Submitted URL: http://lnk.ozy.com/click/gb01-2mtvlq-5ro1kt-jsouk879/
Effective URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02....
Submission: On February 14 via api from IE — Scanned from CA

Summary

This website contacted 58 IPs in 4 countries across 47 domains to perform 214 HTTP transactions. The main IP is 151.101.129.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 4510.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.97.124.126 16509 (AMAZON-02)
50 151.101.129.164 54113 (FASTLY)
1 2a04:4e42:400... 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
12 52.3.42.214 14618 (AMAZON-AES)
8 151.101.1.164 54113 (FASTLY)
2 52.54.49.121 14618 (AMAZON-AES)
2 2600:9000:25c... 16509 (AMAZON-02)
3 18.238.10.22 16509 (AMAZON-02)
12 151.101.65.164 54113 (FASTLY)
6 2607:f8b0:400... 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 4 34.98.64.218 396982 (GOOGLE-CL...)
2 3 68.67.179.166 29990 (ASN-APPNEX)
1 54.165.236.171 14618 (AMAZON-AES)
5 2602:803:c002... 26667 (RUBICONPR...)
4 18.238.4.128 16509 (AMAZON-02)
2 4 18.238.4.110 16509 (AMAZON-02)
10 18.238.3.30 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.80.38 15169 (GOOGLE)
1 2600:9000:25c... 16509 (AMAZON-02)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
10 11 35.71.131.137 16509 (AMAZON-02)
9 12 142.250.81.226 15169 (GOOGLE)
6 9 8.43.72.97 26667 (RUBICONPR...)
5 6 54.175.87.114 14618 (AMAZON-AES)
2 15 209.54.182.161 16509 (AMAZON-02)
1 34.227.243.32 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 20.40.202.2 8075 (MICROSOFT...)
1 2600:141b:900... 20940 (AKAMAI-ASN1)
1 6 96.17.64.29 16625 (AKAMAI-AS)
2 10 192.40.39.223 27381 (CASALE-MEDIA)
2 23.200.192.201 16625 (AKAMAI-AS)
2 104.127.172.242 16625 (AKAMAI-AS)
4 5 52.223.22.214 16509 (AMAZON-02)
4 5 151.101.2.49 54113 (FASTLY)
1 35.244.159.8 15169 (GOOGLE)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 1 74.119.119.150 19750 (AS-CRITEO)
2 2 3.83.59.245 14618 (AMAZON-AES)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
1 104.36.115.113 62713 (AS-PUBMATIC)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 1 199.38.167.131 54312 (ROCKETFUEL)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 52.0.74.68 14618 (AMAZON-AES)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2 185.167.164.43 198622 (ADFORM)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
4 4 15.235.15.221 16276 (OVH)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 96.17.64.208 16625 (AKAMAI-AS)
3 8.28.7.83 62713 (AS-PUBMATIC)
1 1 35.236.220.17 396982 (GOOGLE-CL...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 162.248.18.37 62713 (AS-PUBMATIC)
1 67.220.226.232 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 8.28.7.84 62713 (AS-PUBMATIC)
214 58
Apex Domain
Subdomains
Transfer
46 nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 4510
a.et.nytimes.com — Cisco Umbrella Rank: 8256
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 9942
als-svc.nytimes.com — Cisco Umbrella Rank: 13713
dd.nytimes.com — Cisco Umbrella Rank: 17027
meter-svc.nytimes.com — Cisco Umbrella Rank: 18382
a.nytimes.com — Cisco Umbrella Rank: 10703
purr.nytimes.com — Cisco Umbrella Rank: 11028
myaccount.nytimes.com — Cisco Umbrella Rank: 15486
mwcm.nytimes.com — Cisco Umbrella Rank: 16748
csp.dev.nytimes.com — Cisco Umbrella Rank: 75658
1 MB
42 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 12833
static01.nyt.com — Cisco Umbrella Rank: 8050
int.nyt.com — Cisco Umbrella Rank: 71858
a1.nyt.com — Cisco Umbrella Rank: 10107
mwcm.nyt.com — Cisco Umbrella Rank: 31901
typeface.nyt.com — Cisco Umbrella Rank: 50093
2 MB
29 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 712
s.amazon-adsystem.com — Cisco Umbrella Rank: 373
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1003
68 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 255
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 13279
cm.g.doubleclick.net — Cisco Umbrella Rank: 308
171 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
pixel.rubiconproject.com — Cisco Umbrella Rank: 442
eus.rubiconproject.com — Cisco Umbrella Rank: 786
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1712
token.rubiconproject.com — Cisco Umbrella Rank: 803
20 KB
11 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 827
match.adsrvr.org — Cisco Umbrella Rank: 426
7 KB
11 googlesyndication.com
d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
49 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 687
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 883
8 KB
9 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 704
image6.pubmatic.com — Cisco Umbrella Rank: 1001
image2.pubmatic.com — Cisco Umbrella Rank: 1431
simage2.pubmatic.com — Cisco Umbrella Rank: 962
simage4.pubmatic.com — Cisco Umbrella Rank: 1646
25 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 393
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 719
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1655
3 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1834
cs.media.net — Cisco Umbrella Rank: 2290
contextual.media.net — Cisco Umbrella Rank: 787
6 KB
6 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 11170
iteratehq.com — Cisco Umbrella Rank: 9622
32 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 794
eb2.3lift.com — Cisco Umbrella Rank: 501
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 987
1 KB
5 openx.net
nytimes-d.openx.net — Cisco Umbrella Rank: 20857
u.openx.net — Cisco Umbrella Rank: 953
us-u.openx.net — Cisco Umbrella Rank: 705
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3221
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 203
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 550
899 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 405
2 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3967
collector.brandmetrics.com — Cisco Umbrella Rank: 4619
17 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 129
www.google.com — Cisco Umbrella Rank: 18
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 303
3 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1147
878 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 917
967 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4818
564 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1284
1 KB
2 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 12988
668 B
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 9652
766 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1638
c.go-mpulse.net — Cisco Umbrella Rank: 716
51 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
20 KB
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13837
832 B
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2401
128 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109
149 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 765
517 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1271
518 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1185
659 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 837
436 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5749
392 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3544
420 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1275
756 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 912
530 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6762
378 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
48 KB
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 10488
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2060
15 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6668
1 KB
1 ozy.com
lnk.ozy.com — Cisco Umbrella Rank: 705408
553 B
214 47
Domain Requested by
18 static01.nyt.com www.nytimes.com
rumcdn.geoedge.be
15 s.amazon-adsystem.com 2 redirects rumcdn.geoedge.be
s.amazon-adsystem.com
u.openx.net
eus.rubiconproject.com
ssum-sec.casalemedia.com
ads.pubmatic.com
12 cm.g.doubleclick.net 9 redirects u.openx.net
eus.rubiconproject.com
12 samizdat-graphql.nytimes.com www.nytimes.com
12 g1.nyt.com www.nytimes.com
g1.nyt.com
mwcm.nyt.com
11 www.nytimes.com www.nytimes.com
d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
10 match.adsrvr.org 9 redirects ssum-sec.casalemedia.com
10 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
9 a.et.nytimes.com www.nytimes.com
myaccount.nytimes.com
7 dsum-sec.casalemedia.com 1 redirects u.openx.net
ssum-sec.casalemedia.com
um2.eqads.com
6 ups.analytics.yahoo.com 5 redirects www.nytimes.com
6 securepubads.g.doubleclick.net www.nytimes.com
securepubads.g.doubleclick.net
d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
www.googletagservices.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 eb2.3lift.com 4 redirects www.nytimes.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 fastlane.rubiconproject.com www.nytimes.com
4 iteratehq.com platform.iteratehq.com
4 token.rubiconproject.com 4 redirects
4 pixel.onaudience.com 4 redirects
4 cs.media.net 1 redirects www.nytimes.com
4 mwcm.nyt.com www.nytimes.com
4 tpc.googlesyndication.com d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
rumcdn.geoedge.be
4 sb.scorecardresearch.com 2 redirects www.nytimes.com
4 dd.nytimes.com www.nytimes.com
dd.nytimes.com
myaccount.nytimes.com
4 int.nyt.com www.nytimes.com
int.nyt.com
3 image2.pubmatic.com ads.pubmatic.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 myaccount.nytimes.com rumcdn.geoedge.be
myaccount.nytimes.com
3 ib.adnxs.com 2 redirects www.nytimes.com
3 c.amazon-adsystem.com www.nytimes.com
c.amazon-adsystem.com
2 platform.iteratehq.com www.nytimes.com
platform.iteratehq.com
2 simage2.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
2 pm.w55c.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 contextual.media.net www.nytimes.com
2 rtb2-useast.marketiq.com 2 redirects
2 us-u.openx.net www.nytimes.com
u.openx.net
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 typeface.nyt.com myaccount.nytimes.com
2 cdn.brandmetrics.com www.googletagmanager.com
rumcdn.geoedge.be
2 a1.nyt.com www.nytimes.com
www.googletagmanager.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2 adservice.google.com rumcdn.geoedge.be
5290727.fls.doubleclick.net
2 adservice.google.ca rumcdn.geoedge.be
adservice.google.com
2 a.nytimes.com www.nytimes.com
myaccount.nytimes.com
2 rumcdn.geoedge.be www.nytimes.com
rumcdn.geoedge.be
2 www.googletagmanager.com www.nytimes.com
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 www.google.com rumcdn.geoedge.be
1 csp.dev.nytimes.com s.go-mpulse.net
1 px.ads.linkedin.com eus.rubiconproject.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 ad.turn.com 1 redirects
1 um.simpli.fi 1 redirects
1 tags.bluekai.com ads.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 s.company-target.com 1 redirects
1 p.rfihub.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 s.go-mpulse.net myaccount.nytimes.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 www.googletagservices.com d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
1 pnytimes.chartbeat.net www.nytimes.com
1 insight.adsrvr.org 1 redirects
1 static.chartbeat.com www.nytimes.com
1 mwcm.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 meter-svc.nytimes.com www.nytimes.com
1 tlx.3lift.com www.nytimes.com
1 nytimes-d.openx.net www.nytimes.com
1 prebid.media.net www.nytimes.com
1 als-svc.nytimes.com www.nytimes.com
1 js.sentry-cdn.com www.nytimes.com
1 lnk.ozy.com 1 redirects
214 90
Subject Issuer Validity Valid
nytimes.com
Thawte RSA CA 2018
2022-03-14 -
2023-04-14
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
a.et.nytimes.com
R3
2023-02-01 -
2023-05-02
3 months crt.sh
als-svc.nytimes.com
R3
2023-02-12 -
2023-05-13
3 months crt.sh
gw.geoedge.be
Amazon
2022-09-12 -
2023-10-10
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-03 -
2023-04-02
a year crt.sh
meter-svc.nytimes.com
R3
2023-01-11 -
2023-04-11
3 months crt.sh
a.nytimes.com
R3
2023-01-10 -
2023-04-10
3 months crt.sh
purr.nytimes.com
R3
2022-12-24 -
2023-03-24
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.google.ca
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
*.brandmetrics.com
GTS CA 1P5
2023-01-12 -
2023-04-12
3 months crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-15 -
2023-04-19
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
um3.eqads.com
Amazon
2022-06-11 -
2023-07-09
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
www.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh

This page contains 23 frames:

Primary Page: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Frame ID: 6DAB679FEFD4721893CD09C0F858EB8D
Requests: 122 HTTP requests in this frame

Frame: https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0AEA7AB745F4ED4683A5D2B539021ED
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Frame ID: 026034FBA7566E021768119E9C285F06
Requests: 1 HTTP requests in this frame

Frame: https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 408745902755DBA07E77F7287628E716
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: 9A736E6FCC66B12BD4E60ACBBDBF150F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Frame ID: 5571DF0EBA1F735144F974B33354561F
Requests: 1 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: 61836B0163B62290DF995A522EE00C95
Requests: 14 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Frame ID: C02CC9606892C3DE6A4C0B0F4EF0CCE3
Requests: 1 HTTP requests in this frame

Frame: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Frame ID: C424B6CAF04BF186B8FC0FE492825D7C
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 199B955C6066CE0F49C02BE746583CBA
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 970AB4CCB7F923325A615375D242BEA5
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: C9E4046EE30604D80FB647950CDFDF37
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: E8DF1AE82F881318716B9D5F3C190DBC
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1GNC5pNTZsRTJ1TEVoSFlRNXFiX1RNM0E2RDJBeWU5TH5B
Frame ID: A39663345E753BD9F7890A6B0A14FDAF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 69F157D66E912C1A88C2F7F7E610043D
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6456543293076970714&ex=appnexus.com
Frame ID: 440E3BB027D4C7613BB0B2E83F251E7B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1526667687484179826731
Frame ID: E8273D95D45A706C621833550D2F0C9F
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 19A563BADCC2CDF5669F9C498AF1ADE8
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
Frame ID: 098754E7864487E7E547978D7CA1E911
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: E0E4B1F8DAB61076BCDC5BE3749D410A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDE0826D71-B9CD-49FF-A1F0-C251CFCFBC85
Frame ID: 2862B8957492CF8F785CE23945A12DCD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4183D477C6177D9E16E2A50CC063443A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 73DF14D73AF5F8A051CEF249B6D6638C
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Police Say Gunman Is Dead After Shooting at Michigan State University - The New York Times

Page URL History Show full URLs

  1. http://lnk.ozy.com/click/gb01-2mtvlq-5ro1kt-jsouk879/ HTTP 302
    https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

