cf06dbb3bd76be269c7b0918ff14713c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Sun, 03 Apr 2022 03:57:57 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
22 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:17:56 GMT
x-content-type-options: nosniff
age: 2401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 04:07:56 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 10ms
7ms Other
image/svg+xml 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 04:29:55 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 81C7 24 KB
8 KB 69ms
68ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=458043&publicationId=nytimes.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c63ae5902dc357e97755802d79a7342af432b88a739614ed0fefee0d012b2465

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1nOPL4euAh/2MNSU3sniCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-1nOPL4euAh/2MNSU3sniCw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1nOPL4euAh/2MNSU3sniCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-1nOPL4euAh/2MNSU3sniCw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sun, 03 Apr 2022 03:57:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 8EAF 2 KB
1 KB 13ms
12ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: gzip
x-api-version: F-X
age: 151
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 1252
x-served-by: cache-hhn4062-HHN
expires: Sun, 03 Apr 2022 01:13:55 GMT
server: envoy
etag: "Eux5Gg"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: f3cf4ab06ef024a5d6fae5d0ec75e543
cache-control: public, max-age=600
x-datadome-timer: (null),VE381
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 3

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 8EAF 410 KB
139 KB 12ms
12ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=5190f6b
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e00e4aa270bcdab5c0083257519e64652bc2272bd36d2ebd45c9b83e03a862b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: gzip
x-api-version: F-X
age: 438
x-cache: HIT
x-envoy-upstream-service-time: 151
content-length: 141677
x-served-by: cache-hhn4062-HHN
expires: Fri, 18 Mar 2022 00:49:03 GMT
server: envoy
etag: "Eux5Gg"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 9fab15cad0f3f0a2547cf1a1cfcc3c8d
cache-control: public, max-age=600
x-datadome-timer: (null),VE568
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 3

POST
H2 200 track
a.et.nytimes.com/ 0
0 508ms
508ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
98ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 124ms
124ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 248 KB
46 KB 76ms
6ms Script
text/javascript 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-105.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

b67c18df34f4e8fe9188cd80064115df938bb0325c562457838abee405ab1e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3dfeb-5db443fa9ee73-gzip"
age: 2767
x-cache: Hit from cloudfront
content-length: 46457
access-control-allow-origin: *
last-modified: Mon, 28 Mar 2022 09:50:55 GMT
server: Apache
date: Sun, 03 Apr 2022 03:11:50 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: hys9TwM6PrkCk2vp-ViwZ-lHQMHpR2ASzorko05lY5VkfgmVMd3XRg==
expires: Sun, 03 Apr 2022 04:11:50 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
56 B 84ms
83ms Fetch
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 81C7 0
23 B 60ms
60ms Other
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-16cYp3Dm5DLTEL6RLTERkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-16cYp3Dm5DLTEL6RLTERkQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458043&publicationId=nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
date: Sun, 03 Apr 2022 03:57:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-16cYp3Dm5DLTEL6RLTERkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-16cYp3Dm5DLTEL6RLTERkQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 81C7 21 KB
21 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458043&publicationId=nytimes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:17:56 GMT
x-content-type-options: nosniff
age: 2401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 04:07:56 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 81C7 161 KB
57 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI55BtAU1fnWSYCUYux-pXv_BWheqw/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458043&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

175610b2f414f0bb03c34b7f0c167de09f1157eeb6cb614ac16850a1b4329dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 20:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57653
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 01:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 20:13:26 GMT

GET
H2 200 vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js Show response
www.nytimes.com/vi-assets/static-assets/ 69 KB
17 KB 7ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

94ff2a55bf15b3b90f9ea670a0a213bf98c96163d7ebb4e11bc8966ef6c3b0d2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 469050
x-guploader-uploadid: ADPycdsCizVbPkFSQkVOtmULPv9CXzRdeO8PON7lUEcNPNvHg_G-2q7_xDb-qRtiBF6a26h4VrII3eGLAS_bCugbP-w
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-28 17:40:27 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958278.295334,VS0,VE1
etag: "5124a016abd0cddbed3293e50460ad7c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11657
date: Sun, 03 Apr 2022 03:57:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 16641
last-modified: Mon, 28 Mar 2022 17:10:56 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=ZZxCpg==, md5=USSgFqvQzdvtMpPlBGCtfA==
x-goog-generation: 1648487455999038
expires: Tue, 28 Mar 2023 17:40:27 GMT
x-gdpr: 1
x-goog-stored-content-length: 70277
accept-ranges: bytes

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 03:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 03:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
20 KB 180ms
180ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2656607243108854&correlator=562068582212802&eid=31065714%2C31065785%2C31066037%2C31065518&output=ldjh&gdfp_req=1&vrg=2022032908&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cbusiness%2Cdealbook&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=2415271210&sfv=1-0-38&ecs=20220403&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1138&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-26.442556919428682465_20220403035757%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1648909802497%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dperelmanronaldo%26org%3Dmacandrewsforbesholdingsinc%252Cteslamotorsinc%26des%3Dgoldenglobesawards%252Csupplychain%26auth%3Dandrewrosssorkin%252Cephratlivni%252Cjasonkaraian%252Claurenhirsch%252Cmichaeljdelamerced%252Csarahkessler%252Cstephengandel%26col%3Ddealbooknewsletter%26coll%3Dbusiness%252Cdealbook%26artlen%3Dlong%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dbusiness%26si_section%3Dbusiness%26id%3D100000008152853%26pt%3Dnt11%252Cnt12%252Cnt13%252Cnt15%252Cnt17%252Cnt19%252Cnt20%252Cnt5%252Cnt7%252Cpt1%252Cpt2%252Cpt4%252Cpt9%26gscat%3Dneg_citi_aa%252Cneg_capitalone%252Cneg_chanel%252Cneg_ibmtest%252Cneg_mastercard%252Cneg_google%252Cneg_debeer%252Cneg_gg1%252Cneg_ms_safe%252Cneg_aramco%252Cneg_rms%252Cgs_auto%252Cneg_bofa%252Cneg_mtb%252Cneg_virus%252Cgs_business%252Cneg_ibm%252Cneg_cme%252Cneg_amz_sfe%252Cgs_covid19%252Cgs_business_misc%252Cgs_auto_misc%252Cgs_health%252Cgs_auto_hybrid%252Cgs_health_misc%252Cgs_event_blackfriday%252Cgv_safe%252Cgs_t%26mt%3DMT10%252CMT5%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_2_noheadnosummary%252Cdfp_disp_incr_1_test%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DJfvDf12TD2P_SXOugQjbasYE%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DPhMv5K66S4Dxsh4JbFH56e&sc=1&cookie_enabled=1&abxe=1&dt=1648958279334&lmt=1648909802&dlt=1648958278180&idt=1119&biw=1600&bih=1200&adxs=0&adys=76&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1187806058.1648958279&ga_sid=1648958279&ga_hid=1643631000&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

116b94244fe1303e7f89edebc45a7024bfab3a47c0492b5b68a7a67913203a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20464
x-xss-protection: 0
google-lineitem-id: 5909372040
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138380571217
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3B2 6 KB
4 KB 76ms
15ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:57:58 GMT
expires: Mon, 03 Apr 2023 03:57:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 81C7 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=458043&publicationId=nytimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 384677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 17:06:41 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 744
content-length: 0
date: Sun, 03 Apr 2022 03:57:58 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 33
x-cloud-trace-context: 18f4bfe0724fdbb769c6dbaa54be91de/15058425021559922886
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: b51281df4e1bc8c7
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1648958278.489060,VS0,VE0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 744
content-length: 0
date: Sun, 03 Apr 2022 03:57:58 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 34
x-cloud-trace-context: 18f4bfe0724fdbb769c6dbaa54be91de/15058425021559922886
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: ae80583ca3489f56
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1648958279.638969,VS0,VE0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 744
content-length: 0
date: Sun, 03 Apr 2022 03:57:58 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 35
x-cloud-trace-context: 18f4bfe0724fdbb769c6dbaa54be91de/15058425021559922886
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: b374b802d83d6550
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1648958279.689682,VS0,VE0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 109ms
108ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Sun, 03 Apr 2022 03:57:58 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 76c01b8716a4023d406b53332b82fc19/12643576725443265218
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: be84abff9d1fb7a2
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1648958279.735786,VS0,VE102

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 744
content-length: 0
date: Sun, 03 Apr 2022 03:57:58 GMT
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 36
x-cloud-trace-context: 18f4bfe0724fdbb769c6dbaa54be91de/15058425021559922886
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: AM
x-nyt-region: BY
x-samizdat-query-exe-id: bca7c562e199ca27
x-samizdat-query-field-errors: 0
x-served-by: cache-hhn4061-HHN
x-timer: S1648958279.737573,VS0,VE0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 105 B
903 B 137ms
136ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d21d3a9 /
Resource Hash: 62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Sun, 03 Apr 2022 03:57:58 GMT
via: 1.1 google, 1.1 varnish
x-nyt-meridiem: AM
x-b3-traceid: 7bc4171cefa9c56f-298e6b1a2fcac954-1
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
x-cache: MISS
x-cloud-trace-context: 4a31c5211b182c3f260b96bfd82593f3/5458062750394426391;o=1
samizdat-x-instance: 3c9d5d64
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 85f353f405fd6326
content-length: 105
samizdat-x-canary: false
x-graphiti-gateway: a7293694
last-modified: Sun, 03 Apr 2022 03:57:57 GMT
server: samizdat-graphql-d21d3a9
x-timer: S1648958278.496918,VS0,VE130
x-nyt-continent: EU
x-served-by: cache-hhn4062-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BY
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 7bc4171cefa9c56f-298e6b1a2fcac954-1
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 649 B
1 KB 231ms
178ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&pageviewID=JfvDf12TD2P_SXOugQjbasYE
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 0fcec245a6700fd5df148c19215cc9b643efe7f62044075e35dcdaf4f56723fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:58 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 649