214
Requests

84 %
HTTPS

32 %
IPv6

47
Domains

90
Subdomains

58
IPs

4
Countries

4089 kB
Transfer

11643 kB
Size

102
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lnk.ozy.com/click/gb01-2mtvlq-5ro1kt-jsouk879/ HTTP 302
    https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1676384081924&ns_c=UTF-8&c8=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1676384081924&ns_c=UTF-8&c8=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&c9=
Request Chain 95
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Request Chain 100
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=987858436 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZGEzMzk5ODYtZDg2Mi00YTk4LWJiZjUtZmRlYTAwM2IyNjM5&gdpr=0&gdpr_consent=&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639&google_gid=CAESECr-2I26S5CwhI2NgcrLhlo&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6456543293076970714&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-rhLULENE2uLpFvdIqm1C1H2srQw8fHI-~A&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=0&gdpr=0&gdpr_consent=
Request Chain 104
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 134
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3193856851454749000V10
Request Chain 136
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 139
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1GNC5pNTZsRTJ1TEVoSFlRNXFiX1RNM0E2RDJBeWU5TH5B
Request Chain 141
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6456543293076970714&ex=appnexus.com
Request Chain 142
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1526667687484179826731
Request Chain 148
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y_uXVQAHEqRNEQA_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_uXVQAHEqRNEQA_&_test=Y_uXVQAHEqRNEQA_
Request Chain 149
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=da339986-d862-4a98-bbf5-fdea003b2639&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=medianet&bsw_param=0914d83a-7bba-44af-9da1-f0d0c93f2e36 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dmedianet%26bsw_param%3D0914d83a-7bba-44af-9da1-f0d0c93f2e36 HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A7030510351426108912&exchange=685&ssp=medianet&bsw_param=0914d83a-7bba-44af-9da1-f0d0c93f2e36 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A7030510351426108912&expires=5&ssp=medianet&bsw_param=0914d83a-7bba-44af-9da1-f0d0c93f2e36 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0914d83a-7bba-44af-9da1-f0d0c93f2e36&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 151
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=5baff17e6f1613ae&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAIneeMuiewjwN2ieKKAAAAAAA&expiration=1676470485&is_secure=true
Request Chain 152
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd3d1a48-adb2-4256-95be-4d1e2a18bad1
Request Chain 153
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MsmCxGOl1PrW4Z5
Request Chain 157
  • https://match.adsrvr.org/track/cmf/openx?oxid=9310ddea-84f2-3a09-683a-2940500c7a3b&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=da339986-d862-4a98-bbf5-fdea003b2639&expiration=1678976085&gdpr=0&gdpr_consent=
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITvyYXxZXJxehAgOyFjrcE&google_cver=1
Request Chain 163
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LE4BSS0J-O-MCN3 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LE4BSS0J-O-MCN3&ex=d-rubiconproject.com&status=ok
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.uXVbF0Dm0Cglp3AIQQBQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7ypMSDVpiZ9iQabiPjwvg&google_cver=1&google_hm=2
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-uXVbF0Dm0Cglp3AIQQBQAAAJMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP28QJWE9Yn87qtvBgw66c8&google_cver=1
Request Chain 168
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y_uXVQAG5FtxuAAb HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_uXVQAG5FtxuAAb&_test=Y_uXVQAG5FtxuAAb
Request Chain 169
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758885154381963
Request Chain 170
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1692022485&external_user_id=6c23d632-002e-44cd-861f-7788b289495d
Request Chain 172
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 176
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4IJtcbnNSf-h8MJRz8-8hQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 180
  • https://idsync.rlcdn.com/420486.gif?partner_uid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEUwODI2RDcxLUI5Q0QtNDlGRi1BMUYwLUMyNTFDRkNGQkM4NRAAGg0I1a6unwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=037f7ceda807db4623bd6b856cfeab5a762fd7eb3baa7d2a12fb8687c198bbb6791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwMzdmN2NlZGE4MDdkYjQ2MjNiZDZiODU2Y2ZlYWI1YTc2MmZkN2ViM2JhYTdkMmExMmZiODY4N2MxOThiYmI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1a6unwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwMzdmN2NlZGE4MDdkYjQ2MjNiZDZiODU2Y2ZlYWI1YTc2MmZkN2ViM2JhYTdkMmExMmZiODY4N2MxOThiYmI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1a6unwYSBAgCEABCAEoA&google_gid=CAESEChZU0o2G0nHTohBXbC7qbI&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=189ff973-b1d5-44a0-b532-7da9660cc2c6
Request Chain 181
  • https://pixel.onaudience.com/?partner=214&mapped=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-iwWnPrxE2pRFfAClrcgo_W7RSvTmxmmC1Q--~A&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=da339986-d862-4a98-bbf5-fdea003b2639&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=932625c9a02cf235
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTA4MjZENzEtQjlDRC00OUZGLUExRjAtQzI1MUNGQ0ZCQzg1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcETpGv9mGqte0Qp3ye-F8&google_cver=1
Request Chain 184
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A3F51CBB47514622B71CB37E13E3FD70
Request Chain 185
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7620079821392486248&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 186
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=
Request Chain 187
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NEURYnlsPl8bb2gMPblTeA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wD7ApZhE2oJ9UnVuh8nt2xtJ8hUoun_dphEm6A--~A
Request Chain 189
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=&expires=30
Request Chain 190
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4BSS0J-O-MCN3
Request Chain 191
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7ayZDw_sRkWfjyl4Yf01TQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7ayZDw_sRkWfjyl4Yf01TQ
Request Chain 192
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDdmZDVlYzc4ZmM2ODIyNDhlZjhkZmIxMTJhNjc1NThkM2JkZTIwMw
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK5d5mb9ClKfBDtnXIWgGM8&google_cver=1
Request Chain 194
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0QlNTMEotTy1NQ04z
Request Chain 200
  • https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

214 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request michigan-state-shooting
www.nytimes.com/live/2023/02/13/us/
Redirect Chain
  • http://lnk.ozy.com/click/gb01-2mtvlq-5ro1kt-jsouk879/
  • https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
1017 KB
167 KB
Document
General
Full URL
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e25ce582dfe275a43a98584d7babde9df9606515ce460fe5b9bdde39b9866c7e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
378
cache-control
s-maxage=30,no-cache
content-encoding
gzip
content-length
168902
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 14:14:41 GMT
fastly-restarts
1
last-modified
Tue, 14 Feb 2023 14:08:22 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/live/2023/02/13/us/michigan-state-shooting
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
5f4709b93ba74150b40d8c3de60e90cc
x-cache
MISS, HIT
x-cache-hits
2, 1
x-cloud-trace-context
fa1e7b10841fab4c0fb404aaa39a913f/11530454710002708638;o=1
x-content-type-options
nosniff
x-datadome
protected
x-datadome-timer
S1676383703.559387,VS0,VE5
x-frame-options
DENY
x-gdpr
0
x-nyt-app-webview
0
x-nyt-data-last-modified
Tue, 14 Feb 2023 14:08:22 GMT
x-nyt-edge-cache
MISS-HIT
x-nyt-route
vi-story
x-origin-time
2023-02-14 14:08:23 UTC
x-pagetype
vi-liveblog
x-scoop-last-modified
2023-02-14T13:24:31.291Z
x-served-by
cache-lga21972-LGA, cache-yul12820-YUL
x-timer
S1676384081.218324,VS0,VE8
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Feb 2023 14:14:41 GMT
Location
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Refresh
0; URL=https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Server
Microsoft-IIS/8.5
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 14:23:55 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2245845
x-guploader-uploadid
ADPycdvTxDxZkBwxaxClZG4XN5QZIjz62IdiEo_qvKoVXWIdxEnMJ_5lHyZa319eIqvWBUxC1cQSKHKd6rMmurrwiG7O
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-yul12820-YUL
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1676384081.355577,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
Accept-Encoding
x-goog-generation
1673991774978541
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
76869
global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/
6 KB
3 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
10794281
x-guploader-uploadid
ADPycdsFQVsmAlqpUalV5LYNub7MSxZy34BL-NV6L5Pkm3RdMStdaZOiNC25lQqKLP7PwP7ownLyHE-RbXeFNhJklO0icg
x-goog-stored-content-encoding
identity
x-origin-time
2022-10-12 15:49:58 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384081.246115,VS0,VE1
etag
"e74f8b7c668251280cf3e52e20455a1c"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1665589250507895
content-type
text/css; charset=utf-8
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
76559
expires
Thu, 12 Oct 2023 15:49:58 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1968
last-modified
Wed, 12 Oct 2022 15:40:50 GMT
server
UploadServer
x-goog-hash
crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr
0
x-goog-stored-content-length
5656
accept-ranges
bytes
adslot-9349dd2c5537218e254e.js
www.nytimes.com/vi-assets/static-assets/
22 KB
9 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
89c621cba92a10f0b3c8cd9cfeec1cc73e961d101f05b4507ca33cdeebc0c37e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1822929
x-guploader-uploadid
ADPycdvwmfb0skAFk0qfPQxdoxnzuKU70p74LHQ1ITRdhi_hs9dWWTD_7OaVRrvGg_-3V8Tz9HSQwAV2W13yv14GkwzTcZ2S8eoC
x-goog-stored-content-encoding
identity
x-origin-time
2023-01-24 11:52:31 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384081.267465,VS0,VE1
etag
"45251e92ac8641f6c1e329c20d675791"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1674035311415019
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
41699
expires
Wed, 24 Jan 2024 11:52:31 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7770
last-modified
Wed, 18 Jan 2023 09:48:33 GMT
server
UploadServer
x-goog-hash
crc32c=C012dQ==, md5=RSUekqyGQfbB4ynCDWdXkQ==
x-gdpr
0
x-goog-stored-content-length
22178
accept-ranges
bytes
7bc8bccf5c254286a99b11c68f6bf4ce.min.js
js.sentry-cdn.com/
2 KB
1 KB
Script
General
Full URL
https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96afe489023e3e604b96c48d0d9b77005dd82358a71b24eab849a23159094c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
8
x-envoy-upstream-service-time
12
content-length
1062
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-6fdcbcd557-wfwl6, cache-yul12822-YUL
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
https://sentry.io
t_logo_291_black.png
static01.nyt.com/images/icons/
9 KB
9 KB
Image
General
Full URL
https://static01.nyt.com/images/icons/t_logo_291_black.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
afa0bfcc224d1dcc253bf0f815ec32b0125d6c1d393cbdc58e303e162939516f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Mon, 30 Jan 2023 16:11:47 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
79374
x-guploader-uploadid
ADPycdtYjsOmEpYPxC99gw2IgjuiZd6u6a_sVdofAxFzekEKdclXhCW5e8X5ow18_ADJQj64m85IVvbXwSLNOvDmBg-8
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-length
9011
x-served-by
cache-iad-kiad7000065-IAD, cache-yul12820-YUL
last-modified
Fri, 22 Mar 2019 11:03:08 GMT
server
UploadServer
x-timer
S1676384081.458400,VS0,VE0
etag
"d2120e1b698e5770e454fb2492dc6e0b"
vary
X-Goog-Allowed-Resources, Origin
x-goog-generation
1553252588852929
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=YpoDpw==, md5=0hIOG2mOV3DkVPskktxuCw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9011
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2204, 405
author-tiffany-may-thumbLarge.png
static01.nyt.com/images/2019/12/04/reader-center/author-tiffany-may/
27 KB
27 KB
Image
General
Full URL
https://static01.nyt.com/images/2019/12/04/reader-center/author-tiffany-may/author-tiffany-may-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
12f31c7c17a6218e7bad4e3d46537eccd2a34c16e27904fbac5bdc2f3b9b130d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 04 Jan 2023 12:56:48 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
31390
x-guploader-uploadid
ADPycdtxdh9M63itFFob4o2IyTrlT-298ZDNp-2YsRxf2c3EyYd9t-RbCQthujzNQGiQO_WToK_boDMSOTQLsqEJncjR
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
27165
x-served-by
cache-iad-kjyo7100037-IAD, cache-yul12820-YUL
last-modified
Wed, 04 Dec 2019 20:59:35 GMT
server
UploadServer
x-timer
S1676384081.457316,VS0,VE0
etag
"1032145d6ad3bd64112680a93c0e0ac4"
vary
Origin
x-goog-generation
1575493175066643
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=MWBbKg==, md5=EDIUXWrTvWQRJoCpPA4KxA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
27165
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
741, 231
mapbox-gl.css
int.nyt.com/newsgraphics/mapmaker/css/
34 KB
5 KB
Stylesheet
General
Full URL
https://int.nyt.com/newsgraphics/mapmaker/css/mapbox-gl.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f80d0d241321e4821b86874153a10ee2d3535b874d1e65bb2e0cc2c061ac0f52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Mon, 13 Feb 2023 10:15:30 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-guploader-uploadid
ADPycdtZldVOGG-XwY2BWLKJSfWQA5B3rld6N3AM9BjrBwREvEYu2xYrnrzZAffix5b9T3-TU5M3evGEbz6unM6aLqSCkw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4576
x-backend-name
GCS_origin
x-served-by
cache-yul12820-YUL
last-modified
Fri, 02 Sep 2022 21:03:27 GMT
server
UploadServer
etag
"f29784f1a778f5ea23a7b9a73e205089"
vary
Accept-Encoding
x-goog-generation
1662152607763744
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=XHXrJg==, md5=8peE8ad49eojp7mnPiBQiQ==
cache-control
public, max-age=30
x-goog-stored-content-length
4576
accept-ranges
bytes
access-control-allow-headers
Range
x-cache-hits
1
loader_v1.js
int.nyt.com/newsgraphics/dev/
2 KB
1015 B
Script
General
Full URL
https://int.nyt.com/newsgraphics/dev/loader_v1.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
abea00264481983d230978c5e8753fc3226b968183abc81f1ae00a577ff13480

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Feb 2023 13:49:16 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 varnish
age
18
x-guploader-uploadid
ADPycdvRY0dpGZehAZphLPUtH8tqDhJINVPjk9nQzhWDfADv10NvEiTMckVNkx8t3U27zvx7yKW3sLfBvRvlGW6lfiYV1eFE_R4Z
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
650
x-backend-name
GCS_origin
x-served-by
cache-yul12820-YUL
last-modified
Wed, 18 Sep 2019 21:04:04 GMT
server
UploadServer
etag
"8d88884a35e999c66efb260ae11bcc02"
vary
Accept-Encoding
x-goog-generation
1568840644491149
x-goog-hash
crc32c=BUrynQ==, md5=jYiISjXpmcZu+yYK4RvMAg==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=60
x-goog-stored-content-length
650
accept-ranges
bytes
access-control-allow-headers
Range
x-cache-hits
1
author-jin-yu-young-thumbLarge-v3.png
static01.nyt.com/images/2021/08/27/reader-center/author-jin-yu-young/
26 KB
26 KB
Image
General
Full URL
https://static01.nyt.com/images/2021/08/27/reader-center/author-jin-yu-young/author-jin-yu-young-thumbLarge-v3.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a3f21ed3c19d26db8a4b3616b8104d44b8177ec29433a68d7bcae33c511d46cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 31 Jan 2023 13:47:18 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
29486
x-guploader-uploadid
ADPycduT8bd0_oZpfyG_W0bumV2onZCqq6beAAqdmwE6YnNkzBNAsnkyMk4Tmb71bCeMiInXv6QdXRSA2i1wCEFAcBXm
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26358
x-served-by
cache-iad-kjyo7100049-IAD, cache-yul12820-YUL
last-modified
Tue, 05 Jul 2022 17:40:42 GMT
server
UploadServer
x-timer
S1676384081.458945,VS0,VE0
etag
"56ec5a30a6bfb2c8fce4d5dd12b37c6b"
vary
X-Goog-Allowed-Resources, Origin
x-goog-generation
1657042842127185
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=Yn3cYw==, md5=VuxaMKa/ssj85NXdErN8aw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
26358
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16, 23
14vid-MSU-Shooting-31681-cover-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2023/02/14/14vid-MSU-Shooting-31681-cover/
51 KB
51 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/02/14/14vid-MSU-Shooting-31681-cover/14vid-MSU-Shooting-31681-cover-threeByTwoMediumAt2X.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ebca68ae52073ff14c491a30b8aeaef14ed694f79c70c1c5a095ff64e645b54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Feb 2023 05:39:01 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
30940
x-guploader-uploadid
ADPycdu4gVTtDaxsP1or9_krstEwysCR34QG2qalPnOJh5zRsnTpf0lvRrc1Qp2_xMNo_RnbcQHHb-KSItpuuq5uz0jKNOTCmQix
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
51772
x-served-by
cache-iad-kiad7000094-IAD, cache-yul12820-YUL
last-modified
Tue, 14 Feb 2023 05:38:09 GMT
server
UploadServer
x-timer
S1676384081.459360,VS0,VE0
etag
"148cdbf2ef26db84eae3843bbb911912"
vary
Origin
x-goog-generation
1676353088839291
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=h5hT8w==, md5=FIzb8u8m24Tq44Q7u5EZEg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
51772
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
94, 146
author-remy-tumin-thumbLarge.png
static01.nyt.com/images/2019/01/10/multimedia/author-remy-tumin/
27 KB
27 KB
Image
General
Full URL
https://static01.nyt.com/images/2019/01/10/multimedia/author-remy-tumin/author-remy-tumin-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
83a4deb78c2fdb6f3481ee0b27e53b65b04d30365d527cf25d92da31375bbe6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 30 Dec 2022 16:34:55 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
337177
x-guploader-uploadid
ADPycdvYqiyLdUD-RGTIrNHFghn5sRK5-tl5d6vXiUPMVrMZyzjKuf5QCC6FiKzYDpIhsU4ZG8AB7AkdL5ecozvsIxillSQgrBMO
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
27680
x-served-by
cache-iad-kjyo7100138-IAD, cache-yul12820-YUL
last-modified
Thu, 10 Jan 2019 19:55:19 GMT
server
UploadServer
x-timer
S1676384081.459367,VS0,VE0
etag
"957641700f15307d801fd87285877ef1"
vary
Origin
x-goog-generation
1547150119598142
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=ctw2cQ==, md5=lXZBcA8VMH2AH9hyhYd+8Q==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
27680
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7551, 467
author-april-rubin-thumbLarge.png
static01.nyt.com/images/2022/09/28/reader-center/author-april-rubin/
13 KB
13 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/09/28/reader-center/author-april-rubin/author-april-rubin-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e4eafbf3e0a04d7305755d34ef0edb7260b79b085515e67fd1a147243e170211
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Sat, 11 Feb 2023 17:23:00 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
247901
x-guploader-uploadid
ADPycdv3qEVd3sy__QirjYlBupMaUHfTTFZLeNl8mqWI-CHu1oJ6zOQp87YGMERKJ_us_D814Ss5acUme6MYPCKvdQlE5w
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12904
x-served-by
cache-iad-kcgs7200139-IAD, cache-yul12820-YUL
last-modified
Wed, 28 Sep 2022 16:29:04 GMT
server
UploadServer
x-timer
S1676384081.459384,VS0,VE0
etag
"f225229cc1165bf4bdb98f0be3ec4d4c"
vary
Origin
x-goog-generation
1664382544800337
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=M4KWGA==, md5=8iUinMEWW/S9uY8L4+xNTA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12904
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27, 266
author-john-yoon-thumbLarge.png
static01.nyt.com/images/2021/04/09/reader-center/author-john-yoon/
23 KB
23 KB
Image
General
Full URL
https://static01.nyt.com/images/2021/04/09/reader-center/author-john-yoon/author-john-yoon-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
67c3152b92aa6bd53e31bea31b12c0b7f776359d19585905c48010110f9aaa3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 30 Dec 2022 13:00:32 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
516200
x-guploader-uploadid
ADPycdsriLx6GJ8c3ENJGyKhbt3OdTHBIFRk79ema4fJWs197IgtBqFu6QlkPQiBk4I_LbF6_h03Rsjrdm0v5qTDo83qGlpHtPmO
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
23414
x-served-by
cache-iad-kjyo7100120-IAD, cache-yul12820-YUL
last-modified
Fri, 09 Apr 2021 14:36:08 GMT
server
UploadServer
x-timer
S1676384081.487120,VS0,VE0
etag
"d2b2c29ccface808f2a3411b399827ac"
vary
Origin
x-goog-generation
1617978968284277
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=uZ7LiQ==, md5=0rLCnM+s6Ajyo0EbOZgnrA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
23414
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3778, 359
author-mike-ives-thumbLarge.png
static01.nyt.com/images/2019/11/26/reader-center/author-mike-ives/
26 KB
26 KB
Image
General
Full URL
https://static01.nyt.com/images/2019/11/26/reader-center/author-mike-ives/author-mike-ives-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f75a6e180a35173c3cafd5f13900a3578048f7843cdf4d9d17e5cec5fa1edc55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 30 Dec 2022 19:45:39 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
277000
x-guploader-uploadid
ADPycdsru4i6jamsOUeJtJ3S06IxzPjutOdQ33uWpRJF0AhHA8Q0xGNs4MgZul_6g-H5eb9U0yguOgisYdYYQHS3KKOOV6gf1m33
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
26406
x-served-by
cache-iad-kcgs7200150-IAD, cache-yul12820-YUL
last-modified
Tue, 26 Nov 2019 22:52:13 GMT
server
UploadServer
x-timer
S1676384081.487403,VS0,VE0
etag
"a4744f057326a05f2fecffc0aca8bd60"
vary
Origin
x-goog-generation
1574808733766903
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=xmt7bg==, md5=pHRPBXMmoF8v7P/ArKi9YA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
26406
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7772, 382
author-esha-ray-thumbLarge.png
static01.nyt.com/images/2022/05/05/reader-center/author-esha-ray/
28 KB
29 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/05/05/reader-center/author-esha-ray/author-esha-ray-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0750628f424f214d17ca7574e299e57842389fc5453a9c9b651e092580f96fd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Mon, 13 Feb 2023 21:39:17 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
59724
x-guploader-uploadid
ADPycdusgaHn4X7tOHYV34CAJ3-nVJDfRVNhuqsy--AQvu-J4FaOxHOIl1pjYkVp8TxW9jvFkVhVI74G-i3uuOHtkkKAV3i6Pnrj
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28795
x-served-by
cache-iad-kcgs7200168-IAD, cache-yul12820-YUL
last-modified
Thu, 05 May 2022 14:30:10 GMT
server
UploadServer
x-timer
S1676384081.490382,VS0,VE0
etag
"2c488bed3348498bb2381dd8e8c1d8a3"
vary
Origin
x-goog-generation
1651761010528564
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=vXEeVA==, md5=LEiL7TNISYuyOB3Y6MHYow==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
28795
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76, 245
author-emily-schmall-thumbLarge-v2.png
static01.nyt.com/images/2021/01/07/reader-center/author-emily-schmall/
25 KB
26 KB
Image
General
Full URL
https://static01.nyt.com/images/2021/01/07/reader-center/author-emily-schmall/author-emily-schmall-thumbLarge-v2.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5559f926fd806c4747f4f8a13a4a2dd11e65681ce644c110f553fb57839b3e28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 10 Jan 2023 06:47:44 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
542523
x-guploader-uploadid
ADPycduLdxr1_PHM2hSO-0I5kwe5OQE7YOTu64NQiSXCRaj4P6AFnsH6z7rZhLxyKIz9NWODGb8lz-iQGk8KUt-_pnYr2Yzk6pU4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25685
x-served-by
cache-iad-kcgs7200119-IAD, cache-yul12820-YUL
last-modified
Thu, 21 Jan 2021 20:16:01 GMT
server
UploadServer
x-timer
S1676384081.490376,VS0,VE1
etag
"20707c5abbb10eb7f6985c7b94dd6864"
vary
Origin
x-goog-generation
1611260161153384
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=Q5v3xA==, md5=IHB8WruxDrf2mFx7lN1oZA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
25685
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38, 476
author-sean-plambeck-thumbLarge.png
static01.nyt.com/images/2022/05/27/reader-center/author-sean-plambeck/
25 KB
26 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/05/27/reader-center/author-sean-plambeck/author-sean-plambeck-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f7e0436a4ee3bb08313041ee4368957e9e93880e0cb269c3d87741cd370ccb2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 31 Jan 2023 08:46:33 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
19583
x-guploader-uploadid
ADPycdshfZNOp-DWa7qSYkz-pn07rtGzp9PjnejfuuUlAjUgKImdGkNxyzvkOCgGVjBKOc8DGafGH3r2-HUfZAtKWF13g2LZqv33
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
26003
x-served-by
cache-iad-kiad7000105-IAD, cache-yul12820-YUL
last-modified
Fri, 27 May 2022 15:34:44 GMT
server
UploadServer
x-timer
S1676384081.490359,VS0,VE0
etag
"4c9951015b693dd5b95e91628644f729"
vary
X-Goog-Allowed-Resources, Origin
x-goog-generation
1653665684658437
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=29CEHw==, md5=TJlRAVtpPdW5XpFihkT3KQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
26003
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10, 96
author-daniel-victor-thumbLarge.png
static01.nyt.com/images/2018/06/14/multimedia/author-daniel-victor/
22 KB
23 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/06/14/multimedia/author-daniel-victor/author-daniel-victor-thumbLarge.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
05e0513a959873f32ffc7694b323e3a10add5815351bceae533d5dc419fead0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 25 Jan 2023 14:19:41 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
518096
x-guploader-uploadid
ADPycduiwOWgnvGbkX6iOVcnn_MLtYiQ1JSl8IPIV2IPv2pKF4ZhX6aPFcycp2zRSeCDYiAdn3I8eQ6hbRRh1UubOtPVw8coqfWP
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
22857
x-served-by
cache-iad-kiad7000072-IAD, cache-yul12820-YUL
last-modified
Thu, 14 Jun 2018 18:48:04 GMT
server
UploadServer
x-timer
S1676384082.512919,VS0,VE0
etag
"890a4baa050a26b82185c3f71fd380af"
vary
Origin
x-goog-generation
1529002084962686
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=wG5XUQ==, md5=iQpLqgUKJrghhcP3H9OArw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
22857
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
12774, 454
vendor-08c1b617cd319b136ad1.js
www.nytimes.com/vi-assets/static-assets/
150 KB
41 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-08c1b617cd319b136ad1.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
25c5444f9cf815dbf8d7101748a3646f56150945a62d10c9a6eec45417fdd67f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
8458414
x-guploader-uploadid
ADPycdvpdxofyYfqxiS4vuflhqiagr1HboCUsGVXW4TuI13UXs_qb9GVpsb19t2JHyR_I86mLViw5wqLGEHkPvdP_m3ful5DQo0c
x-goog-stored-content-encoding
identity
x-origin-time
2022-11-08 16:41:07 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384081.400581,VS0,VE1
etag
"88a118a1bf6afaee66edb713204f6666"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1667924572247554
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-08c1b617cd319b136ad1.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
102010
expires
Wed, 08 Nov 2023 16:41:07 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
41809
last-modified
Tue, 08 Nov 2022 16:22:52 GMT
server
UploadServer
x-goog-hash
crc32c=qa6p5A==, md5=iKEYob9q+u5m7bcTIE9mZg==
x-gdpr
0
x-goog-stored-content-length
153525
accept-ranges
bytes
liveAsset-d96bcd935e64daf189f1.js
www.nytimes.com/vi-assets/static-assets/
1 MB
351 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/liveAsset-d96bcd935e64daf189f1.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5e76f734357c3563d4520d6251ad81761497e8cb133557a76c78e017aae84ef5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
20128
x-guploader-uploadid
ADPycdsxFbykr3zLQnJXkmHMoqnoJbt0WUNDpNVHTYYfAvF8KZFdzaKvG7DavNZ9FGKyMMbwbPYTYWI-nOZi-iBSkBPNL9xL0jAm
x-goog-stored-content-encoding
identity
x-origin-time
2023-02-14 08:39:13 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384081.400897,VS0,VE1
etag
"8121c2f4b6e49b1de2d661dd9775045a"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1676045677583150
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/liveAsset-d96bcd935e64daf189f1.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
12
expires
Wed, 14 Feb 2024 08:39:13 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
358353
last-modified
Fri, 10 Feb 2023 16:14:37 GMT
server
UploadServer
x-goog-hash
crc32c=vnqA8A==, md5=gSHC9Lbkmx3i1mHdl3UEWg==
x-gdpr
0
x-goog-stored-content-length
1298731
accept-ranges
bytes
main-434464006180894dcc6f.js
www.nytimes.com/vi-assets/static-assets/
1 MB
404 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
62479a86148f4aae04f477a870c40db91d11c84c4c47062dd47d83eab4dc7158
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
339001
x-guploader-uploadid
ADPycds6Wg10M-ouyCm5h-UKa5QL9_XsWhUe_iQIpjZosnGJaS7ujsFx-KmbYH4lLAU-ebZlBt_dm0fdztH7_d5d5Oo-8w
x-goog-stored-content-encoding
identity
x-origin-time
2023-02-10 16:04:41 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384081.400864,VS0,VE1
etag
"2c8068dc6a8688706df9e90dfeea3c56"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1676044239821650
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-434464006180894dcc6f.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
21
expires
Sat, 10 Feb 2024 16:04:41 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
412751
last-modified
Fri, 10 Feb 2023 15:50:39 GMT
server
UploadServer
x-goog-hash
crc32c=k2Ln7w==, md5=LIBo3GqGiHBt+ekN/uo8Vg==
x-gdpr
0
x-goog-stored-content-length
1425661
accept-ranges
bytes
gtm.js
www.googletagmanager.com/
398 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
100b58f2d6b117f3387a19b93320e8682a33ca32101f2eeb7e75420524aead23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110554
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2
samizdat-graphql.nytimes.com/graphql/
148 B
922 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
527b8d532bd0c660-c3e4cbbc0eb505a-1
age
20
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
05714be2fbb3286e
samizdat-x-canary
false
x-served-by
cache-yul12820-YUL
x-nyt-country
CA
x-timer
S1676384081.487121,VS0,VE1
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
QC
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
HIT
x-cache-hits
1
x-samizdat-query-sup-code
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
HIT
samizdat-x-instance
9deb428e
x-envoy-upstream-service-time
16
content-length
123
samizdat-x-kubernetes-namespace
default
server
envoy
access-control-allow-credentials
true
x-datadog-trace-id
527b8d532bd0c660-c3e4cbbc0eb505a-1
accept-ranges
bytes
timing-allow-origin
*
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
9
cache-control
max-age=30
content-length
0
date
Tue, 14 Feb 2023 14:14:41 GMT
samizdat-x-canary
false
samizdat-x-instance
c393c849
samizdat-x-kubernetes-namespace
default
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
23319c06f4d8cca1-7c7c80c476cc3017-0
x-cache
HIT
x-cache-hits
3
x-datadog-trace-id
23319c06f4d8cca1-7c7c80c476cc3017-0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
15
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
QC
x-samizdat-query-exe-id
be9dab9c1a5e2f88
x-samizdat-query-field-errors
0
x-served-by
cache-yul12825-YUL
x-timer
S1676384081.453612,VS0,VE0
als
als-svc.nytimes.com/
836 B
1 KB
XHR
General
Full URL
https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Flegacycollection%2Fc131cc84-d03b-56bb-891b-61267595fb09&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-49-121.compute-1.amazonaws.com
Software
envoy /
Resource Hash
c30b136b9735f7b13929325f6182019d96e2c02c31a0624ef2c86bf55f6e40e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 google
x-envoy-decorator-operation
als-svc.nytimes.com:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
envoy
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
39
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
content-length
836
grumi-ip.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
13 KB
5 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc3b41571baf0fbf583709a064d10851dce07925d587b1fa3758a11a16074931