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET
H2 200 comments-97b4d32ccbe0279533bc.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 9ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-97b4d32ccbe0279533bc.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

74f4d3189d342c2710ac60bc3d7ac1168a9ee24867045e22a7943573dea01c0c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 271681
x-guploader-uploadid: ADPycdtJ_Yscyck2NWMsbVmtPXPWlCplSGdDPKegrXnL2rMAw9sx6KLxh6qYbpjIhYUQwcdYuGrg3DLFn4KYj6HKn0yzEm7pAQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-03-31 00:29:56 UTC
x-served-by: cache-hhn4062-HHN
x-timer: S1648958279.709964,VS0,VE1
etag: "abca6cde713442e814e286b5de5dd666"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-97b4d32ccbe0279533bc.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7163
date: Sun, 03 Apr 2022 03:57:58 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15129
last-modified: Wed, 30 Mar 2022 22:19:29 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=RWXgRA==, md5=q8ps3nE0QugU4oa13l3WZg==
x-goog-generation: 1648678769486023
expires: Fri, 31 Mar 2023 00:29:56 GMT
x-gdpr: 1
x-goog-stored-content-length: 51529
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 147 B
407 B 147ms
146ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup~newsletter~newsletters~recirculation-fbcdc23061506618b570.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d21d3a9 /
Resource Hash: f468c98e35724fa3b7fa006bea51de1bd3e0917efd14aafdfad0420631b76221

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type: project-vi
Content-Type: text/plain;charset=UTF-8

Response headers

x-nyt-meridiem: AM
x-b3-traceid: 5c5a13fd120a30a8-159f4750dc8e4ab3-1
age: 0
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 756b38352eda682a
samizdat-x-canary: false
x-graphiti-gateway: a7293694
x-nyt-country: DE
x-timer: S1648958279.844851,VS0,VE140
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BY
x-cloud-trace-context: 840ed2745e24a5b0207c8ac180691c28/16069150451597853924;o=1
cache-control: max-age=30, public
x-cache-hits: 0
x-samizdat-query-sup-code
date: Sun, 03 Apr 2022 03:57:58 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 94655e25
content-length: 147
last-modified: Sun, 03 Apr 2022 03:57:58 GMT
server: samizdat-graphql-d21d3a9
x-served-by: cache-hhn4062-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 5c5a13fd120a30a8-159f4750dc8e4ab3-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 124 B
914 B 10ms
10ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-d21d3a9 /
Resource Hash: f20e8b3bf22a3042f9598ef6327344c65bfeaf07e13e27aace075563e619dbb3

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-nyt-meridiem: AM
x-b3-traceid: 7d421598ddcc22e5-90f20c77d9566b3-1
age: 21
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: eeabc84fa08eb946
samizdat-x-canary: false
x-graphiti-gateway: a7293694
x-nyt-country: DE
x-timer: S1648958279.745065,VS0,VE0
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
x-nyt-region: BY
x-cloud-trace-context: 69950fe0ad8b179aca1a200777011dd2/3207312098342310577
cache-control: max-age=30, public
x-cache-hits: 2
x-samizdat-query-sup-code
date: Sun, 03 Apr 2022 03:57:58 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: HIT
samizdat-x-instance: 89251aad
content-length: 124
last-modified: Sun, 03 Apr 2022 03:57:37 GMT
server: samizdat-graphql-d21d3a9
x-served-by: cache-hhn4062-HHN
access-control-allow-credentials: true
x-datadog-trace-id: 7d421598ddcc22e5-90f20c77d9566b3-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 602ms
565ms Fetch
text/html 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 4f35973a5113e7d64ff7c295b2f55ea7
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Sun, 03 Apr 2022 03:57:59 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 471ms
234ms XHR
application/json 3.231.136.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&jkcb=1648958279680
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.231.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-136-214.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 57da4ecd9b753be7827deb9fb038377eede39723387ae14dccdea6d60b498490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
expires: Sun, 03 Apr 2022 03:57:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 3e018f85e2f27aba3d18810a77e1ac4a
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 136
access-control-allow-headers: Content-Type, x-requested-by
x-appengine-log-flush-count: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 423 B
245 B 49ms
49ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2656607243108854&correlator=562068582212802&eid=31065714%2C31065785%2C31066037%2C31065518&output=ldjh&gdfp_req=1&vrg=2022032908&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Cbusiness%2Cdealbook&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=2&adks=925619538&sfv=1-0-38&ecs=20220403&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1491&cust_params=als_test_clientside%3Dweb_none_none_none_v3-1-26.442556919428682465_20220403035757%26mktg%3Dadv_1%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%252Cabf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1648909802497%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dperelmanronaldo%26org%3Dmacandrewsforbesholdingsinc%252Cteslamotorsinc%26des%3Dgoldenglobesawards%252Csupplychain%26auth%3Dandrewrosssorkin%252Cjasonkaraian%252Csarahkessler%252Cstephengandel%252Cmichaeljdelamerced%252Claurenhirsch%252Cephratlivni%26col%3Ddealbooknewsletter%26coll%3Dbusiness%252Cdealbook%26artlen%3Dlong%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dbusiness%26si_section%3Dbusiness%26id%3D100000008152853%26pt%3Dnt11%252Cnt12%252Cnt13%252Cnt15%252Cnt17%252Cnt19%252Cnt20%252Cnt5%252Cnt7%252Cpt1%252Cpt2%252Cpt4%252Cpt9%26gscat%3Dneg_citi_aa%252Cneg_capitalone%252Cneg_chanel%252Cneg_ibmtest%252Cneg_mastercard%252Cneg_google%252Cneg_debeer%252Cneg_gg1%252Cneg_ms_safe%252Cneg_aramco%252Cneg_rms%252Cgs_auto%252Cneg_bofa%252Cneg_mtb%252Cneg_virus%252Cgs_business%252Cneg_ibm%252Cneg_cme%252Cneg_amz_sfe%252Cgs_covid19%252Cgs_business_misc%252Cgs_auto_misc%252Cgs_health%252Cgs_auto_hybrid%252Cgs_health_misc%252Cgs_event_blackfriday%252Cgv_safe%252Cgs_t%26mt%3DMT10%252CMT5%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_messaging_flexframe_ctr_2_noheadnosummary%252Cdfp_disp_incr_1_test%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DJfvDf12TD2P_SXOugQjbasYE%26purr%3Dnpa%26uap%3Dbrowser%26aid%3DPhMv5K66S4Dxsh4JbFH56e%26bt%3D%26typ_materials%3D%2523news%2523&sc=1&cookie_enabled=1&abxe=1&dt=1648958280120&lmt=1648909802&dlt=1648958278180&idt=1119&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=1187806058.1648958279&ga_sid=1648958279&ga_hid=1643631000&ga_fc=false&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c84d6c406e5be8217d3c54e50d4c7655895a2e452b3242233f8e5960323cfc39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 THE-MORNING-SECTION-BREAK-articleLarge.jpg
static01.nyt.com/images/2020/04/21/multimedia/THE-MORNING-SECTION-BREAK/ 78 B
672 B 7ms
7ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/04/21/multimedia/THE-MORNING-SECTION-BREAK/THE-MORNING-SECTION-BREAK-articleLarge.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f43bb16702383a36c9cf3ad0f5b08fbd6f651053ae58826804fafcc748adeac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 166313
x-guploader-uploadid: ADPycdt3eYj1adnU_IiguQ6VZMnyojPHHcd6gsSScWmuJK80tYS20fRMiv9iOjAqPbqlr-pdCLXaBwxPmaMjJUVc0I8
x-cache: HIT, HIT
fastly-io-info: ifsz=3360 idim=600x14 ifmt=jpeg ofsz=78 odim=600x14 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 78
fastly-io-warning: Failed to apply profile
x-served-by: cache-iad-kjyo7100154-IAD, cache-hhn4062-HHN
server: UploadServer
x-timer: S1648958279.196412,VS0,VE1
etag: "DdB1qn8kXa9UQKWzHdEnihwyaVGeRe2NpXBdw5qGBio"
vary: Accept
x-goog-hash: crc32c=up8kew==, md5=Zna0ISGTP09ULes4YVg5CA==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 08 Mar 2022 06:02:00 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.UwYmpRA8Kyo.L.B1... Frame 81C7 130 KB
44 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.UwYmpRA8Kyo.L.B1.O/am=GAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6dBAH1aK4AUPBpsd90q3MhuiKohg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/am=GAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI55BtAU1fnWSYCUYux-pXv_BWheqw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4178c8d3be35e353bbc44d2806357c45c522af9413be4845bb9e6a95567a867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 20:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44934
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 01:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 20:18:47 GMT

GET
H3 200 container.html Show response
a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA72 6 KB
3 KB 23ms
9ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:57:58 GMT
expires: Mon, 03 Apr 2023 03:57:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
dd.nytimes.com/js/ 232 B
565 B 28ms
15ms XHR
application/json 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-105.fra56.r.cloudfront.net
Software: DataDome /
Resource Hash: b52a3900cce7e1bc31b1a7cc40b9e42e3ad70c48269602152f9ec51bcde5bbd9

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
x-amz-cf-id: c4jl4ZhDRl2tTa-yKv7-EU6JpzcmWXIOX7PP_1Y5CiQeoI-CdpiyJQ==
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
98ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.UwYmpRA8Kyo.L.B1... Frame 81C7 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.h7qatZCX-ig.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.UwYmpRA8Kyo.L.B1.O/am=GAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6dBAH1aK4AUPBpsd90q3MhuiKohg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752bec820a04c666cfcf3e51a26a952817996bbb1b88b5c2c5f1af5bfd8f7914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 20:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7262
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 01:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 20:18:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FA72 7 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c113320c2d84263ae9305df3d86529fcb0a8df6d834be835735deccc9357869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Apr 2022 02:05:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 03 Apr 2022 03:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Apr 2022 03:57:59 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FA72 22 KB
7 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 08:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Mar 2023 08:43:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FA72 6 KB
769 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&lang=de

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5137204503a6bb4a83d9f4e415d18e526a3a453e26d4d0f358c39fa18598e34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Apr 2022 02:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 03 Apr 2022 03:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Apr 2022 03:57:59 GMT

GET
H2 200 10396418370842495583
tpc.googlesyndication.com/simgad/ Frame FA72 6 KB
6 KB 30ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10396418370842495583?

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d7d28d6a05a851cc7af731a1a25ba0a3bc2dbb9a136c475db5c4969eed384c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 11:01:30 GMT
x-content-type-options: nosniff
age: 492989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6083
x-xss-protection: 0
last-modified: Fri, 17 Aug 2018 16:14:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Mar 2023 11:01:30 GMT

GET
H2 200 11093422321459201016
tpc.googlesyndication.com/simgad/ Frame FA72 251 KB
251 KB 31ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11093422321459201016?

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b520b66c0e1fdf690cb0f5c481789fee8b42ac86c773f696ba9e383d1b0477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:15:17 GMT
x-content-type-options: nosniff
age: 304962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257034
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 19:03:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 15:15:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA72 119 KB
37 KB 50ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 03:57:59 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 65 KB
16 KB 905ms
899ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 57b6192493a30f1f0f6ea880c89230d6cb2550fa182584777d180c04432d7851

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4062-HHN
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1648958279.424044,VS0,VE893
vary: x-nyt-user-status, x-nyt-country, x-nyt-cmots-purr-ad-conf, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 88fe8fc5ed8ef5c20e8fa6ee9bcd7d1a
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1389
date: Sun, 03 Apr 2022 03:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 03 Apr 2022 05:34:50 GMT

GET
H3

200

activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbu... Show response
5290727.fls.doubleclick.net/ Frame BC16
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fw...

580 B
413 B

40ms
25ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

6dce7a9e15ef8c12ae23fefccb2790b7e9b93023ba91d8742c99e24a12b232e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 390
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:57:59 GMT
expires: Sun, 03 Apr 2022 03:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:57:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 54ms
6ms Script
application/x-javascript 2600:9000:223c:8600:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 02:23:37 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 04:15:35 GMT
server: nginx
age: 5662
etag: W/"62297b67-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: zjEp-se2nR-VnTo0iGf-DMd-zI754Mdpbk8G8wjxKVkdjDqeYBo9MA==
expires: Sun, 03 Apr 2022 04:23:37 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
607 B 23ms
6ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
content-type: application/javascript
age: 28
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4062-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1648958280.500568,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 94ms
29ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=245121930
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 log Show response
play.google.com/ Frame 81C7 131 B
672 B 55ms
17ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 03 Apr 2022 03:57:59 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 501ms
501ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 81C7 436 B
323 B 37ms
37ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=-4950696335684174393&bl=boq_subscribewithgoogleclientserver_20220331.12_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=14281&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

310f9643234b0256763c6632580d8d5925e72fc695ec15ee27e43418744ac1e7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA72 0
0 30ms
29ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzZAKzyq0HTivTLC2Qdy3Y6zfh7T7GvXR_1K2z2W5b8z3Ab8lrR29qia0KvkjrPZGCx6eBIWSgFVRqfMeuJJOo4FOsZ7X1ltoOp1_Ab1tmVe45tHiNi8h7qLqiA4hLsLiN1gc5dpQZ2Fl8taZS1T0HxYLxx2S66EB-AsNHyY7FaOaamD2PG_TTc8mx21GBiCW7j-H7wM_7Uct2vpyfgoI-9qSdp4nHpBSoDmiSKc3n6_gEO-B_d_NvwQ12JjM8kRaXsDUfUxHZykbx3znhx-4ew3VNY_p4H1v9vtWq5e7IZt7SwvkSRlLlfyah074AhbDTZkgInafBiyzKf_CCiroy_m791a4&sai=AMfl-YQKPEJa9J9I9wf-A2G-4eBqUrrdD1hveXNNY_X2ji5P_osNL0p07Aw0i3dXeLvo4yu4SBOvAVMNjxxr9zTks4Il6C-53CUEQdCoKIsdArHhLnKZx9m06dUjwPtHPGM8&sig=Cg0ArKJSzBwauzL4mTPWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 03:57:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

B27199400.327605816;dc_pre=CNaAhKSA9_YCFQrNEQgdfO8GnQ;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame FA72
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CNaAhKSA9_YCFQrNEQgdfO8GnQ;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_r...

14 KB
10 KB

34ms
34ms

Script
text/javascript

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CNaAhKSA9_YCFQrNEQgdfO8GnQ;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

05953e087b84175f862d132105afc4b440e3ba2018ae0314e300c3bba6f6cb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10712
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_pre=CNaAhKSA9_YCFQrNEQgdfO8GnQ;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 audio-on.svg
static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame FA72 1 KB
872 B 21ms
7ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/audio-on.svg
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e44027ee643a87c2b6ee2cbd3e738302be02274940dede3f3aa13d0bd15aae57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
age: 417849
x-guploader-uploadid: ADPycdv0RlwspKvNrdC14-X690sQgWC2aNkvfyX4oiO9tU4LBooHT52kKQWI64znW5bWvJpE-WscTVeg7qdQwbx7WEI
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 591
x-served-by: cache-iad-kiad7000145-IAD, cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 20:20:42 GMT
server: UploadServer
x-timer: S1648958280.594273,VS0,VE0
etag: "346f9807dd0b6feb5e3b3dcb6313c24b"
vary: Accept-Encoding
x-goog-hash: crc32c=2lfk7A==, md5=NG+YB90Lb+teOz3LYxPCSw==
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Tue, 22 Mar 2022 07:53:50 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4590, 53

GET
H2 200 audio-off.svg
static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame FA72 880 B
966 B 19ms
6ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/audio-off.svg
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 19195533133b2d5cf2cc8fc1d489120e453dd814075b3a95a09db6c339c6d1d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
age: 250216
x-guploader-uploadid: ADPycdsAOOUfMNyTGZSu_piyfJio3SyD1fbOl5SmKnBHdBMZXR6g-w-SOF0KdrFNV0NIs0GvfJPEn3p6mVDyIdmNHCE
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 520
x-served-by: cache-iad-kjyo7100049-IAD, cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 20:20:43 GMT
server: UploadServer
x-timer: S1648958280.594066,VS0,VE0
etag: "61f5aa96fb4cd2d84623ea97b5ec005e"
vary: Accept-Encoding
x-goog-hash: crc32c=sSTh/w==, md5=YfWqlvtM0thGI+qXtewAXg==
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Tue, 01 Mar 2022 09:04:27 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2142, 83

GET
H2 200 pause.svg
static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame FA72 702 B
786 B 19ms
7ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/pause.svg
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c9fb083529541e219ad17a00cb201b3dba9dabcdcc01eae4eb9ac04b8cb72216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
age: 167676
x-guploader-uploadid: ADPycdsBKuAEpr_elQruSdJ1hOJFFG9vYQ257LmJ78VN8-6yYSn5nb9GcihxwSGCMa2xcxTK_93U4IDYJe2KxVJqYlApOwelbQ
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 435
x-served-by: cache-iad-kiad7000027-IAD, cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 20:20:42 GMT
server: UploadServer
x-timer: S1648958280.594149,VS0,VE0
etag: "67652da3a119c795c417355d9e1ac31a"
vary: Accept-Encoding
x-goog-hash: crc32c=GdvCsQ==, md5=Z2Uto6EZx5XEFzVdnhrDGg==
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Fri, 18 Mar 2022 05:23:22 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5003, 84

GET
H2 200 play.svg
static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/ Frame FA72 681 B
890 B 20ms
8ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nytimes.com/ads/adplatforms/user-interface-elements/video-icons/play.svg
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8658fc44ca45cf40ee56d54bccb269e8cbca4ad85f1ea1bfbbc5faf127a7dec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
age: 415040
x-guploader-uploadid: ADPycdueAOEGrOtCUggr-AOXGRUxO1eTgjgxfwmmi74hi0sy9qpXGXLtXPnMSgxIClyRMg8ls36VMIa8HeucvFjI4Ko
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 440
x-served-by: cache-iad-kcgs7200129-IAD, cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 20:20:43 GMT
server: UploadServer
x-timer: S1648958280.594254,VS0,VE0
etag: "ac79f9cf6aa8bd6f20fc5bc3a629e040"
vary: Accept-Encoding
x-goog-hash: crc32c=9xm5Gw==, md5=rHn5z2qovW8g/FvDpingQA==
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Tue, 25 Jan 2022 08:40:38 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5024, 81