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:56:45 GMT
content-encoding
br
via
1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront)
x-amz-version-id
RjbjCBoMLorj3CdhzKYislIi9or8NTJQ
last-modified
Sun, 05 Feb 2023 10:45:21 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
1077
etag
W/"317e01bb8cf36de7a89e60544fbd0662"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id
tiTudfx3QSjuDLA01_5MymVeLbbJebcz95GZCGAdl1mahkBJgsM0Yw==
apstag.js
c.amazon-adsystem.com/aax2/
193 KB
47 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.10.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-10-22.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:24:11 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 21:24:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, PHL51-P1
age
3031
x-amz-server-side-encryption
AES256
etag
W/"73a4291e0b24cc8bf12a18bcd544a2b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IOmV-0IWSEBlkl2pjs9lOOwI7Ep5XHZ75SH-As07qN_n9fqKSw5-vg==
prebid7.28.0.js
www.nytimes.com/ads/
229 KB
73 KB
Script
General
Full URL
https://www.nytimes.com/ads/prebid7.28.0.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5bacb59c42a6ba81649f4204e7c6f37e1708399c6f3a69e410ce7ee48e80d99c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
62818
x-guploader-uploadid
ADPycdvQoTePY8o0N4ZLeYoCx82F3UT3BV57ys6EPk_2hM-bFIjDrxmvMBcGBsNEWSXG1zbnxTS50CimeqNYOefE1-jWkgoLmPSw
x-goog-stored-content-encoding
identity
x-origin-time
2022-12-12 20:47:36 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384081.401765,VS0,VE0
etag
"da02b9b378ed777f3ccd280ca4ca4e2f"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1670878010839502
content-type
text/javascript
access-control-allow-origin
*
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid7.28.0.js
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview
0
x-nyt-route
ads-static-assets
x-nyt-edge-cache
HIT
x-cache-hits
6910
expires
Mon, 12 Dec 2022 20:47:36 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
content-length
74086
last-modified
Mon, 12 Dec 2022 20:46:50 GMT
server
UploadServer
x-goog-hash
crc32c=GM24HA==, md5=2gK5s3jtd388zSgMpMpOLw==
x-gdpr
0
x-goog-stored-content-length
234521
accept-ranges
bytes
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:49:31 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
25907108
x-guploader-uploadid
ADPycdsHDnIPJYCF1PMlnRkJvVEsHgtl-6zmEXHjsH7fd8o-CuTl9HOiE4lW_zgV0jxeyMXhvF0xNI1MO3TQBAAEj_ldyQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-yul12824-YUL
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1676384081.444385,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation
1650460180561781
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
79381
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:49:31 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
25907109
x-guploader-uploadid
ADPycdvTmHKHDyLgcDwJXzIY2ayOhLi8-M9Kd4N0pU8JKM0J-EV_OI3zAYH5eZ_kXiK_ZMAZzAPCYnvYZBzaTTuXx5pRntVvSSG9
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-yul12824-YUL
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1676384081.444648,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation
1650460180610251
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
78327
franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/
24 KB
24 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 05 Apr 2023 06:45:54 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
27242927
x-guploader-uploadid
ADPycdupoOVfPN_2-5NTY4Shj4-a3GST-UT7YN7Jiyf5IQKDVtkIP11kjW1DBCBMHLgF1Ci5I27NyEcEV0ujqUcaAiejb_2ASw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
24184
x-served-by
cache-yul12824-YUL
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1676384081.444633,VS0,VE0
etag
"fdc7cad17deeec2db1fe2f9f8c0520ed"
x-goog-generation
1631734984069574
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
24184
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
6948
cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
28 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Jun 2022 10:00:58 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
21701623
x-guploader-uploadid
ABg5-Uz1bA45NtOdH7i_2BbOdWYCvTZw8EBcUKEWmtnfn9Siiw7VvAsZ5OV7-cHO5ikLD9w7vT9AK6lyzn869_ZEWos
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28276
x-served-by
cache-yul12824-YUL
last-modified
Tue, 06 Apr 2021 21:11:52 GMT
server
UploadServer
x-timer
S1676384081.444623,VS0,VE0
etag
"530cfb72378419eedb60da7e266ad5f1"
x-goog-generation
1617743512132246
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
28276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
48178
imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Jun 2022 10:58:13 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
21698185
x-guploader-uploadid
ABg5-UzvSkIlCjsLB5JUf8-p1pLKeF_uYhU5iliVjZTeuTR5u5f31srWt8YedXjkK0y7RAdDRXFgXrwU4srROuHIqwU
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26504
x-served-by
cache-yul12824-YUL
last-modified
Tue, 06 Apr 2021 21:11:53 GMT
server
UploadServer
x-timer
S1676384081.444617,VS0,VE0
etag
"6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation
1617743513818473
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
26504
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
77415
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-9349dd2c5537218e254e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40325574c3f9b68feeabc7041fd46863a834cc29001096c0dc9699686cf8386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27284
x-xss-protection
0
server
sffe
etag
"1482 / 833 of 1000 / last-modified: 1676376418"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Feb 2023 14:14:41 GMT
franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:49:37 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
25907102
x-guploader-uploadid
ADPycduRyC43cWt-0Fn4Y6idrFKUtZO-ld20hUq4qVAhtcfkVO5nlokfc0yYSU-4BL2tmmmS__H3OxnFe12K24s5Fw7qD_HzXAno
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20196
x-served-by
cache-yul12824-YUL
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1676384081.453375,VS0,VE0
etag
"75739ac267f076931c6da9740386ee6b"
x-goog-generation
1650460180595156
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20196
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
45863
imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
g1.nyt.com/fonts/family/imperial/
27 KB
27 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-italic-400.30d6073613e33e742de4c1325b31065c.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Sun, 02 Jul 2023 05:53:48 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
19642854
x-guploader-uploadid
ADPycdt3eNupOm6NKiOMZaXAEsg6cYfnH4SDNxcOAfTuQLki9UY5E1rZEdoLHf91qjaJJP9Jr4RYEyki1ugR-MGvkn4XKkDBB-QQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27268
x-served-by
cache-yul12824-YUL
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1676384081.453373,VS0,VE0
etag
"30d6073613e33e742de4c1325b31065c"
x-goog-generation
1651598151451992
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=l1jStw==, md5=MNYHNhPjPnQt5MEyWzEGXA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
27268
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
28131
mapmaker-map-mapbox.js
int.nyt.com/newsgraphics/dev/loader_v1/
1 MB
376 KB
Script
General
Full URL
https://int.nyt.com/newsgraphics/dev/loader_v1/mapmaker-map-mapbox.js
Requested by
Host: int.nyt.com
URL: https://int.nyt.com/newsgraphics/dev/loader_v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5c62ee1a557995adb45a055a6b14daa8fba4a093d596454e12fdf50f67f9b566

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Feb 2023 08:29:45 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 varnish
age
13
x-guploader-uploadid
ADPycduouoyJvtyZZUX0Xeny8s5oXLzjHuLZewTriGRis2LNZIM78hIIsPTmSXIiweO40-puA03llph7PWZBsY7nuNsEWA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
384459
x-backend-name
GCS_origin
x-served-by
cache-yul12820-YUL
last-modified
Fri, 02 Sep 2022 21:03:28 GMT
server
UploadServer
etag
"1a0197aee0d552988c2d62895eed2b04"
vary
Accept-Encoding
x-goog-generation
1662152608514309
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=bwfkSQ==, md5=GgGXruDVUpiMLWKJXu0rBA==
cache-control
public, max-age=30
x-goog-stored-content-length
384459
accept-ranges
bytes
access-control-allow-headers
Range
x-cache-hits
1
imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/
25 KB
25 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Sun, 12 Mar 2023 00:31:02 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
29339020
x-guploader-uploadid
ADPycdswnrGO6Emf1zCInyp5ygj14UWc8N0Od8enTwjipFq6GtXtcMXF0wJ0Umr2dG-FaRg59dKTyXwQwgceuacUjPonEnDjxA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25680
x-served-by
cache-yul12824-YUL
last-modified
Wed, 15 Sep 2021 19:43:04 GMT
server
UploadServer
x-timer
S1676384081.484277,VS0,VE0
etag
"024693f96c8f2c457e4a6a8d02a636b7"
x-goog-generation
1631734984530255
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
25680
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
33775
vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-1657d1b4cf43caad696c.js
www.nytimes.com/vi-assets/static-assets/
45 KB
15 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-1657d1b4cf43caad696c.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4486a33a70b0ab6227074c97c026bc4c4ad732d4290f349c1eedd4d4d5e311d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
589349
x-guploader-uploadid
ADPycdu5KksxpfY3aSSydijccTFw4rKqY-OrYN0QgpKGHTsGX_R7jwTA7VnI2rDa--g3DEQ4X9_8CupLuQzu2YH3iSi6i-GyqCbo
x-goog-stored-content-encoding
identity
x-origin-time
2023-02-07 18:32:12 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384082.746956,VS0,VE1
etag
"7e7fc7fe697ec0607a67b72edb800ade"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1675793953332801
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~4a3ef3d2-1657d1b4cf43caad696c.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
41234
expires
Wed, 07 Feb 2024 18:32:12 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
14101
last-modified
Tue, 07 Feb 2023 18:19:13 GMT
server
UploadServer
x-goog-hash
crc32c=SIPyDg==, md5=fn/H/ml+wGB6Z7cu24AK3g==
x-gdpr
0
x-goog-stored-content-length
45586
accept-ranges
bytes
vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~5ec95911-dd84837cc1487c18d5cd.js
www.nytimes.com/vi-assets/static-assets/
66 KB
13 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~5ec95911-dd84837cc1487c18d5cd.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b32218f7bee034f726211a4d2b6951a42d74213b7baaf9e1431b7f420a761af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
5942461
x-guploader-uploadid
ADPycdu5v73dmJuSI_4SQ0iAib0lLdtU87w_8wKGxreL0Snxi7xEwCW28vBIAChI3b0F_OpLo1x03N-3Jw7rk1qlKX7-oVb0UQ9h
x-goog-stored-content-encoding
identity
x-origin-time
2022-12-07 19:33:41 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384082.747271,VS0,VE1
etag
"63dc40b3f01633bcdf94eaaea6d07423"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1670441606120009
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveAsset~paidpost~slideshow~st~5ec95911-dd84837cc1487c18d5cd.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
87924
expires
Thu, 07 Dec 2023 19:33:41 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
13123
last-modified
Wed, 07 Dec 2022 19:33:26 GMT
server
UploadServer
x-goog-hash
crc32c=xHQiCQ==, md5=Y9xAs/AWM7zflOquptB0Iw==
x-gdpr
0
x-goog-stored-content-length
67804
accept-ranges
bytes
vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js
www.nytimes.com/vi-assets/static-assets/
21 KB
6 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
29cd49f61d6124f05a6cd8d781742624ea2205be8dcee00249e588e2a02737e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
10256219
x-guploader-uploadid
ADPycdt82zrwo7uGoeGOccYu184AB4Jf2Fa-zjsMOM18jQgWZ8zwDnNfD7KzTcn9LZUFlFqUpHaQujuWodv4ZCeK90ehrUDArVlJ
x-goog-stored-content-encoding
identity
x-origin-time
2022-10-18 21:17:43 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384082.747365,VS0,VE1
etag
"1cc0a195edd4322de916042d2d3ce9a5"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1666127613222986
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
28505
expires
Wed, 18 Oct 2023 21:17:43 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
4953
last-modified
Tue, 18 Oct 2022 21:13:33 GMT
server
UploadServer
x-goog-hash
crc32c=VL7/VQ==, md5=HMChle3UMi3pFgQtLTzppQ==
x-gdpr
0
x-goog-stored-content-length
21765
accept-ranges
bytes
prebid
prebid.media.net/rtb/
1 KB
957 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d56fe1ae3ba2ea4c307cce2b8cd356704ea5d1d5a2183973460da0cb1a59d5c6

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 14 Feb 2023 14:14:41 GMT
arj
nytimes-d.openx.net/w/1.0/
75 B
506 B
XHR
General
Full URL
https://nytimes-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=da2f0a1a-3144-4c0c-ad8b-e8f366066009%2Cc3c68208-71b0-4e7d-b014-d0a49294c04f%2C75599540-3c48-4bb6-a3ba-4dd8fa56808f%2C56bc6634-a907-42b4-83d2-3e5a5b9b885a%2C08595d24-2b05-4e43-8115-68c5c2906244&nocache=1676384081773&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250&divids=dfp-ad-top%2Cdfp-ad-mid1%2Cdfp-ad-mid2%2Cdfp-ad-mid3%2Cdfp-ad-bottom&aucs=dfp-ad-top%2Cdfp-ad-mid1%2Cdfp-ad-mid2%2Cdfp-ad-mid3%2Cdfp-ad-bottom&auid=544112060%2C544112063%2C544112063%2C544112063%2C544112062&tps=aW52Y29kZT1ueXRfdXNfdG9w%2CaW52Y29kZT1ueXRfdXNfbWlkMQ%3D%3D%2CaW52Y29kZT1ueXRfdXNfbWlkMg%3D%3D%2CaW52Y29kZT1ueXRfdXNfbWlkMw%3D%3D%2CaW52Y29kZT1ueXRfdXNfYm90dG9t
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8e52e0cf00bf4af2a3ec8a31905b98b9b9e99bb789c28fc0e5e7f9e612ffbe51