GET
H3 200 container.html
a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA72 6 KB
6 KB 9ms
8ms Image
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3108
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 03 Apr 2023 03:57:58 GMT

GET
H2 200 cheltenham-normal-300.woff
g1.nyt.com/fonts/family/cheltenham/ Frame FA72 35 KB
35 KB 7ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09

Request headers

Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
Origin: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=b2NKXw==, md5=gst5XYxXu+Nn0P++uojrUw==
date: Sun, 03 Apr 2022 03:57:59 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1393239
x-guploader-uploadid: ADPycdvwkBlAQ6GI11l6l-idbT5q4GvLPZyuk4YunHvyRKSS_QGjl6DfKymtH9LADrqf10ZuzXe3rAJt2Y1YUyGiSH8
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35940
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:57:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958280.583997,VS0,VE0
etag: "82cb795d8c57bbe367d0ffbeba88eb53"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982644086
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 35940
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 franklin-normal-700.woff2
g1.nyt.com/fonts/family/franklin/ Frame FA72 20 KB
20 KB 8ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff2
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
Origin: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sun, 03 Apr 2022 03:57:59 GMT
via: 1.1 varnish
content-type: application/octet-stream
fastly-original-body-size: 20312
age: 440939
x-guploader-uploadid: ADPycdszEDeV237R9agYS9U0aGAuIpZq59yAgzHo57-GAbfHAH-6Qe11rxyCT9omgB5j6HX3ulz8dgL7J7_sRsKQwsMBP1F0Mw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Wed, 29 Mar 2023 01:29:00 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958280.584103,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984072337
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 44

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame FA72 13 KB
13 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 294869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:03:30 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 298ms
97ms Image
image/gif 35.171.62.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&u=DrKMKiClYiVrBuuAqc&d=nytimes.com&g=16698&g0=business%2CDealBook%2Cbusiness_desk&g1=Andrew%20Ross%20Sorkin%2CJason%20Karaian%2CSarah%20Kessler%2CStephen%20Gandel%2CMichael%20J.%20de%20la%20Merced%2CLauren%20Hirsch%2CEphrat%20Livni&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3110&t=C_5etTBhFoBjgbXm_f34vLByfPNc&V=129&i=Must%20the%20Shows%20Go%20On%3F&tz=0&_acct=anon&sn=1&sv=CYfAYRCe8gJZDFo81iDJzZFiBhuMrx&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.62.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-62-124.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1643631000&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&dr=&ul=en-us&de=UTF-8&dt=The%20Pandemic%27s%20Hit%20to%20Awards%20Shows%20Hurts%20Hollywood%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=343678414&gjid=1319781168&cid=1187806058.1648958279&tid=UA-58630905-2&_gid=1291396412.1648958281&_r=1&gtm=2wg3u0P528B3&cg1=business&cg2=dealbook&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&cd3=&cd4=Business&cd9=9&cd10=null&cd12=DealBook&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000008152853&cd18=Andrew%20Ross%20Sorkin%2CJason%20Karaian%2CSarah%20Kessler%2CStephen%20Gandel%2CMichael%20J.%20de%20la%20Merced%2CLauren%20Hirsch%2CEphrat%20Livni&cd19=Must%20the%20Shows%20Go%20On%3F&cd20=DealBook%20Newsletter&cd21=Article&cd23=Business&cd25=DealBook&cd26=2022&cd27=2022-01-10-07&cd28=Monday&cd29=07&cd30=1641816622456&cd32=Business%2CDealBook&cd33=SECTION%2CSECTION&cd34=NEWS&cd36=10db-newsletter-web&cd37=1753&cd38=Business&cd42=nyt-vi&cd43=Golden%20Globes%20(Awards)%2CSupply%20Chain&cd44=MacAndrews%20%26%20Forbes%20Holdings%20Inc%2CTesla%20Motors%20Inc&cd45=Perelman%2C%20Ronald%20O&cd48=January&cd49=heave_over_1600&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=PhMv5K66S4Dxsh4JbFH56e&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=PhMv5K66S4Dxsh4JbFH56e&z=2112816941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood...
adservice.google.com/ddm/fls/z/ Frame BC16 42 B
63 B 67ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=COOMgaSA9_YCFYGEUQodYsUD9g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8176530142856;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:57:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 81C7 131 B
155 B 33ms
19ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 03 Apr 2022 03:57:59 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 30ms
15ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Apr 2022 03:57:59 GMT
expires: Sun, 03 Apr 2022 03:57:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 81C7 131 B
155 B 35ms
20ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 03 Apr 2022 03:57:59 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 26ms
14ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Apr 2022 03:57:59 GMT
expires: Sun, 03 Apr 2022 03:57:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 81C7 131 B
155 B 35ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 03 Apr 2022 03:57:59 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 26ms
15ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Apr 2022 03:57:59 GMT
expires: Sun, 03 Apr 2022 03:57:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FA72 41 KB
15 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B27199400.327605816;dc_trk_aid=519769944;dc_trk_cid=165770344;ord=1407359685;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Mar 2023 06:39:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA72 0
0 30ms
30ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseDn2QQEMwsaZK6wmzXf_G_9v27lTd1L9USpOTeOT-99QBbdrn-OCFc9FdtoZEPtL_hIz8HaoOA2JHKYd3z0Nh0TzJE9N7VN3cQljpcNTZdihUIEOiaiZjIVJRKZKm8tSl7RUl0ArOFn-LecYDzue1eWNioFSByiv6xXIPqzbMAb6C3HkMIij-XKikiI5PgEQKHL1wZAA5XwwVPD6BpdwPRupsbax5_VfDHLqldN4Jr_4IB3mdqZhq5olNoLtTSVKa8xfOyuIZZxnLorPMxlPwXEGOyXxDVwnFgh_06Up-6ZE4tvw_PsYEwXa1pik6v96oScMsER5Jt_Y&sai=AMfl-YR8fuqc6Tnj83Zy4FOmHsQd0AZTH_u_Q3FdeHTuAv205__GWr6XzS9RjiWsALI7a3JaYcwutbCc4H700zOY5lLkFiT4z_pM4iQO7kS1HtGJBmSWMp2ogH9jD88-M7C9&sig=Cg0ArKJSzDrfUwPJBQn9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 03:57:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 03 Apr 2022 03:57:59 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 206 98663_1_MKTG-IndependentJournalism-Verav3-2022_wg_240p.mp4
vp.nyt.com/video/2022/02/02/ Frame FA72 1 MB
0 15ms
7ms Media
video/mp4 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.nyt.com/video/2022/02/02/98663_1_MKTG-IndependentJournalism-Verav3-2022_wg_240p.mp4
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

x-goog-hash: crc32c=b3H9sA==, md5=tfd4PM/MeYkjmiejKYHIjA==
date: Sun, 03 Apr 2022 03:57:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1404708
x-guploader-uploadid: ADPycduItXIW3Wug4hDAZk4QYKpLYaZJhS4oq7poYer3vRO92fa58X2_u2gwb8hN-Oo5CnbZ9CohLA5VURM4a298Bk3LZPOJQw
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 3230179
x-served-by: cache-mdw17356-MDW, cache-hhn4062-HHN
Content-Range: bytes 0-3230178/3230179
last-modified: Wed, 02 Feb 2022 20:47:53 GMT
server: UploadServer
x-timer: S1648958280.731066,VS0,VE1
etag: "b5f7783ccfcc7989239a27a32981c88c"
access-control-allow-methods: GET, HEAD, OPTIONS
x-goog-generation: 1643834873236445
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 21:46:04 GMT
cache-control: public, max-age=1, s-maxage=31536000
x-goog-stored-content-length: 3230179
accept-ranges: bytes
content-type: video/mp4
x-cache-hits: 1, 0

GET
DATA 200
OK truncated
/ Frame FA72 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73a43d00ac67f87137762a9f573149fe0d3b3628971e7f2ad062e950a539634b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E01 22 KB
8 KB 56ms
55ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 249191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 06:44:48 GMT
expires: Fri, 31 Mar 2023 06:44:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 98663_1_MKTG-IndependentJournalism-Verav3-2022_wg_240p.mp4
vp.nyt.com/video/2022/02/02/ Frame FA72 18 KB
19 KB 28ms
27ms Media
video/mp4 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.nyt.com/video/2022/02/02/98663_1_MKTG-IndependentJournalism-Verav3-2022_wg_240p.mp4
Requested by: Host: a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
URL: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 423a6ea9de9c60d9d19fa7518df147464be20963dd1c4ba5d199f610e9405e6e

Request headers

Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=3211264-

Response headers

x-goog-hash: crc32c=b3H9sA==, md5=tfd4PM/MeYkjmiejKYHIjA==
date: Sun, 03 Apr 2022 03:57:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1404708
x-guploader-uploadid: ADPycduItXIW3Wug4hDAZk4QYKpLYaZJhS4oq7poYer3vRO92fa58X2_u2gwb8hN-Oo5CnbZ9CohLA5VURM4a298Bk3LZPOJQw
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 18915
x-served-by: cache-mdw17356-MDW, cache-hhn4062-HHN
Content-Range: bytes 3211264-3230178/3230179
last-modified: Wed, 02 Feb 2022 20:47:53 GMT
server: UploadServer
x-timer: S1648958280.758476,VS0,VE1
etag: "b5f7783ccfcc7989239a27a32981c88c"
access-control-allow-methods: GET, HEAD, OPTIONS
x-goog-generation: 1643834873236445
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 21:46:04 GMT
cache-control: public, max-age=1, s-maxage=31536000
x-goog-stored-content-length: 3230179
accept-ranges: bytes
content-type: video/mp4
x-cache-hits: 1, 0