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.nytimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
597 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
548e814e13bbbc47350c9b02bda6c27f11dd9e8da7a7a848b1e0415b5af71c55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Feb 2023 14:14:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0e6759a3-d532-4e3f-84fe-86dbeaf52fb6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.nytimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/
19 B
507 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.28.0&referrer=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&tmax=10000
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.236.171 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-236-171.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
309 B
861 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&tg_i.invCode=nyt_us_top&tg_i.pbadslot=dfp-ad-top&tk_flint=pbjs_lite_v7.28.0&x_source.tid=da2f0a1a-3144-4c0c-ad8b-e8f366066009&l_pb_bid_id=268519323241835&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1067747104301755
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
443ab21d666b7617b49d52adc0ae147d89db882397cf119f4efae94f6f29fe0c

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
309
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
311 B
634 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&tg_i.invCode=nyt_us_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v7.28.0&x_source.tid=c3c68208-71b0-4e7d-b014-d0a49294c04f&l_pb_bid_id=27f426b447091ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6517716244527239
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c194a9ec916c0635928631a94592e9e4480296e587bee95be1822cfc3af5adcc

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
311
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
311 B
633 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&tg_i.invCode=nyt_us_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v7.28.0&x_source.tid=75599540-3c48-4bb6-a3ba-4dd8fa56808f&l_pb_bid_id=28530852446fd92&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8422089117016827
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
420cdccf6362de40cf6027e27b1f70c8a554d8e02f467146f536b2271274d2d0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
311
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
311 B
633 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&tg_i.invCode=nyt_us_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v7.28.0&x_source.tid=56bc6634-a907-42b4-83d2-3e5a5b9b885a&l_pb_bid_id=293fcfbd31c2116&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.028538282058334863
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d9e6e07501dffffcab98d5dafc7e4eef587b0a3afa05b38434c8423df4870e50

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
311
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
315 B
639 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&tg_i.invCode=nyt_us_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v7.28.0&x_source.tid=08595d24-2b05-4e43-8115-68c5c2906244&l_pb_bid_id=3014310cf1edabd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38291963321197775
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid7.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
768ba7fac83c05223050ffeea4609e1b56cb7034d789cfd48b5686280ab98b7a

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
315
expires
Wed, 17 Sep 1975 21:32:10 GMT
gtm.js
www.googletagmanager.com/
112 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1baef97532021ed479e06a7b99c565b495ab07ae4e8306424e863689c6c563ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41732
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 14:14:41 GMT
tags.js
dd.nytimes.com/
205 KB
43 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-128.phl51.r.cloudfront.net
Software
Apache /
Resource Hash
470a6505ac2b36a1f2888a1ff34961732ec3a4c832e6edae908a164307a06bd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:47:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 87bf84f333bc8ae1d8c723bf1e035c1e.cloudfront.net (CloudFront), 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2, PHL51-P1
age
1604
x-cache
Hit from cloudfront
content-length
42976
last-modified
Thu, 09 Feb 2023 16:46:15 GMT
server
Apache
etag
"33255-5f4471e891452-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
PPhEtAgXUh1XG6bf-fhcf6lzSdxtNfiQ3i0bEES2kFa3MyPEjHDedg==
expires
Tue, 14 Feb 2023 14:47:58 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1676384081924&ns_c=UTF-8&c8=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1676384081924&ns_c=UTF-8&c8=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20Yor...
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1676384081924&ns_c=UTF-8&c8=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&c9=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:43 GMT
via
1.1 ccbf01f3e1fbbe27e81779a9bd6e91de.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
x-amz-cf-id
0LcHPkgLFLmuatD58aPxeLjhfjxCsxZyfhPm7S21e-o2On7Jo1bpjg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=3005403&ns__t=1676384081924&ns_c=UTF-8&c8=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&c9=
date
Tue, 14 Feb 2023 14:14:42 GMT
via
1.1 ccbf01f3e1fbbe27e81779a9bd6e91de.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
content-length
0
x-amz-cf-id
4Nqq9uAi95cbu2SG1hIJ8ufS7GRotRHLHp6VReHzN0lMH_lTLXW-8A==
x-cache
Miss from cloudfront
style-v1.css
int.nyt.com/newsgraphics/mapmaker/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://int.nyt.com/newsgraphics/mapmaker/css/style-v1.css
Requested by
Host: int.nyt.com
URL: https://int.nyt.com/newsgraphics/dev/loader_v1/mapmaker-map-mapbox.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d3fa97ca0121b71d725769fd97cb7c33a42ed6d4951fb42858e340c493efa4ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Mon, 13 Feb 2023 10:23:22 GMT
date
Tue, 14 Feb 2023 14:14:41 GMT
content-encoding
gzip
via
1.1 varnish
age
60
x-guploader-uploadid
ADPycduCZ12l4bpADl1-OGs0uwNGAroKjhU1O6cz2WK_QTPL2PNSkWTqPGILjm2hOIOtpyezw6pV2K3kdz4pWZlZIy5vXg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2472
x-backend-name
GCS_origin
x-served-by
cache-yul12820-YUL
last-modified
Fri, 02 Sep 2022 21:03:26 GMT
server
UploadServer
etag
"a6fbc78a462d4d489c3d6b1c19ebf4d5"
vary
Accept-Encoding
x-goog-generation
1662152606440759
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=NLVRpA==, md5=pvvHikYtTUicPWscGev01Q==
cache-control
public, max-age=60
x-goog-stored-content-length
2472
accept-ranges
bytes
access-control-allow-headers
Range
x-cache-hits
2
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/webp
pubads_impl_2023020801.js
securepubads.g.doubleclick.net/gpt/
386 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fd5af36d4d26d1e4ec9a195476034c22906f899b48cc738afb0d63c9964fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 19:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133093
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 09:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Feb 2024 19:08:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
1 KB
347 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7b8ecfd11e8086450c73ba71ec182da2ef46cb8602cfdaccf9640efe20fdcb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-xss-protection
0
expires
Tue, 14 Feb 2023 14:14:42 GMT
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
399 KB
122 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b0519dbff83def2b6bd9aff431b96f8fb23719a7b503a51db1ca05428614a1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:56:45 GMT
content-encoding
br
via
1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront)
x-amz-version-id
Jo68W4lWZsmymjiDWj3hzGF_L1aP4iLs
last-modified
Tue, 14 Feb 2023 13:30:24 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
1078
etag
W/"3ae8fde83f687f85fa6932b0dabfc0ed"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
GIDZ1cZt2pLJDiZg7HS_O6OVQ_ia0p-GqiS8SbAB_JyCLeYLw2YioA==
config
c.amazon-adsystem.com/cdn/prod/
0
309 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fwww.nytimes.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.10.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-10-22.phl51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:05:01 GMT
via
1.1 09271a32d559aa027d52f6c914ebff78.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
age
4180
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
wE9udQocBhfhnpz-LoKHnlYjUMgirCgNLtu6Od9ahdWl4-T1XU73xA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.10.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-10-22.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:06:09 GMT
x-amz-version-id
zv0zkgF8NnUlHbYAYVWZBKSRYlhapW6k
content-encoding
gzip
via
1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
14914
x-cache
Hit from cloudfront
last-modified
Wed, 08 Feb 2023 10:05:52 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
2QMRcP2Lnbm756CeI4-hutG-CdQyRJsOlqnCvLOr7i-CqmBa-0EPLQ==
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
9
cache-control
max-age=30
content-length
0
date
Tue, 14 Feb 2023 14:14:42 GMT
samizdat-x-canary
false
samizdat-x-instance
c393c849
samizdat-x-kubernetes-namespace
default
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
23319c06f4d8cca1-7c7c80c476cc3017-0
x-cache
HIT
x-cache-hits
4
x-datadog-trace-id
23319c06f4d8cca1-7c7c80c476cc3017-0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
15
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
QC
x-samizdat-query-exe-id
8f84d3a986a65dcb
x-samizdat-query-field-errors
0
x-served-by
cache-yul12825-YUL
x-timer
S1676384082.341083,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
10
cache-control
max-age=30
content-length
0
date
Tue, 14 Feb 2023 14:14:42 GMT
samizdat-x-canary
false
samizdat-x-instance
c393c849
samizdat-x-kubernetes-namespace
default
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
23319c06f4d8cca1-7c7c80c476cc3017-0
x-cache
HIT
x-cache-hits
5
x-datadog-trace-id
23319c06f4d8cca1-7c7c80c476cc3017-0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
15
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
QC
x-samizdat-query-exe-id
8fd58ff8aea7b39a
x-samizdat-query-field-errors
0
x-served-by
cache-yul12825-YUL
x-timer
S1676384082.471741,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
10
cache-control
max-age=30
content-length
0
date
Tue, 14 Feb 2023 14:14:42 GMT
samizdat-x-canary
false
samizdat-x-instance
c393c849
samizdat-x-kubernetes-namespace
default
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
23319c06f4d8cca1-7c7c80c476cc3017-0
x-cache
HIT
x-cache-hits
6
x-datadog-trace-id
23319c06f4d8cca1-7c7c80c476cc3017-0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
15
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
QC
x-samizdat-query-exe-id
99efea5deab10570
x-samizdat-query-field-errors
0
x-served-by
cache-yul12825-YUL
x-timer
S1676384083.507020,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
10
cache-control
max-age=30
content-length
0
date
Tue, 14 Feb 2023 14:14:43 GMT
samizdat-x-canary
false
samizdat-x-instance
c393c849
samizdat-x-kubernetes-namespace
default
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
23319c06f4d8cca1-7c7c80c476cc3017-0
x-cache
HIT
x-cache-hits
7
x-datadog-trace-id
23319c06f4d8cca1-7c7c80c476cc3017-0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
15
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
QC
x-samizdat-query-exe-id
a8f96a886424ccef
x-samizdat-query-field-errors
0
x-served-by
cache-yul12825-YUL
x-timer
S1676384083.209742,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/
104 B
944 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
3edbc2e6465198cc-660d65a1a932bf0a-0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
6d1841fd36c49a5f
samizdat-x-canary
false
x-served-by
cache-yul12820-YUL
x-nyt-country
CA
x-timer
S1676384082.355500,VS0,VE34
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
QC
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
private, no-store
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 14 Feb 2023 14:14:42 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
ca9c3a17
x-envoy-upstream-service-time
18
samizdat-x-kubernetes-namespace
default
server
envoy
access-control-allow-credentials
true
x-datadog-trace-id
3edbc2e6465198cc-660d65a1a932bf0a-0
accept-ranges
bytes
timing-allow-origin
*
v2
samizdat-graphql.nytimes.com/graphql/
13 KB
4 KB
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b6903a87e0dba9112a6facc193f5372c2f449d35e1d66b12ea10311eb626f566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
402991fd13036f10-7dc823c4c6d59429-0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
b6088f20cb3576c8
samizdat-x-canary
false
x-served-by
cache-yul12820-YUL
x-nyt-country
CA
x-timer
S1676384082.485985,VS0,VE156
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
QC
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
private, no-store
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 14 Feb 2023 14:14:42 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
9deb428e
x-envoy-upstream-service-time
140
samizdat-x-kubernetes-namespace
default
server
envoy
access-control-allow-credentials
true
x-datadog-trace-id
402991fd13036f10-7dc823c4c6d59429-0
accept-ranges
bytes
timing-allow-origin
*
meter.js
meter-svc.nytimes.com/
532 B
1 KB
XHR
General
Full URL
https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&referer=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pageviewID=FtMpe_h5u1aC0H2U5n3ODG4s
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
envoy /
Resource Hash
f63a4230ae88e5ad9c0254cb8c4b959f05eecb68206f7b27354351bfc228a1b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:42 GMT
via
1.1 google
x-envoy-decorator-operation
meter-svc.nytimes.com:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
Set-Cookie
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
145
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
content-length
532
v2
samizdat-graphql.nytimes.com/graphql/
62 B
927 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
2adeaa0d70e003c4-632da36cd0a94800-0
age
0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
f0ca51471fac7fec
samizdat-x-canary
false
x-served-by
cache-yul12820-YUL
x-nyt-country
CA
x-timer
S1676384083.521271,VS0,VE33
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
QC
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 14 Feb 2023 14:14:42 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