GET
H2 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E01 35 KB
14 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 06:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 06:58:35 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 98ms
98ms Fetch
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 35ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032908&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a401f42c7cf70bb2f77b332dfea1e1bd0064dd6f1da2abee49dd6d3c265edb9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10472
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 97ms
32ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa3cc3b75f047e0168ce21f11ef0dc4c4fd2365a260affc0eca72ddf54555d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BTRBW55EN4VWFKV1
x-amz-id-2: rdCvxLPqSGqNsyJBETOFSsNVYWsSnXRW8bSDmF+Cw6bvvKJgqH/sjwYGby6TSjpJjF8JVxl2rWM=
last-modified: Wed, 02 Mar 2022 17:05:47 GMT
server: cloudflare
etag: W/"2dab361630d1f8d71f67e535d1f0848a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTkzkfEqG3bnnDeV1viNebOcF2wHqvFBKf0RiBZcTlYAJ6jEk0tDeCgrSzgeh4kpmzA%2F27EmnqLuB%2B08roEQ%2FghJu6XTnPBQQwrB3iaUM0as0dQl3Tmi%2FW%2BmrZ9ES52HJ9K4zccsURhi8c4y1zLHKATMOog9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6f5ee2221c4759b9-MXP

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 03:57:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E01 0
20 B 56ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9LT9RxtJYoCFJ7WG7_UPzeucgA0AAAAAOAHgBAI&bg=!g4ClgMTNAAZku-1yRLs7ACkAdvg8Wmb52FKIjbmVKQsyqhtz_8iCbeqsSpCt4_gSKNNMvfTqx0W0WwIAAABzUgAAAAFoAQeZAytCsTYYHsCK4ZUTg1q46vm35qj9c_F6KFn26Y2uTJuyAkIybYSE8B9yXaIlRHgLUEQyDUyLVMhu917AzQelIgvI9_AOIOpR3wJtGt91MmJr7Ulnm6SuWckdSLcvmYFGZJYW6Vb1BTA5_ZW9kTOUQW5FnhfV7yhjxRjLN8QWxSqzqSQfTOZzVH_mLkJ96fsjWwIIhWpayvIEBxTy8rUTTnoiFKELpUQ1fy80np5M8aUJwcAeO054YOgJLUYEsxlhtgg6s0Q38xBr5nR5FpUdBhJAA1DaUvSShFXjS5lQ5SrAJq86IHJNQDfeODW0nCqozyIlBQ0oBhnEMC6k02HdNoioeDpj-BnGN1DYFlKJDhVV6KUk84g9gs93rzfQkReTN7DsfqiRI4dDP87FdipSlDGW9GR9IGMXyZfLJJCBEk6l4Vm2rImY5XZid6juBlHkLbCbWN38lZ-xCI65Il1veArOz0an6N7cqgkWfv1v_Y3Ei-yHBnA083Sk-vvcfbzZafyXCVeVSG85QVRP0aOfk0rVlIt72k9MpRVtwvEWt2gKTA43S0z9UOJFhsDSn3F4SEXq1UQ9arQfqCGF-AeDWPIV1s4cDatR3HtpE8xloq0i2k-uFH0jKN195Ya8J3CFC-IJfKODOM_upCmf21tdCH9siI42_2GT73gMPsnSnffTyW9AIfqlv-lMSGFTlTojzvNn1CDymWtEGtp2MidvpUZugOAjvozjCnjROVCqTWQhek5_jsgK-9IGpSA19nJmLCOac8ngLDBzlI-SnkmXqjvFV5gP-kNECoHQkBXYnYF89CI0kI3hLZdhQhGoOD6TtDVsiaUs0EXEthUyujmUPCSNIuXTBLTxQV-R5DCUV-TgAfJfiu6fo_vwHpUawkjd91medNUI6SNcTYgUVwPb8aGzIm2ISf2CGYtLBtRs25spbazlE4y-iQZs73K2NySHnKKRlM2VQq9rWw35WFZpuenn0JAeqyIYLaBoDtI_ClsxzC8qr93lSTtJa_RKb1SWJbUmsSW6zxrPRX4XGFxzTyrQIf_ypcPOiJz-bdS_I0MFyqwuqtgqB7W1I_9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F75 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 69743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 08:35:37 GMT
expires: Sun, 02 Apr 2023 08:35:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CD2F 783 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c64d8c08074a3ccd62836cd9c1d0d1fd2a82bc5d22e08be8a16bbd2297fe4d1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pm6EDJe1hute5uI3sQtqeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Pm6EDJe1hute5uI3sQtqeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:58:00 GMT
expires: Sun, 03 Apr 2022 03:58:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F75 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

GET
H3 200 sdk-prod-86b9fd3e0466066c0e3b.js Show response
platform.iteratehq.com/ 897 KB
260 KB 64ms
44ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-86b9fd3e0466066c0e3b.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ca48de751ff3f006cefa78db99f8b0223e88b6d0564ea70e3c708d9312767f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2717515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BTRD2F399JQE2R3X
x-amz-id-2: wtEnUEfo4OPnYTkGdW+5NbMSYICcKsx2qx6bsemQQaCz94Aw1gnMrKJnTKeNvUxR64NmTniNgDg=
last-modified: Wed, 02 Mar 2022 17:05:43 GMT
server: cloudflare
etag: W/"eda1f516804755a17a5fb9ad0484d4f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psNmvMdcLUNbFZ8XoImOCghHMYOT0VPiFz%2B8So%2FoYRyMcjKaVBg8qrrVSKnFHiVMy3WJJfjSpv2UbQxGY5y9wMMDA3GT%2FwMnz4pWkqERV2dMkOgXgwANV3Bhe%2BSZApyawL6omaw%2FXdk7n7Nnj1WY%2FiNqSQnv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6f5ee2228f905a43-MXP

GET
H3 200 style-2bdbffb0210cc2e386f1.css
platform.iteratehq.com/ 130 KB
12 KB 47ms
28ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5581632
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0YMXT7WWEMYNMMX4
x-amz-id-2: ri93IscdBGQdLvL5d0uj7IKq/5YSWyL6lQKpq5AAzfNkuEOcIh7ffHaBMfpyuDXGDk1BvDDLTWE=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"4737fd744e2551cae9a2bc8884efd7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbfyrCYfLCaiAE13SJMhV6eHLzQJxH1hPeUKFl15mpobqn08Z64XhEg0vD0DWgCOSZFb6tS4MCW6jctcaWGA4vsj2e8T7Lv51uuvmV6ZQzrJ%2BWcm5PSmzRTrgF4K8kRu28c2%2FahrVFTc1Ucb3WGflh9zhGRw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6f5ee2228f915a43-MXP

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CD2F 0
0 59ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032908&jk=2656607243108854&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F75 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HpIpIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 171ms
141ms Fetch
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-86b9fd3e0466066c0e3b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a8cf8f4f9f74e48811a4e9389ac2f7bf29a60200ac1851ec1fe4c55e2d2e305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlcjk2WKQ20Y2aD9Av7WzMtLgs8J3rIXGt4hc4jdSgxgxb1TEmTonbo4FJwrdMBmjaoqUn9PaGivPyVJDef74RwARPTAN7CZU%2BC%2F2OEcKz3IhHscwqT3FfUolUvKBl5lJWAkGSNUpZVQXExn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6f5ee224ff4a5a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 173ms
127ms Preflight 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f5ee223e9f783b8-MXP
content-length: 0
date: Sun, 03 Apr 2022 03:58:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgIsGWHFD05sh78wHKFxaqcprTqL3w69cwT2c3gMrGvSGeTvJps1u3wE34G4I2iTbQX%2BWDIqYE8l%2FuvQqNRhcaTgk9wKLiyfJpEU6fO%2FMJY1sqmzyWhS9ffhRUVACN9DqC9HdIJpysgwwREE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 1641ms
1641ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 THE-MORNING-SECTION-BREAK-articleLarge.jpg
static01.nyt.com/images/2020/04/21/multimedia/THE-MORNING-SECTION-BREAK/ 78 B
465 B 8ms
8ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/04/21/multimedia/THE-MORNING-SECTION-BREAK/THE-MORNING-SECTION-BREAK-articleLarge.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f43bb16702383a36c9cf3ad0f5b08fbd6f651053ae58826804fafcc748adeac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 166314
x-guploader-uploadid: ADPycdt3eYj1adnU_IiguQ6VZMnyojPHHcd6gsSScWmuJK80tYS20fRMiv9iOjAqPbqlr-pdCLXaBwxPmaMjJUVc0I8
x-cache: HIT, HIT
fastly-io-info: ifsz=3360 idim=600x14 ifmt=jpeg ofsz=78 odim=600x14 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 78
fastly-io-warning: Failed to apply profile
x-served-by: cache-iad-kjyo7100154-IAD, cache-hhn4062-HHN
server: UploadServer
x-timer: S1648958280.342916,VS0,VE1
etag: "DdB1qn8kXa9UQKWzHdEnihwyaVGeRe2NpXBdw5qGBio"
vary: Accept
x-goog-hash: crc32c=up8kew==, md5=Zna0ISGTP09ULes4YVg5CA==
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 08 Mar 2022 06:02:00 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 10db-newsletter-hollywood-jumbo.jpg
static01.nyt.com/images/2022/01/10/multimedia/10db-newsletter-hollywood/ 95 KB
96 KB 7ms
7ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/10/multimedia/10db-newsletter-hollywood/10db-newsletter-hollywood-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 626248e1e4cf20cb035e5fd63242020455446abfe1e0227b43b92623bc3b7583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 108018
x-guploader-uploadid: ADPycdsUQY3YMZyrWMXpswJUSbM590Llu9vxDGCJfn1VHnwm2XtWOYf3TiPpuYvj9r9gwFUOMVIZ0U95Zhuat5yL4O32gnLZrg
x-cache: HIT, HIT
fastly-io-info: ifsz=173789 idim=1024x683 ifmt=jpeg ofsz=97238 odim=1024x683 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 97238
x-served-by: cache-iad-kjyo7100177-IAD, cache-hhn4062-HHN
server: UploadServer
x-timer: S1648958280.343014,VS0,VE0
etag: "g9TD54VE0tiTynDt5S43Kx37etGBRFZ9lL0SOvXQ65Q"
vary: Accept
x-goog-hash: crc32c=lH4bsA==, md5=uGR9thk8p0E0lf6DJgnBbg==
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 01 Apr 2022 21:57:42 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/ 103 KB
15 KB 16ms
6ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d833cea63dd75b498747482b57fc177b4a1f5b63dcb60a65da615776f9106a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 308862
x-cache: HIT
content-length: 14700
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Tue, 29 Mar 2022 20:20:00 GMT
server: nginx
x-timer: S1648958280.352461,VS0,VE0
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 31

GET
H2 200 untitled5
mwcm.nyt.com/dam/LP/payment-methods/ 2 KB
1 KB 15ms
7ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 445656
x-cache: HIT
content-length: 1081
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
x-timer: S1648958280.352565,VS0,VE0
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 32

GET
H2 200 untitled2
mwcm.nyt.com/dam/LP/payment-methods/ 6 KB
3 KB 16ms
8ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 270691
x-cache: HIT
content-length: 2844
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
x-timer: S1648958280.352618,VS0,VE0
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 29

GET
H2 200 untitled3
mwcm.nyt.com/dam/LP/payment-methods/ 7 KB
7 KB 16ms
8ms Image
image/png 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d075009cee62d0a87d946a0104e53e0c4710a4981cb768ae1716c2a84330887e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
age: 429232
x-served-by: cache-hhn4062-HHN
x-origin-server: mwcm-pub-est10.prd.iad1.nyt.net
x-cache: HIT
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1648958280.352686,VS0,VE0
content-length: 7212
x-cache-hits: 33

GET
H2 200 untitled
mwcm.nyt.com/dam/LP/payment-methods/ 8 KB
8 KB 16ms
8ms Image
image/png 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7d22efecc1ac7058e7cd58bf4319d05257b446be0ac2fb3df96902eb3062906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
age: 429232
x-served-by: cache-hhn4062-HHN
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
x-cache: HIT
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1648958280.352750,VS0,VE0
content-length: 8589
x-cache-hits: 31

GET
H2 200 untitled1
mwcm.nyt.com/dam/LP/payment-methods/ 2 KB
898 B 17ms
9ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 502b6c6c8971aa0e41511b25ba01c7383dcd68d56aad8c86c36e31c7c62e8bff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 448135
x-cache: HIT
content-length: 777
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:20 GMT
server: nginx
x-timer: S1648958280.352800,VS0,VE0
x-origin-server: mwcm-pub-est04.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 30

GET
H2 200 untitled0
mwcm.nyt.com/dam/LP/payment-methods/ 9 KB
10 KB 8ms
6ms Image
image/png 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9a720db6eb6308cbab1a6a56eda103c0f38919581d36ca79e97ff44bb58c146

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
last-modified: Wed, 26 Jan 2022 18:05:19 GMT
server: nginx
age: 429231
x-served-by: cache-hhn4062-HHN
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
x-cache: HIT
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-timer: S1648958280.363403,VS0,VE0
content-length: 9593
x-cache-hits: 172

GET
H2 200 untitled4
mwcm.nyt.com/dam/LP/payment-methods/ 790 B
523 B 8ms
7ms Image
image/svg+xml 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwcm.nyt.com/dam/LP/payment-methods/untitled4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 230749
x-cache: HIT
content-length: 383
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 18:05:20 GMT
server: nginx
x-timer: S1648958280.363479,VS0,VE0
x-origin-server: mwcm-pub-est01.prd.iad1.nyt.net
content-type: image/svg+xml;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 170

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 139 KB
41 KB 8ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfe53b6293dc23048099cd1a65be73e2a734c668cca2f950304d78af4ca42749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 308862
x-cache: HIT
content-length: 41845
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Tue, 29 Mar 2022 20:20:00 GMT
server: nginx
x-timer: S1648958280.363542,VS0,VE0
x-origin-server: mwcm-pub-est07.prd.iad1.nyt.net
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1889

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/ 23 KB
6 KB 9ms
8ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-19b4c4b01ddefd4eb64e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1f629246648e29793e262cdc526d5b24b932cc87220d9d95e74b6121cfdcd10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 308862
x-cache: HIT
content-length: 6163
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Tue, 29 Mar 2022 20:20:00 GMT
server: nginx
x-timer: S1648958280.363623,VS0,VE0
x-origin-server: mwcm-pub-est06.prd.iad1.nyt.net
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 32

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
99ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1398659
x-guploader-uploadid: ADPycdv6PyHIk6iHv1QkgLg-uhdcZPZA2SjOpMhjiidXloCJ23pawvgsVOMEpC3EuJp7ues2JDDif0n4z4fom2Xy0xI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20212
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:27:01 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958280.367465,VS0,VE0
etag: "abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984010934
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20212
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 26022

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 2260203
x-guploader-uploadid: ADPycdvkvhXPR6k5ZDLPCGXARjo93CnZ4rJjaGBoDLWqSmVaKzuzcMbTmko7NIIExCY0HaYxaVWR3wyW9PafkdwKJa0
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Wed, 08 Mar 2023 00:07:57 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958280.400482,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 34237

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 6ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1480271
x-guploader-uploadid: ADPycdv7Jbe5NltIEUwxTT1TqxTRwf5-ekAsOmKyFXrPrYrgg4TiuMTADqrq-dCv9GTtYZtveUDwCjikyvLwKmfHVRA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:46:48 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958280.402358,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 42692

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 7ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 12366219
x-guploader-uploadid: ADPycdsbmB0iGXrnj0YJIZxZlMCd46_nNAOz3Po7oc1jbUFbh_TztelAet_j9dEfjgeGE8bMBAavINFKWZRKFcfT-wI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 11 Nov 2022 00:54:21 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958280.405776,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 27683

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 15394544
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958280.405846,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 43396

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 8ms
8ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1395420
x-guploader-uploadid: ADPycdvIPZIYw1NBkpHTTfpG7gkHRGYKe3NHNPoDMZQ-r1e4cxzgfdFSi-IRYEfNNAE7QphfAYgf9Rv9u21FU8tdr0rL-ggwGA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:21:00 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1648958280.405923,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984069574
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23298

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 6ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1394529
x-guploader-uploadid: ADPycdvY8WJhPH2o51UBKNtWd0Dk-tItILgU4R8qBRhBzbpTrzzgW00aPTKX8rqD5dzh7pXo2P1M_W3WPANSLgfdtRw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:35:50 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958280.409868,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14948

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1482207
x-guploader-uploadid: ADPycdtBZqBpbz90ljo3tQBZHfz3GjPK98V-gsN5CqRG2m6oxMaWJGlqBMqEfFyxQye2GfLklS3ao7zJFnIVFotSO4-BdKZePQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:14:33 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958280.409961,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23565

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 6ms
6ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1398603
x-guploader-uploadid: ADPycdvPhS9_UXE__rDTkj-IeqV09yNXMap0QkVflYmTfC3EBGuUnfUUoKW5OM6TkgUcY0rhWNOPKeBF0T7-IO9_wyA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:27:57 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1648958280.411950,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982884098
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 30616

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
100ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
99ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 928 B
948 B 439ms
138ms XHR
application/json 3.231.136.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.231.136.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-136-214.compute-1.amazonaws.com
Software: envoy /
Resource Hash: b3a69ffe5632839077d4a69572ceed812559e0d2b27c07e00440b23c39a7b6a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 03:58:00 GMT
content-encoding: gzip
expires: Sun, 03 Apr 2022 03:58:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 95555bec07f17f09206f0efdc35ba953
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 40
access-control-allow-headers: Content-Type, x-requested-by
x-appengine-log-flush-count: 0

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 7ms
7ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Referer: https://mwcm.nyt.com/
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Sun, 03 Apr 2022 03:58:00 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 1395398
x-guploader-uploadid: ADPycduQGIVJj6hHfoUzoMRwTg2rofc5qVLBreF2HCHdUiLhZEBx-dHvQBc32PDQHvWYghNsuSiIXMKaCdHb0FB3Y7vRqN3EaQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 18 Mar 2023 00:21:22 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1648958281.540966,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982612741
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 22760

GET
H3

200

activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbu... Show response
5290727.fls.doubleclick.net/ Frame 4FD7
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fw...