a9d19979
x-envoy-upstream-service-time
17
content-length
77
samizdat-x-kubernetes-namespace
default
server
envoy
access-control-allow-credentials
true
x-datadog-trace-id
2adeaa0d70e003c4-632da36cd0a94800-0
accept-ranges
bytes
timing-allow-origin
*
vhs.min.js
static01.nyt.com/video-static/vhs3/
503 KB
115 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveAsset~paidpost~story~tre~698cb9e2-3fafe57b731fc315298f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
801f5461ab5233791c7e6db4bbca794e69cbad5ab048ffc0d3d45d900ea19091
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 17 Feb 2023 16:54:37 GMT
date
Tue, 14 Feb 2023 14:14:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
336005
x-guploader-uploadid
ADPycdsuyx9COoM1IIre5gu_o9kGKKf3UCeoZAFx-e8zwn5pdn2jIz2Re149ITGf8i8W7L86lx7-4ULgcVTdM0EzpQNQjU7GDQet
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
116661
x-served-by
cache-iad-kiad7000153-IAD, cache-yul12820-YUL
last-modified
Fri, 10 Feb 2023 16:54:31 GMT
server
UploadServer
x-timer
S1676384083.646730,VS0,VE0
etag
"df987379120bed20baabdea0979af458"
vary
Accept-Encoding
x-goog-generation
1676048071783566
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=8lIVDQ==, md5=35hzeRIL7SC6q96gl5r0WA==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
515298
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
65, 34516
data-layer
a.nytimes.com/svc/nyt/
1 KB
1 KB
XHR
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&caller_id=nyt-vi&jkcb=1676384082648&referrer=&sourceApp=nyt-vi
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
envoy /
Resource Hash
881b3bb2e653a1344d933b1716f46044ecc58d238ae663b49a0bee4260e935d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:42 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
a.nytimes.com:443/*
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
34db5e26ea40cb08a645e2054be4c295
cache-control
private
access-control-allow-credentials
true
x-envoy-upstream-service-time
33
access-control-allow-headers
Content-Type, x-requested-by
purr-cache
purr.nytimes.com/v1/
0
0
Fetch
General
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-49-121.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:42 GMT
via
1.1 google
x-envoy-decorator-operation
purr.nytimes.com:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
envoy
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
6598bbd0514ba9f44114598c85f310d2
access-control-allow-credentials
true
x-envoy-upstream-service-time
21
content-length
0
v2
samizdat-graphql.nytimes.com/graphql/
6 KB
2 KB
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
22786d3d9f25d82147c5bf891fd1ac9fc99af6b92de40978c2084224558137e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
5a53108ebc507ca2-14505fb0a9bf1cce-0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
56eefc40397ec681
samizdat-x-canary
false
x-served-by
cache-yul12820-YUL
x-nyt-country
CA
x-timer
S1676384083.224076,VS0,VE35
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
QC
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=5
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 14 Feb 2023 14:14:43 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
05f2332e
x-envoy-upstream-service-time
18
last-modified
Tue, 14 Feb 2023 14:14:36 GMT
server
envoy
samizdat-x-kubernetes-namespace
default
access-control-allow-credentials
true
x-datadog-trace-id
5a53108ebc507ca2-14505fb0a9bf1cce-0
accept-ranges
bytes
timing-allow-origin
*
13msu-shooting-scene-bgpm-jumbo-v2.jpg
static01.nyt.com/images/2023/02/13/multimedia/13msu-shooting-scene-bgpm/
55 KB
55 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/02/13/multimedia/13msu-shooting-scene-bgpm/13msu-shooting-scene-bgpm-jumbo-v2.jpg?quality=75&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d9010097ba089af77bb33456f16a43b72f0e8d1f3bcdc3197143ea4fb62b2e2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Feb 2023 08:33:18 GMT
date
Tue, 14 Feb 2023 14:14:43 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20485
x-guploader-uploadid
ADPycdvVfvej6Ah736jmiPiMNzj7OLQgOToCHUlTwE1nhlV8VXWl36XWHtPfr5-0p1k5WkQjt9tHSQUvKvOF85f4v0LDc0p3a1n0
x-cache
HIT, HIT
fastly-io-info
ifsz=159089 idim=1024x683 ifmt=jpeg ofsz=56054 odim=1024x683 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
56054
x-served-by
cache-iad-kiad7000023-IAD, cache-yul12820-YUL
server
UploadServer
x-timer
S1676384084.547104,VS0,VE0
etag
"epaOYgDLxWwlBpG7iHRHIR5rWitpppujJrRkNTG/2BY"
vary
Accept
x-goog-generation
1676363587816042
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=Sp8GsQ==, md5=jeiFsWl4724qq3jK8jJTrQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
159089
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
62, 122
13msu-shooting-open-carry-gztp-jumbo.jpg
static01.nyt.com/images/2023/02/13/multimedia/13msu-shooting-open-carry-gztp/
120 KB
120 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/02/13/multimedia/13msu-shooting-open-carry-gztp/13msu-shooting-open-carry-gztp-jumbo.jpg?quality=75&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
517f8f86a625691b1fecc3061b49131c6a181bd018bb01476f7e114a7674c503
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Feb 2023 07:27:20 GMT
date
Tue, 14 Feb 2023 14:14:43 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
24442
x-guploader-uploadid
ADPycdvXubM_41E5JMk96OROs7_ELtymn_160SQNUiNCGdTqHUPkAGdii7DSFkspxTRpB2v6HsOvfCckjHGopuFKKiwOQ2Jx6zdB
x-cache
HIT, HIT
fastly-io-info
ifsz=254958 idim=1024x683 ifmt=jpeg ofsz=122412 odim=1024x683 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
122412
x-served-by
cache-iad-kiad7000140-IAD, cache-yul12820-YUL
server
UploadServer
x-timer
S1676384084.547213,VS0,VE0
etag
"MjeqrENVbQgbnaVHCpxjNykMywNM4IPwyv6xFI+J7pg"
vary
Accept
x-goog-generation
1676359633534432
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=aHLf7w==, md5=cp++RF0NauMOKd39hlr4JQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
254958
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
68, 125
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=0&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
4dce82188087b5a879afaed84f7c41579a9ccd759994d30d908879edc355ca62
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
10TK4HANTSKV86NEC7Y7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
3bTW8XXnf5bxKXO0ycrgWO-DHrIfLwD6tb6IeZWzBd_eyDCc2KebqQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=1&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
ab58c90a662cf700705e739676c14e82d7ab3e91ec18689f6f30daf88d8a2194
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
ZA0JR7B3HPZVJQSBN1HX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
O_PM3GlsoaQJDotWYYjES_DNt5HH4oneCknE0H090LVgFMDX-Qakpg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=2&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
1c5395f6205dc8e59a1869a8e3b4a38ee649e96f23907d907f4b9cc958aa5f76
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
23ANN8Z484NNRRPNZETD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
DQ6qLZopWJ06F3x3TkTvnsI6DB17c5uEcToJzwcbc_HQif6MvbK2PA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=3&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
bc4e3adf3060d01f9ffd158e2033acab7390f3f2aaec313e252bd01e142c4c32
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
60DD2E08SXQHR3JNG8YP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
YYLD81-Jszh9i_PGb86V1vJNQp2vIJNUGgIFquJx1BAMatmxsi4Igw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=4&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid4_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
32f1f0e37b0041981359ea26673a749ad78f474c49f19b4aeb7e425c48d26475
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
NAKJJ7PT2BZ2JRHW941N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
X9Xz7LliHpbLiwL59tH8cvCn7L8sYM2nQVj05s_vmyf1mMNXQG1H3Q==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
633 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=5&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid5_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
f57146e039bca225728bf1264e2a68401a2165607331d1c45068e37542baf733
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
JRKVTDJMNXHVYFQMDMF8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
p8aFpWG-C6FmdnvR4SnbetPqaypUWFkuecPC73xnGyWybxDjaPPRzA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
633 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=6&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid6_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
2a2130aee214631ef98d31a2f0fd33a7cd844ae1aeb997bd48c89fb63eb0e037
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
7MKGYKNR4CE2BJDEC4JZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
DF4IwN_IO4CIPZSfcC1ELJ9lzDBwSxnFZsV55FN6HLdrrQ9fjPEN4w==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=7&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid7_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
019368388d333da1161e8e6a76883b1ea236735cdcf3d8b99cf59a80283f8650
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
7XEYJZ1Z2QD7DE64SG2N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
ldCoOM_GcSHuB9T7_yJgAKMR4ZfaZdBRIHrcFsimuWXvQeB5_pW7IA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
629 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=8&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid8%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid8_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
90a9a82692abbe5ef1dda1f51f76a258316a8372969f1bb59c1174c64a628b84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
4C11W8RGNBNS0Q4B522Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
2SS1cLZ8LT3GAS5ESlcupsLRaDmPcxRO6Lqs4QQ4iW3FdimFtj2Scg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
191 B
631 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&pid=pRTR6BPeaX2MY&cb=9&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid9%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid9_livebl_web%22%7D%5D&pj=%7B%22si_section%22%3A%22us%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.3.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-3-30.phl51.r.cloudfront.net
Software
Server /
Resource Hash
1aa1da82bbcd26c77851d91d8e089d8677bde5e05f63fabe6f0a086f0c95f168
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b2c97c3ba7e37bdd32ec314e5554c74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
BKDT63H8TH9GDJ348MJ9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
IRHmI3oVvdvuM-H8pmCIiMXa-zxXcR1ywoG3eBDlOigfeziXWrXVwg==
integrator.js
adservice.google.ca/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
22 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=823308635577086&correlator=2986558486243500&eid=31072290&output=ldjh&gdfp_req=1&vrg=2023020801&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cus%2Cliveblog20230213michiganstateshooting%2Cspotlight&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=2115286922&sfv=1-0-40&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D1%26amznp%3D1%26request_time%3D2480&cust_params=als_test_clientside%3Dweb_none_high_20230214141441%26mktg%3Dtype_anon%252Clogf%252Cabf%26sub%3Danon%26vp%3Dlarge%26als_test%3D1676371449992%26prop%3Dnyt%26plat%3Dweb%26edn%3Dus%26brandsensitive%3Dfalse%26org%3Dmichiganstateuniversity%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000008769973%26pt%3Dnt1%252Cnt10%252Cnt11%252Cnt12%252Cnt13%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt17%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_chanel%252Cneg_capitalone%252Cneg_ibm%252Cneg_chan2%252Cneg_mtb%252Cneg_citi_aa%252Cneg_ms_safe%252Cneg_cathay%252Cneg_mastercard%252Cneg_bp%252Cneg_orep%252Cneg_mktg_safe_q4_2019%252Cneg_hms%252Cneg_ubs%252Cneg_rmw%252Cneg_hearts%252Cneg_sabic%252Cneg_msft%252Cgv_arms%252Cgv_death_injury%252Cgb_arms_serious%252Cgs_law%252Cgb_death_injury_news-ent%252Cgv_crime%252Cgb_death_injury_edu%252Cgs_politics%252Cgs_home%252Cgs_t%26is_viral%3Dhigh%26typ%3Dlivebl%26ver%3Dvi%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_price_0722_0_control%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_live_1022_1_updates%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D2%26page_view_id%3DFtMpe_h5u1aC0H2U5n3ODG4s%26purr%3Dfull%26uap%3Dbrowser%26aid%3D0GkrDjZIJjUJIhztjxStr-%26bt%3D&sc=1&cookie_enabled=1&abxe=1&dt=1676384083787&lmt=1676383702&dlt=1676384081236&idt=2453&adxs=0&adys=130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1731079406.1676384084&ga_sid=1676384084&ga_hid=1392706905&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f36437459221e814601528b4f884b5bbd811261d56037e3b9d42420865fb0a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10819
x-xss-protection
0
google-lineitem-id
6181152954
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417413275
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0AE
6 KB
3 KB
Document
General
Full URL
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:43 GMT
expires
Wed, 14 Feb 2024 14:14:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
dd.nytimes.com/js/
235 B
621 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-128.phl51.r.cloudfront.net
Software
DataDome /
Resource Hash
62b87cc1460c4afdc8a8c0729c7f887575887ab8fb41a2b8ffcaded7422496bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:44 GMT
via
1.1 a147f9c60c162e36df3586fdd9c01478.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
235
x-amz-cf-id
xdBCrd4OGXzt2U-QkaVnAN-c8X7B55k8f46cBOBHktQf9SrwZR2Osw==
expires
0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.nytimes.com
access-control-max-age
300
age
11
cache-control
max-age=30
content-length
0
date
Tue, 14 Feb 2023 14:14:44 GMT
samizdat-x-canary
false
samizdat-x-instance
c393c849
samizdat-x-kubernetes-namespace
default
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google, 1.1 varnish
x-b3-traceid
23319c06f4d8cca1-7c7c80c476cc3017-0
x-cache
HIT
x-cache-hits
8
x-datadog-trace-id
23319c06f4d8cca1-7c7c80c476cc3017-0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
15
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-meridiem
AM
x-nyt-region
QC
x-samizdat-query-exe-id
b15a257b29f6a7a2
x-samizdat-query-field-errors
0
x-served-by
cache-yul12825-YUL
x-timer
S1676384084.079640,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/
1 KB
1 KB
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
092d166797b8c29a677b03a33241ed55e4ba9ac35d825b2a7ad5ad113238c6ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5

Response headers

content-encoding
gzip
x-nyt-meridiem
AM
x-b3-traceid
2a41182be5b8509b-356421c7bba32d50-0
age
1251
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
d1ea1c5ab654db80
samizdat-x-canary
false
x-served-by
cache-yul12820-YUL
x-nyt-country
CA
x-timer
S1676384084.094630,VS0,VE1
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, Origin
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
QC
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:AM
x-nyt-edge-cache
HIT
x-cache-hits
73
x-samizdat-query-sup-code
date
Tue, 14 Feb 2023 14:14:44 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
HIT
samizdat-x-instance
05f2332e
x-envoy-upstream-service-time
18
content-length
668
last-modified
Tue, 14 Feb 2023 13:31:56 GMT
server
envoy
samizdat-x-kubernetes-namespace
default
access-control-allow-credentials
true
x-datadog-trace-id
2a41182be5b8509b-356421c7bba32d50-0
accept-ranges
bytes
timing-allow-origin
*
standalone-client.bundle.js
myaccount.nytimes.com/unified_lire/js/
37 KB
15 KB
Script
General
Full URL
https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9b1c1e318ca29b1805e42e7b40baa4fe51a633d941429b9954553ea2aea86b99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Mon, 13 Feb 2023 20:48:25 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
lire-ui.auth.nyti.nyt.net:443/*
x-api-version
F-X
age
408
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache
HIT
x-envoy-upstream-service-time
30
content-length
14548
x-served-by
cache-yul12820-YUL
x-nyt-backend
lire-ui
server
envoy
etag
"6mHQVA"
content-type
application/javascript
x-cloud-trace-context
75aeefed5f1e6e83d8685c1e5dcdfb38
cache-control
public, max-age=600
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
9
/
mwcm.nytimes.com/capi/metered_assets/
58 KB
14 KB
Fetch
General
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_medium=email&utm_source=Campaigner&utm_term=OZY&plat=web&mc=0&gr=METER_LIMIT&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=gateway
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-434464006180894dcc6f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
40573b8e117c579e179e1735087407146ee55034749be26c2407731e936b8843
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache
MISS
x-envoy-upstream-service-time
284
x-served-by
cache-yul12820-YUL
server
envoy
x-cmots-campaign-names
{"barOne":"MAG_web_nonsub_all_monthly-sale_1","gateway":"MAG_web_nonsub_all_monthly-sale_1"}
x-timer
S1676384084.132886,VS0,VE300
vary
x-nyt-user-status, x-nyt-country, x-nyt-device, X-NYT-Currency, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-country, x-nyt-continent, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
f8c16e555cd8b3e111d91ad5798117b5
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-muassets
accept-ranges
bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 14:07:46 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
418
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Feb 2023 16:07:46 GMT
activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02...
5290727.fls.doubleclick.net/ Frame 0260
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%...
878 B
567 B
Document
General
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f6.1e100.net
Software
cafe /
Resource Hash
32548b1201fe272d4deac20adf1766a384b6d28dd4ddc76aa1bf4ba61a5a8e42
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
391
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:f400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 07:43:28 GMT
content-encoding
gzip
via
1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
PHL51-P1
age
23476
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
mg8anKu3urh-5wBmwgD3TpgJDD5Pi55BPq3QX06rBDn3Wfz-3kVNOw==
expires
Wed, 15 Feb 2023 07:43:28 GMT
show-ads.js
a1.nyt.com/analytics/
45 B
709 B
Script
General
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 09 Jun 2021 09:57:13 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
17762
x-guploader-uploadid
ABg5-UxgqzL25OTuimiFBSq1j9tT_eS7BaAFxisV7DBVSzlWjBRdRaKIj9inn_eoVPpyxC4dS7bch3ZdxD7gZGqrSd0DsX75aw
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
65
x-served-by
cache-yul12820-YUL
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1676384084.273179,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
x-goog-generation
1608239975905841
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
45
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
6695
comscore-streaming.js
a1.nyt.com/analytics/
103 KB
19 KB
Script
General
Full URL
https://a1.nyt.com/analytics/comscore-streaming.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 09 Jun 2021 10:57:29 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
23187
x-guploader-uploadid
ABg5-UydnD5cVIAcKQgDcoUoOTpTsX3FpMkOz0RixW28j9uK-gBjslNNAteQo811sQvDYFe8K3ww_kfJPp9QlU4YwQ
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
18717
x-served-by
cache-yul12820-YUL
last-modified
Thu, 17 Dec 2020 21:19:35 GMT
server
UploadServer
x-timer
S1676384084.273297,VS0,VE0
etag
"04e0b9556a78ce5cedf86a34e5483036"
vary
Accept-Encoding
x-goog-generation
1608239975621789
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
105675
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
6481
nyt.js
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/
4 KB
3 KB
Script
General
Full URL
https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3128ea436a6cf8295a2c73c934b9d60053e42ec5dc3529f0113f26c6ca8c1cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1584
cf-polished
origSize=4684
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Tue, 14 Feb 2023 13:48:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoTRKGfby5gXx01rJ3hyzS4WiDfdotHPHemGlL%2Fy3CB8s7%2Fj2dwYNkxuE2benpfFHwYRVvqmk9uxQDYk%2FPePnqD%2Fo1H3Hr0zEW60%2FZtC6M8ACWEmOIKwoRi%2F1kguj172tojccjaDQH2eNS1SP%2F2r3GjceA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7996696e6cd28c90-EWR
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=987858436
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZGEzMzk5ODYtZDg2Mi00YTk4LWJiZjUtZmRlYTAwM2IyNjM5&gdpr=0&gdpr_consent=&ttd_tdid=da339986-d862-4a98-bbf5-fdea0...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639&google_gid=CAESECr-2I26S5CwhI2NgcrLhlo&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6456543293076970714&ttd_tdid=da339986-d862-4a98-bbf5-fdea003b2639
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-rhLULENE2uLpFvdIqm1C1H2srQw8fHI-~A&gdpr=0
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=0&gdpr=0&gdpr_consent=
0
17 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=da339986-d862-4a98-bbf5-fdea003b2639&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
vhs-plugin-cover-vi.min.js
static01.nyt.com/video-static/vhs3/
50 KB
12 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs-plugin-cover-vi.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b67d4a0b87ec653465171ef26e08dce78b330805ce90d103d3dd92acf7eff782
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 15 Feb 2023 22:16:57 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
336008
x-guploader-uploadid
ADPycdtosFNWirHXcQr9KoJh29uhLWVu0H5cKfP359UvDv2hpa2TfIQa5Va2aloNx1Ukk0FiHPctgTW--JUurfS2Cvq8OYdHG6Iq
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12002
x-served-by
cache-iad-kjyo7100170-IAD, cache-yul12820-YUL
last-modified
Wed, 08 Feb 2023 22:16:53 GMT
server
UploadServer
x-timer
S1676384084.409098,VS0,VE0
etag
"733f274a277ab674faea7fde9f1acbe8"
vary
Accept-Encoding
x-goog-generation
1675894613630746
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=b0oGuQ==, md5=cz8nSid6tnT66n/enxrL6A==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
51608
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38, 31397
vhs-hlsjs.min.js
static01.nyt.com/video-static/vhs3/
226 KB
68 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs-hlsjs.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
064713199f704da4c404f31cc140b7df3bab94b00e06dcc09f87cdc9d1ab1a89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 05 Oct 2022 08:34:36 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
336007
x-guploader-uploadid
ADPycdueYWaQVwmvzI_PpAOuo2tV34ug4YwVOqWOd_lU5DSAfi1hZlW28wQVes4K6gOVnCfGpYu8lGilyw2oMmMUvHPfPwTuU5YZ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
69355
x-served-by
cache-iad-kjyo7100082-IAD, cache-yul12820-YUL
last-modified
Wed, 21 Sep 2022 12:44:39 GMT
server
UploadServer
x-timer
S1676384084.426825,VS0,VE0
etag
"7f53ca0f89c956c82def8fefd50844a6"
vary
Accept-Encoding
x-goog-generation
1663764279097313
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=2DbcOw==, md5=f1PKD4nJVsgt74/v1QhEpg==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
231097
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1928, 6627
container.html
d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4087
6 KB
3 KB
Document
General
Full URL
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:43 GMT
expires
Wed, 14 Feb 2024 14:14:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 9A73
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
320 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
320
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 14 Feb 2023 14:14:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0T6DN9TAJ4D9FXEMV1VB

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Feb 2023 14:14:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
30RHE1AAXYR3PNRHJ6PY
dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus...
adservice.google.com/ddm/fls/i/ Frame 5571
877 B
626 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d75d88b11cc63085f08b0f53a106a2948ad2cd92c056306ef06535badf4ae9c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
390
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pnytimes.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting&u=DdhDqTOZjujdvFWX&d=nytimes.com&g=16698&g0=national_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&b=3576&_c=pdb&_m=email&_x=Campaigner&_y=Tuesday_02.14.23&_z=OZY&t=_aF25CTE3j1BYAslOBdL_VvpNtap&V=139&i=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York%20Times&tz=0&_acct=anon&sn=1&sv=B9Cf8SKXWlZC4pDlBkgIlxB2Ulu4&sd=1&im=06679ff3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.243.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-243-32.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 14:14:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4087
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
URL: https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 13:50:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
174238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Feb 2024 13:50:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4087
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
URL: https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 14:14:44 GMT
enter-email
myaccount.nytimes.com/auth/iframe/ Frame 6183
19 KB
9 KB
Document
General
Full URL
https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy / Express
Resource Hash
f31253ee4c07f10b5fccaa7c6747a95882a3fd5ca722ce8bb292c1e09a169413
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
content-security-policy
default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 14:14:44 GMT
etag
W/"4caf-E+rze/S/LJ5WU0W5Y3dZ/l9CaMs"
expires
0
pragma
no-cache
resp-details
[[it:lui]]
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding
via
1.1 google, 1.1 varnish
x-api-version
F-X
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
c3e7558b76f72990d69327a833320641
x-content-type-options
nosniff
x-datadog-parent-id
8112079812244642054
x-datadog-sampled
1
x-datadog-sampling-priority
0
x-datadog-trace-id
2379508926134887623
x-envoy-decorator-operation
lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time
25
x-nyt-backend
lire-ui
x-nyt-edge-cache
MISS
x-powered-by
Express
x-served-by
cache-yul12820-YUL
65568.js
cdn.brandmetrics.com/scripts/bundle/
44 KB
14 KB
Script
General
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
053e57457f03b8be1810797e6057afdc606e8bb492a73c2a27f2e22230971bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1581
cf-polished
origSize=45566
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Tue, 14 Feb 2023 13:48:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FvGP3t8RR%2FL8uo7ArMIuHli6ASVPvjY3xIKRe9%2Fd1pREgc7I%2B7pnPVRnQIrrJkmK0me9Mj2C9Gp%2BQjdfjdNYxGPIjbL4FkmsHhwu%2Btp5x69mWczAq%2FYuuQDZQPA08YYifvcLF%2FfIfVmtUib9S7%2F81AKMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
799669714b0f8c90-EWR
collect
www.google-analytics.com/j/
3 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1392706905&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting&dr=&ul=en-us&de=UTF-8&dt=Police%20Say%20Gunman%20Is%20Dead%20After%20Shooting%20at%20Michigan%20State%20University%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACgBM~&jid=465260254&gjid=290587987&cid=1731079406.1676384084&tid=UA-58630905-2&_gid=567902836.1676384085&_r=1&_slc=1&gtm=45He32d0n71P528B3&cg1=us&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting&cd2=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&cd3=%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail&cd9=9&cd10=null&cd13=null&cd14=national_desk&cd15=earned&cd16=referring_links&cd21=liveblog&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=national_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=1&cd63=0GkrDjZIJjUJIhztjxStr-&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=0GkrDjZIJjUJIhztjxStr-&cd172=desktop&cd173=desktop&z=1830482905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
988b8111-3472-4190-9c5e-7275da6ad255
https://www.nytimes.com/
1 KB
0
Media
General
Full URL
blob:https://www.nytimes.com/988b8111-3472-4190-9c5e-7275da6ad255
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus...
adservice.google.ca/ddm/fls/i/ Frame C02C
194 B
301 B
Document
General
Full URL
https://adservice.google.ca/ddm/fls/i/dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNyd5K6Zlf0CFdcSwQodr5AOPQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8431966934671;gtm=45He32d0;auiddc=1399178697.1676384084;u17=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2Flive%2F2023%2F02%2F13%2Fus%2Fmichigan-state-shooting%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_02.14.23%26utm_source%3DCampaigner%26utm_medium%3Demail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:44 GMT
expires
Tue, 14 Feb 2023 14:14:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
unified-lire.bundle.js
myaccount.nytimes.com/lire_ui/js/ Frame 6183
470 KB
157 KB
Script
General
Full URL
https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=9d27970
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
f2859c18a274d988c4e21803e47de7c41f66060fc060b66822e165b44f82492c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Feb 2023 07:49:57 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
lire-ui.auth.nyti.nyt.net:443/*
x-api-version
F-X
age
136
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache
HIT
x-envoy-upstream-service-time
33
content-length
159618
x-served-by
cache-yul12820-YUL
x-nyt-backend
lire-ui
server
envoy
etag
"6mHQVA"
content-type
application/javascript
x-cloud-trace-context
4f5a5ecce11c52c9cfbc95a3f1ed8346
cache-control
public, max-age=600
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
4
view
securepubads.g.doubleclick.net/pcs/ Frame 4087
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmURULa52Yma1lr0bzc2uvDONnRcHgn3y9n-wUcaqWKc6KkJJ3rxDwgiplBvjhZnLAAsT9mSeuaS8FjLNDGDjCgk9ut0mU7dbdcXj0B4VKxOBtAmIEQlK-5zS4h_cqk2BY_xqV6i-N5QLXnU0B8yMrRNLucrlUJzzNVheJa3jvIOmV9kWHyzAtCNKHu5J6JpaC5FvMMd1qxVzUIc5UzjpG7Yi3w8Bnd-AvsgrM5xIpWiXZar3CJaoumcia1fk8i8oFpyq6ap9D_L70PF4TW2LZdq4gdLi-zrvgfsklf88XX9rIOVOl33ZFRPl-1ub4NHkbqLgtTevEWkFVXkpK7mY1bd4IWCFgSUZbdI2UvkmuPJ1IV2CVvuCYEQZ8d5SOB7NTflPeTUrFzf_9rhmesqkd0y0YJ7axN6TNaQ&sai=AMfl-YSa4bMospcAgUAE6McLoKN6j2WBbAjo0YnWkqDpI4Eaww76PzsByrVl65CJGLkQiKRZFJ8DtJUpndBj2QdHimCEaELvNtBkOGn2_ItSkm6_3K36bQxBSx6GVCsnWlZnxviXtjF82vElnvobg80&sig=Cg0ArKJSzED_QUVsJeo5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
URL: https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
flex
www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/ Frame C424
4 KB
2 KB
Document
General
Full URL
https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Requested by
Host: d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
URL: https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
4acf30f8b5b5abc1bd6deb2c13677669a857c8906cad2ca7277b754c32d0dc89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
age
289
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1070
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html;charset=UTF-8
date
Tue, 14 Feb 2023 14:14:44 GMT
expires
0
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
pragma
no-cache
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding,x-nyt-country, X-NYT-Currency, Fastly-SSL
x-api-version
F-X
x-cache
HIT
x-cache-hits
6
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
x-envoy-upstream-service-time
21
x-gdpr
0
x-magnolia-vary
x-nyt-country, X-NYT-Currency
x-nyt-app-webview
0
x-nyt-country
CA
x-nyt-edge-cache
HIT
x-nyt-route
mwcm-banner-ads
x-origin-time
2023-02-14 14:09:56 UTC
x-served-by
cache-yul12820-YUL
x-timer
S1676384085.755490,VS0,VE1
c.js
collector.brandmetrics.com/
0
188 B
Script
General
Full URL
https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=2585954
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Tue, 14 Feb 2023 14:14:43 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
ATH8A-MAMN8-XPXCH-N5KAX-8D239
s.go-mpulse.net/boomerang/ Frame 6183
205 KB
50 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:9000:6af::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://myaccount.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
br
last-modified
Mon, 16 Jan 2023 00:54:24 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
track
a.et.nytimes.com/ Frame 6183
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

tags.js
dd.nytimes.com/ Frame 6183
205 KB
43 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-128.phl51.r.cloudfront.net
Software
Apache /
Resource Hash
470a6505ac2b36a1f2888a1ff34961732ec3a4c832e6edae908a164307a06bd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://myaccount.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 13:47:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 87bf84f333bc8ae1d8c723bf1e035c1e.cloudfront.net (CloudFront), 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2, PHL51-P1
age
1606
x-cache
Hit from cloudfront
content-length
42976
last-modified
Thu, 09 Feb 2023 16:46:15 GMT
server
Apache
etag
"33255-5f4471e891452-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
uLgxf-u7Z6kIe-AegY8FMowOiUr_7gM_QKkaHP3f77K1EeGbRtmQ0w==
expires
Tue, 14 Feb 2023 14:47:58 GMT
truncated
/
326 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b0f824babe9d179a2094eba7075ce1ab999f67fa779c9aa9688298d4bfa9b66