580 B
414 B

24ms
23ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

02192f6a31e9a50eca7b52e9088722d402a668c552164319b3a1bbd056e2a01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 391
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:58:00 GMT
expires: Sun, 03 Apr 2022 03:58:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 03:58:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 1472ms
1472ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1643631000&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&dr=&ul=en-us&de=UTF-8&dt=The%20Pandemic%27s%20Hit%20to%20Awards%20Shows%20Hurts%20Hollywood%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gateway&ea=impression&el=MAG_web_nonsub_all_monthly-sale&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1187806058.1648958279&tid=UA-58630905-2&_gid=1291396412.1648958281&gtm=2wg3u0P528B3&cg1=business&cg2=dealbook&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html&cd3=&cd4=Business&cd9=9&cd10=null&cd12=DealBook&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000008152853&cd18=Andrew%20Ross%20Sorkin%2CJason%20Karaian%2CSarah%20Kessler%2CStephen%20Gandel%2CMichael%20J.%20de%20la%20Merced%2CLauren%20Hirsch%2CEphrat%20Livni&cd19=Must%20the%20Shows%20Go%20On%3F&cd20=DealBook%20Newsletter&cd21=Article&cd23=Business&cd25=DealBook&cd26=2022&cd27=2022-01-10-07&cd28=Monday&cd29=07&cd30=2022-01-10T12%3A10%3A22.456Z&cd32=Business%2CDealBook&cd33=SECTION%2CSECTION&cd34=NEWS&cd36=10db-newsletter-web&cd37=1753&cd38=Business&cd42=nyt-vi&cd43=Golden%20Globes%20(Awards)%2CSupply%20Chain&cd44=MacAndrews%20%26%20Forbes%20Holdings%20Inc%2CTesla%20Motors%20Inc&cd45=Perelman%2C%20Ronald%20O&cd48=January&cd49=heave_over_1600&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=PhMv5K66S4Dxsh4JbFH56e&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=PhMv5K66S4Dxsh4JbFH56e&z=927245884

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 02:28:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5359
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood...
adservice.google.com/ddm/fls/z/ Frame 4FD7 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLaVv6SA9_YCFXn31QodnKMIZQ;src=5290727;type=remar0;cat=gatew0;ord=1;num=4062215553744;gtm=2wg3u0;auiddc=603019548.1648958280;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F01%2F10%2Fbusiness%2Fdealbook%2Fhollywood-pandemic-box-office.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032908&jk=2656607243108854&bg=!iYqlis7NAAZku-1yRLs7ACkAdvg8WlXNvzqT4wreC0c-p8jHON3y51qy9VXT2aLW31IeUW2yywoeYAIAAABnUgAAAAJoAQeZAvr5_v6N-9_xIxhbQw6fQKT8SzZgBcj-9Kr8T_4xx581Gs0dX5Kjeumh-cj3E3qbvKymx0JWuNNyBAO5Mb7XbvxsYKDVoY_74K7dl5W9nM9AcflpBR7o7ixhZUgVbHo1GLPd-b_FNlf-awqgqLCKPrOVvwa3NXD_ZRXp0XPEhv9GQzW_wEfrr2MtLGVFJ8bwZ7udeN0xZ3wtIzKw93KWUJFWyxlh9pw-oupVLRIPz_5PJ-XtMsSqgdR6DiauzSQH4fi7oSHrB5Qo4jHUikrsyY9FXdFgAxivwT71e_s5HkfG6sAAIkiXU8pAEma00QF1KVpZs1D-fxb2g31KVLDOOUHs2VD8QzXylZdWW_lchZaUfOZT1oilHn1sD2iJNHEtMJ0012tAm2wJ4ueSHsFIR_popk-Ot828mLH-AajkC6dL57sPZSUVRc1kBcI2v6PteRq-e2kwDkpN5I3A6UHnGnASGE-idC9ciynBuub7jCuTCcanrJYFN5crBK4GuwAJ-M67xIL1DLVs7ebqniDn91pr7R9lVp6OXUu7doWrneptHAPu3eMcjCoj4ArEdeJkmWy7CThbzBZy3BdqNrRihep6TPY5UPR5AVZMyCw7PSxWgTcKQFqXBQs62JIqA75UlOFHsoaiBjGjZV4Zi0Xne81BG-Nvz9NG63wwBMKpi-2gDDMTxDTCB1C4H3vlj6DgYi1cB2yJKIP7sFYg-dn85lZa89ajLPnPTrVyW8FhpCRy3I1YCFPve106Fm7NGtsB76BMxHj_PLCTiNlP7s2vCgciEI7oZfnXEhhR2Tz2LKEZx1CFCVOkwA4QCCcJAswRk6ZTvnifm4eimDFduqlK9Us0TFiY6jGiZ_Cz4N3J1766DFjcZ55Er-IylmC3jBxqzVmptnU6Xq9HfH8wkKrjRqIlmVWpuqGPb1aCC-CJrrCqYGZbe2z44J4lPBwlxJx9Zq4FilU5q-xZzoRCFu9VoQ0XVlqHUr7ByKyBYpnK0OmafKlKNhZuEpHEbFU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FA72 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7tRxjW2iGhZzrA_f-6Icn3q5UT1C87mWbhYl9mqq-KPwBNwKr6m0sZzXBx0uJYw74dcnY8es70qTPrXQQgNBVFG42P5eNoSs1m1m7vGiuAIrHgNUJ&sig=Cg0ArKJSzDM6b4JG_LmjEAE&id=lidar2&mcvt=1001&p=77,0,347,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2415271210&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648958280206&rpt=448&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Apr 2022 03:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
105ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
99ms Ping
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET service-worker-test-1648827868204.js
www.nytimes.com/vi-assets/static-assets/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/service-worker-test-1648827868204.js

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theskimm.com/	1970-01-20 10:48:35	Name: sailthru_hid Value: 218bc394e1e218e07c574a588909d45d5f28f97c42e4267fdd54d1ab99217c5c29dc70fb35400856d3069e04
.theskimm.com/	1970-01-20 02:02:49	Name: sailthru_bid Value: 27238753.4838132
.skimmth.is/	1970-01-20 06:21:50	Name: _bit Value: m333VV-4f04528059e627706c-00O
.nytimes.com/	1970-01-20 10:48:14	Name: nyt-a Value: PhMv5K66S4Dxsh4JbFH56e
.nytimes.com/	1970-01-20 02:02:59	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 10:48:14	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 02:02:59	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 02:02:59	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 41d013fa13de41ddbc5fd6b5756c2a0c
.et.nytimes.com/	1970-01-20 02:02:40	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 10:48:14	Name: sessionIndex Value: 1\|1648958277405\|PhMv5K66S4Dxsh4JbFH56e\|1648958277405
.et.nytimes.com/	1970-01-20 02:04:04	Name: et-ppvid Value: https://www.nytimes.com/2022/01/10/business/dealbook/hollywood-pandemic-box-office.html=JfvDf12TD2P_SXOugQjbasYE
.google.com/	1970-01-20 06:26:09	Name: NID Value: 511=CbCHuwT2VHShq1XkjBqfanw2EpehCba44VTArpFp6CStYN0BpZnFctX5UHCJTpMln6peucwEgWPs1aFhpaQqC3HOaeS9HSc3EVYirbJ9U-7EAqDMuwyoDVxDOy7JaPCEtfpeeh55E9IBPTKfv_GKHGa3n1-o1A-hWqGiL9NIC54
.nytimes.com/	1970-01-21 21:52:04	Name: nyt-m Value: 64B313FDCAB36052AD45E29FCC1E25B6&ica=i.0&iue=i.0&iub=i.0&s=s.core&ft=i.0&g=i.1&vp=i.0&igu=i.1&t=i.0&prt=i.0&ier=i.0&igd=i.1&imv=i.0&v=i.0&iru=i.1&ird=i.0&er=i.1648958278&vr=l.4.0.0.0.0&fv=i.0&ira=i.0&e=i.1651392000&n=i.2&pr=l.4.0.0.0.0&cav=i.1&imu=i.1&iga=i.0&rc=i.0&ifv=i.0&igf=i.0&iir=i.0&uuid=s.aa86e5a7-c78b-4550-8c8e-938cce04432a
.nytimes.com/	1970-01-20 02:03:50	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.a.nytimes.com/	1970-01-20 10:48:14	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 02:03:50	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.doubleclick.net/	1970-01-20 11:24:14	Name: IDE Value: AHWqTUk3n4eL6tUJmXj3fttaPPWLFxoixRFlq8KkCQ1_Zz4el_LWiLpxf31QyGeklGs
.nytimes.com/	1970-01-20 11:24:14	Name: __gads Value: ID=384d25524839233c:T=1648958279:S=ALNI_Ma6XaF_j5SBiOY3D1Go605c2mAlhA
.nytimes.com/	1970-01-20 11:32:08	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-20 10:48:14	Name: datadome Value: .1h_A4Q~nn0zyTgv.ASYyQCNUcLMpPfOlNPs1g3uTpvjWuh4mHaeqzC~QD-nT4WdAFK~YDEi~KKj7F~qe~~~Twh4.S5WnuUs3Ai.gAhGZABppCa1wWxzihdDt.deQ~kv
.nytimes.com/	1970-01-20 04:12:14	Name: _gcl_au Value: 1.1.603019548.1648958280
www.nytimes.com/	1970-01-20 11:31:26	Name: _cb_ls Value: 1
www.nytimes.com/	1970-01-20 11:31:26	Name: _cb Value: DrKMKiClYiVrBuuAqc
www.nytimes.com/	1970-01-20 11:31:26	Name: _chartbeat2 Value: .1648958280534.1648958280534.1.CYfAYRCe8gJZDFo81iDJzZFiBhuMrx.1
www.nytimes.com/	1970-01-20 02:02:40	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 19:33:50	Name: walley Value: GA1.2.1187806058.1648958279
.nytimes.com/	1970-01-20 02:04:04	Name: walley_gid Value: GA1.2.1291396412.1648958281
.nytimes.com/	1970-01-20 02:02:38	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-23 17:38:38	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MjQ5MWI0OGI4OWJkMzAwMDEyNTliYjUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQ4OTU4MjgwfQ.CyPTYmBbku4QF1t_tvNO3j-Rceb-c8FkDdkYGBGf6uM
.nytimes.com/	1970-01-20 10:48:14	Name: nyt-jkidd Value: uid=0&lastRequest=1648958280863&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1648958279035&isNew=0&pageIndex=2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
a106887d0f410c170db0f58466c5563f.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
als-svc.nytimes.com
dd.nytimes.com
fonts.googleapis.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
link.theskimm.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
skimmth.is
static.chartbeat.com
static01.nyt.com
static01.nytimes.com
tpc.googlesyndication.com
vp.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nytimes.com
samizdat-graphql.nytimes.com
www.nytimes.com
142.250.185.198
142.250.185.226
151.101.1.164
151.101.193.164
2600:9000:223c:8600:18:1fcd:34f:cdc1
2a00:1450:4001:801::2013
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a06:98c1:3120::7
2a06:98c1:3121::7
3.226.166.212
3.231.136.214
35.171.62.124
35.241.35.241
35.244.188.62
52.222.236.105
52.223.40.198
67.199.248.13
02192f6a31e9a50eca7b52e9088722d402a668c552164319b3a1bbd056e2a01d
02e536435234ddbacf0aa75050b286e42dfcefb62837b4336c259ae4c490815b
05953e087b84175f862d132105afc4b440e3ba2018ae0314e300c3bba6f6cb8f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f79a2d9be54d2dce60809651803a32c30f55c98439570143df3e731fa9c9a09
0fcec245a6700fd5df148c19215cc9b643efe7f62044075e35dcdaf4f56723fc
116b94244fe1303e7f89edebc45a7024bfab3a47c0492b5b68a7a67913203a4b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
175610b2f414f0bb03c34b7f0c167de09f1157eeb6cb614ac16850a1b4329dbe
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
19195533133b2d5cf2cc8fc1d489120e453dd814075b3a95a09db6c339c6d1d3
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1ebe1ba5209cef20f97aab962fd4e5cf06dbb3bd76be269c7b0918ff14713c70
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
3057214a2c9a88c0b9b3e14eecb42227d2a60729129b4c3100ebe92370fba7b7
310f9643234b0256763c6632580d8d5925e72fc695ec15ee27e43418744ac1e7
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
3b4806b7e1d8a1b140b681b779aa16b3ca8b124852511b0b70b024b65d9053e1
3bda03c62fd1d0deac48897f0b79be87afe71bb0ad6c1b2ae88124e1ce3a0a49
3c47a3721853fb9785f419f0b177c253c67ec3d3876e44718f6094f1b0c5c52e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
423a6ea9de9c60d9d19fa7518df147464be20963dd1c4ba5d199f610e9405e6e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4951f36a5625e4e5f69e8c6f41c19ebeda96a77cf9db237cb6acd77a14d079ae
4d9acda6183478a484afed812cf748803ff056cf5ba9da7dc3a5a576bb308a35
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
502b6c6c8971aa0e41511b25ba01c7383dcd68d56aad8c86c36e31c7c62e8bff
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5137204503a6bb4a83d9f4e415d18e526a3a453e26d4d0f358c39fa18598e34c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57b6192493a30f1f0f6ea880c89230d6cb2550fa182584777d180c04432d7851
57da4ecd9b753be7827deb9fb038377eede39723387ae14dccdea6d60b498490
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626248e1e4cf20cb035e5fd63242020455446abfe1e0227b43b92623bc3b7583
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33
68d7d28d6a05a851cc7af731a1a25ba0a3bc2dbb9a136c475db5c4969eed384c
6aec5046b00d1e1d628b212d99cffd4d938263d111e7fa394539165c340e8bdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dce7a9e15ef8c12ae23fefccb2790b7e9b93023ba91d8742c99e24a12b232e6
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
73a43d00ac67f87137762a9f573149fe0d3b3628971e7f2ad062e950a539634b
74f4d3189d342c2710ac60bc3d7ac1168a9ee24867045e22a7943573dea01c0c
752bec820a04c666cfcf3e51a26a952817996bbb1b88b5c2c5f1af5bfd8f7914
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
81ba1ee0ac9dd087f7bf1f9cd2b5e30d04487a018b52061323dc7c8728557d7f
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d4c5a89f243f95317ce73e0319ef4994bd4c8c400b4606a9a69cc46c5b418e
8658fc44ca45cf40ee56d54bccb269e8cbca4ad85f1ea1bfbbc5faf127a7dec3
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94ff2a55bf15b3b90f9ea670a0a213bf98c96163d7ebb4e11bc8966ef6c3b0d2
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04
9a8cf8f4f9f74e48811a4e9389ac2f7bf29a60200ac1851ec1fe4c55e2d2e305
9c113320c2d84263ae9305df3d86529fcb0a8df6d834be835735deccc9357869
9fbbf24681bc6e5db446ad19c4165f72ffbe683d1e0a34529dcee4450bca31ba
a03fd4fa8bfe09e690a463a32059e70620da891ad3490534ff949dbbf6d4ad6e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f629246648e29793e262cdc526d5b24b932cc87220d9d95e74b6121cfdcd10
a3217ee0e67e47670757f7f2a980eceb0411df08ac836fb3365ba2df0567054f
a401f42c7cf70bb2f77b332dfea1e1bd0064dd6f1da2abee49dd6d3c265edb9c
a4178c8d3be35e353bbc44d2806357c45c522af9413be4845bb9e6a95567a867
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
b07c206a26d1e917370dcc2b6289973d12afbc3868644e5985f029c68a5c85e1
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b3a69ffe5632839077d4a69572ceed812559e0d2b27c07e00440b23c39a7b6a4
b52a3900cce7e1bc31b1a7cc40b9e42e3ad70c48269602152f9ec51bcde5bbd9
b67c18df34f4e8fe9188cd80064115df938bb0325c562457838abee405ab1e3e
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c0c572d5836a69f0b4d0dc4b6199d9575d2581493f7c99c5d98160a6aafb164c
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c50eee5fcbe9202084502bc71038eff9ee41a8091f85ebebf473293db8fa7e9c
c63ae5902dc357e97755802d79a7342af432b88a739614ed0fefee0d012b2465
c64d8c08074a3ccd62836cd9c1d0d1fd2a82bc5d22e08be8a16bbd2297fe4d1f
c84d6c406e5be8217d3c54e50d4c7655895a2e452b3242233f8e5960323cfc39
c8b520b66c0e1fdf690cb0f5c481789fee8b42ac86c773f696ba9e383d1b0477
c9fb083529541e219ad17a00cb201b3dba9dabcdcc01eae4eb9ac04b8cb72216
cc49996658507fab7a30a2e9cf53cfb8ddd903d86ad652d776fd5fc08e2938f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d010f632cc66c27cd5f9d470dc2d8f448e0ce15b679c67c68c0d333117407fe8
d075009cee62d0a87d946a0104e53e0c4710a4981cb768ae1716c2a84330887e
d50ec1f5223fcbce3a13045b2f0eb4f11b186c83e9e7770b121c504d25c5fc80
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d7d22efecc1ac7058e7cd58bf4319d05257b446be0ac2fb3df96902eb3062906
d833cea63dd75b498747482b57fc177b4a1f5b63dcb60a65da615776f9106a8f
d9a720db6eb6308cbab1a6a56eda103c0f38919581d36ca79e97ff44bb58c146
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
dfe53b6293dc23048099cd1a65be73e2a734c668cca2f950304d78af4ca42749
e00e4aa270bcdab5c0083257519e64652bc2272bd36d2ebd45c9b83e03a862b5
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44027ee643a87c2b6ee2cbd3e738302be02274940dede3f3aa13d0bd15aae57
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e6ca48de751ff3f006cefa78db99f8b0223e88b6d0564ea70e3c708d9312767f
e882cd327e627743fd88b31927af9f357b9f5a2432fd1e40b2fd801f3cde28a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f003d6c3dc1bc7c460f369f79c4085ac19fdc84fda7c8f178fdb57968879d373
f20e8b3bf22a3042f9598ef6327344c65bfeaf07e13e27aace075563e619dbb3
f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda
f43bb16702383a36c9cf3ad0f5b08fbd6f651053ae58826804fafcc748adeac4
f468c98e35724fa3b7fa006bea51de1bd3e0917efd14aafdfad0420631b76221
fa3cc3b75f047e0168ce21f11ef0dc4c4fd2365a260affc0eca72ddf54555d66

www.nytimes.com Open in urlscan Pro 151.101.193.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

98 %HTTPS

59 %IPv6

17 Domains

40 Subdomains

28 IPs

2 Countries

3787 kBTransfer

11966 kBSize

32 Cookies

15 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.193.164 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

98 %
HTTPS

59 %
IPv6

17
Domains

40
Subdomains

28
IPs

2
Countries

3787 kB
Transfer

11966 kB
Size

32
Cookies

170 HTTP transactions
1 data transactions