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
main_flex.css
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/ Frame C424
344 KB
42 KB
Stylesheet
General
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b3fdb813192098028336976db08f3065344ea01a1d5df815c29bc1476d4f3912
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
via
1.1 varnish
age
13883
x-cache
HIT
x-envoy-upstream-service-time
15
content-length
43178
x-served-by
cache-yul12820-YUL
last-modified
Wed, 28 Sep 2022 19:05:59 GMT
server
envoy
x-timer
S1676384085.815226,VS0,VE0
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-origin-server
mwcm-pub-est05.prd.iad1.nyt.net
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
63
970x250_2X_.gif
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame C424
243 KB
244 KB
Image
General
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/970x250_2X_.gif
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
f745cef00cf29b0b9806d20bdc65ae6c07696c7daa7984f37dcf21b3e64ac9bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
542147
x-cache
HIT
x-envoy-upstream-service-time
3
content-length
249151
x-served-by
cache-yul12820-YUL
last-modified
Wed, 28 Sep 2022 19:05:24 GMT
server
envoy
x-timer
S1676384085.815329,VS0,VE0
content-type
image/gif;charset=UTF-8
x-origin-server
mwcm-pub-est08.prd.iad1.nyt.net
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
4
300x250_2X.gif
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame C424
189 KB
189 KB
Image
General
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/300x250_2X.gif
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
5b1e6e8a48f4f9f2b5c1651045906dfb671cf15e8a9571b94d223dbc00109874
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
21415
x-cache
HIT
x-envoy-upstream-service-time
3
content-length
193787
x-served-by
cache-yul12820-YUL
last-modified
Wed, 28 Sep 2022 19:05:24 GMT
server
envoy
x-timer
S1676384085.919803,VS0,VE0
content-type
image/gif;charset=UTF-8
x-origin-server
mwcm-pub-est08.prd.iad1.nyt.net
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
4
NYTAllAccess_Black.svg
mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/ Frame C424
14 KB
6 KB
Image
General
Full URL
https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/images/NYTAllAccess_Black.svg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/subscription/ads/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/flex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
1f4a49e702d0d77e1694817dd9cf1ba8569a9e2506ff6f3e6eaab2be2b14b46d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
x-envoy-decorator-operation
mwcm-pub-prd.growth-mc.nyti.nyt.net:443/*
content-encoding
gzip
strict-transport-security
max-age=63072000; preload; includeSubdomains
via
1.1 varnish
age
542289
x-cache
HIT
x-envoy-upstream-service-time
3
content-length
6269
x-served-by
cache-yul12820-YUL
last-modified
Wed, 28 Sep 2022 19:05:24 GMT
server
envoy
x-timer
S1676384085.926867,VS0,VE0
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
x-origin-server
mwcm-pub-est07.prd.iad1.nyt.net
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
278
view
securepubads.g.doubleclick.net/pcs/ Frame 4087
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyHs9M90NS0Et1EtiHCuZY2mNSbeyJsgzUMnoGfcJNO-fbCzNMezZAqZj0o7-PD3JQb_l27I3_qa2cNk2A1r0mavelLkNyVxPauPCeyRYEhaHrforVwA-C8NUzm1-G9gYvsoa9GqsqjpTBhpivFi32Ky1eD8ATUJr1rLc5YpJuOITRMftlBlCpZLbz0dUiRU6e---pAXPqyyXhy1Sl23nAxr8HC-6xFkRRxpFavOVdw48nzK5RiO01nJVVeIE-9FateoOuanb1XhOduO4TermhsY16sWUUB07FeFHZjRDcm_cWzKXfGQj85uvB0DodKuhZ0jXUFB7W-wybK6rjhegOweHt3fP1NJ2dYIOtYENe_QIlK3PxDhQrRDdZ2zQfook&sai=AMfl-YR1nquLOJy2y1ajY7GfdmmkeMaj5eLq22MmRNXx8x4oYYN4w5ey5OqB_jv6lxYowJ19ZYeEJbino47r5LtfCPUPwIIRgpzZ8kNqvKOgrQCRdqBMyrRrVVTTbVL3GBIA67WDUWzSEvRYWbegca8&sig=Cg0ArKJSzNjDIdLvIP1xEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Feb 2023 14:14:44 GMT
track
a.et.nytimes.com/ Frame 6183
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

data-layer
a.nytimes.com/svc/nyt/ Frame 6183
1 KB
1 KB
Fetch
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252Flive%25252F2023%25252F02%25252F13%25252Fus%25252Fmichigan-state-shooting%25253Futm_term%25253DOZY%252526utm_campaign%25253Dpdb%252526utm_content%25253DTuesday_02.14.23%252526utm_source%25253DCampaigner%252526utm_medium%25253Demail%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-9230
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=9d27970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
envoy /
Resource Hash
8972988af10b066e292bb3404c7e3853a03766da8cc473fc6285f95408ab7087
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://myaccount.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:44 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
a.nytimes.com:443/*
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://myaccount.nytimes.com
x-cloud-trace-context
f6abf04f0b4c9d4c63e599883ef1eff6
cache-control
private
access-control-allow-credentials
true
x-envoy-upstream-service-time
32
access-control-allow-headers
Content-Type, x-requested-by
pr
s.amazon-adsystem.com/v3/ Frame 199B
2 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d8f7ceb7f315b311a4fead2fb761be439b5d653a7718422620d43e55d8acb95a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2112
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 14 Feb 2023 14:14:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CJTF17W628AANSDB94NV
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

truncated
/ Frame 4087
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a19ad43af9b4443371f405820f6f96fcb301e6d384fe0188790012de6e2e78bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 6183
29 KB
29 KB
Font
General
Full URL
https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://myaccount.nytimes.com/
Origin
https://myaccount.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Jun 2022 10:28:10 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
21699993
x-guploader-uploadid
ABg5-Uw9gbEQkSl-WW0XENkw82smGFaqSxrwotQXd3HpDshsKuwHA49nAg8Ow02vEfOt39fAZICowhkFZs3H3wS5hVMg-SF6AQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
29324
x-served-by
cache-yul12825-YUL
last-modified
Mon, 16 Nov 2020 14:58:37 GMT
server
UploadServer
x-timer
S1676384085.954769,VS0,VE0
etag
"728e9527fef73904783dd2561029d091"
x-goog-generation
1605538717313763
content-type
font/woff
access-control-allow-origin
*
x-goog-hash
crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
29324
accept-ranges
bytes
x-nyt-pagetype
nyt-fonts-legacy-asset
timing-allow-origin
*
x-cache-hits
230
nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 6183
29 KB
29 KB
Font
General
Full URL
https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://myaccount.nytimes.com/
Origin
https://myaccount.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 16 Feb 2023 06:39:40 GMT
date
Tue, 14 Feb 2023 14:14:44 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
31390505
x-guploader-uploadid
ADPycdvIiIFnmtLhZsjqGbo2fM5p66h0LHWQ0HS1hEbVjxJNgPUH_VMQoQ4JGfZLWDPk4bCivIR-OPfxibhj2rd1bVJNg7PiUA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
29504
x-served-by
cache-yul12825-YUL
last-modified
Mon, 16 Nov 2020 14:58:37 GMT
server
UploadServer
x-timer
S1676384085.954992,VS0,VE0
etag
"2c984913a2cbf4fb7c2f5cb3cb768ec7"
x-goog-generation
1605538717322939
content-type
font/woff
access-control-allow-origin
*
x-goog-hash
crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
29504
accept-ranges
bytes
x-nyt-pagetype
nyt-fonts-legacy-asset
timing-allow-origin
*
x-cache-hits
226
ecm3
s.amazon-adsystem.com/ Frame 199B
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3193856851454749000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3193856851454749000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
60HJ3X20GXF0YKY19B9A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3193856851454749000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 14 Feb 2023 14:14:45 GMT
track
a.et.nytimes.com/ Frame 6183
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

usermatch
ssum-sec.casalemedia.com/ Frame 970A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
2e8f3ec3943b3c904bc49bf6dd7e6cd58015d37cc146a6026b7b32dd1a226cc8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1717
Content-Type
text/html
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9E4
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.192.201 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-192-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161351
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 14 Feb 2023 14:14:45 GMT
expires
Thu, 16 Feb 2023 11:03:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E8DF
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Feb 2023 14:14:45 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame A396
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1GNC5pNTZsRTJ1TEVoSFlRNXFiX1RNM0E2RDJBeWU5TH5B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1GNC5pNTZsRTJ1TEVoSFlRNXFiX1RNM0E2RDJBeWU5TH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
35Y3N0WBHGVNTM3P77A9

Redirect headers

age
0
content-length
0
date
Tue, 14 Feb 2023 14:14:45 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1GNC5pNTZsRTJ1TEVoSFlRNXFiX1RNM0E2RDJBeWU5TH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 69F1
693 B
710 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
32936e7feed43f662694252c472e2599fc1def500e58c229f962298b793a9409

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
400
content-type
text/html
date
Tue, 14 Feb 2023 14:14:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 440E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6456543293076970714&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=6456543293076970714&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6HYVRMZ359KR6MTNHPY0

Redirect headers

AN-X-Request-Uuid
de4760a7-1db2-4081-b8b5-8026821b6115
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6456543293076970714&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame E827
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1526667687484179826731
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1526667687484179826731
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8N0VTDSPXAS5HEHM5K2S

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 14 Feb 2023 14:14:45 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1526667687484179826731
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cheltenham-normal-300.woff2
g1.nyt.com/fonts/family/cheltenham/ Frame C424
27 KB
27 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.woff2
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 07:47:28 GMT
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1751237
x-guploader-uploadid
ADPycdt0yQPRAVtZDXT5lsuBdczE-xaHptObvYqaOUwjM9tby5mKh1hLaVWfGTAnDCaznaRSjyL5bi4DjG2wOCYLy5BGBw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27260
x-served-by
cache-yul12824-YUL
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1676384085.049231,VS0,VE0
etag
"7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation
1673991775009561
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
27260
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
110
franklin-normal-300.woff2
g1.nyt.com/fonts/family/franklin/ Frame C424
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.woff2
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 01 Nov 2023 08:39:47 GMT
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
9092096
x-guploader-uploadid
ADPycdveKh7tps3CRDFFw0yRNWZYix9ALnp96p8E44s3EV5sV0EDdfpZLkB58cvXZNw0P-4sj_CcXtfxcugtfEZ-l-O46w
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-yul12824-YUL
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1676384085.049387,VS0,VE0
etag
"a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation
1651598151029342
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20136
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
585
franklin-normal-700.woff2
g1.nyt.com/fonts/family/franklin/ Frame C424
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff2
Requested by
Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/dam/mkt_assets/crs/banners/MON-221469-ADA-OwnedMedia-INTL-Sept-2022/lib/css/main_flex.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://mwcm.nyt.com/
Origin
https://www.nytimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 07:19:25 GMT
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
6504919
x-guploader-uploadid
ADPycduzcI3WJ0O9_qzDSJBlJuwHu74JZgpl_WFRbzQbxdmSw-ig_0RLDWgMXvaO1iU433CK2IIhEDg14J9-HysJC6sbZH2wsnrl
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
20312
x-served-by
cache-yul12824-YUL
last-modified
Mon, 16 Nov 2020 16:08:41 GMT
server
UploadServer
x-timer
S1676384085.049404,VS0,VE0
etag
"b44c88f09ca7ce914b836d4ae72891b8"
x-goog-generation
1605542921594434
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20312
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
899
/
dd.nytimes.com/js/ Frame 6183
240 B
626 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-128.phl51.r.cloudfront.net
Software
DataDome /
Resource Hash
a14bab5a4b1db65b3b291dd0c51ed44bc63cac0fc0a8682534248883ae44c0b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://myaccount.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 a147f9c60c162e36df3586fdd9c01478.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
240
x-amz-cf-id
2FxWouqX3YtsVhFyjSV67dxO5PItIDDtYzlqY74Wy3iWPXyjrU2I3w==
expires
0
cksync.php
cs.media.net/
236 B
825 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
236
X-MNET-HL2
E
Expires
Tue, 14 Feb 2023 14:14:45 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y_uXVQAHEqRNEQA_
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_uXVQAHEqRNEQA_&_test=Y_uXVQAHEqRNEQA_
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_uXVQAHEqRNEQA_&_test=Y_uXVQAHEqRNEQA_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12833-YUL
pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1676384085.218451,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_uXVQAHEqRNEQA_&_test=Y_uXVQAHEqRNEQA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=da339986-d862-4a98-bbf5-fdea003b2639&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=da339986-d862-4a98-bbf5-fdea003b2639&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 14 Feb 2023 14:14:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=da339986-d862-4a98-bbf5-fdea003b2639&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
cksync.php
contextual.media.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=medianet&bsw_param=0914d83a-7bba-44af-9da1-f0d0c93f2e36
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dmedianet%26bsw_param%3D0914d83a-7bba-44af-9da1-f0d0c93f2e36
  • https://rtb2-useast.marketiq.com/sync?adkuid=A7030510351426108912&exchange=685&ssp=medianet&bsw_param=0914d83a-7bba-44af-9da1-f0d0c93f2e36
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A7030510351426108912&expires=5&ssp=medianet&bsw_param=0914d83a-7bba-44af-9da1-f0d0c93f2e36
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0914d83a-7bba-44af-9da1-f0d0c93f2e36&gdpr=&gdpr_consent=&gdpr_pd=
237 B
658 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0914d83a-7bba-44af-9da1-f0d0c93f2e36&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 14:14:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 14 Feb 2023 14:14:45 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0914d83a-7bba-44af-9da1-f0d0c93f2e36&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 14 Feb 2023 14:14:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
cs.media.net/
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=5baff17e6f1613ae&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovs...
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAIneeMuiewjwN2ieKKAAAAAAA&expiration=1676470485&is_secure=true
237 B
828 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAIneeMuiewjwN2ieKKAAAAAAA&expiration=1676470485&is_secure=true
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
HTTP/1.1
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
237
X-MNET-HL2
E
Expires
Tue, 14 Feb 2023 14:14:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAIneeMuiewjwN2ieKKAAAAAAA&expiration=1676470485&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd3d1a48-adb2-4256-95be-4d1e2a18bad1
237 B
973 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd3d1a48-adb2-4256-95be-4d1e2a18bad1
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 14:14:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 14 Feb 2023 14:14:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd3d1a48-adb2-4256-95be-4d1e2a18bad1
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1710652
content-length
0
expires
Tue, 14 Feb 2023 00:00:00 GMT
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MsmCxGOl1PrW4Z5
237 B
816 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MsmCxGOl1PrW4Z5
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
HTTP/1.1
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
237
X-MNET-HL2
E
Expires
Tue, 14 Feb 2023 14:14:45 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-070f78256c0a8375b@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=MsmCxGOl1PrW4Z5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 69F1
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=cbc6a197-9858-81f3-a834-abd7383fb1db
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G3VP12FKVKEPGY7Q9FVP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
07d7bbae-145e-a840-59ed-3fb5af5bb772
pr-bh.ybp.yahoo.com/sync/openx/ Frame 69F1
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/07d7bbae-145e-a840-59ed-3fb5af5bb772?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:2953:22ad:7c97:d637 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 69F1
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cbc6a197-9858-81f3-a834-abd7383fb1db
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WFQ83WGQNF004WAGRAPQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 69F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9310ddea-84f2-3a09-683a-2940500c7a3b&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=da339986-d862-4a98-bbf5-fdea003b2639&expiration=1678976085&gdpr=0&gdpr_consent=
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=da339986-d862-4a98-bbf5-fdea003b2639&expiration=1678976085&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=da339986-d862-4a98-bbf5-fdea003b2639&expiration=1678976085&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
pixel
cm.g.doubleclick.net/ Frame 69F1
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmY3ZjBlMjAtNGQ4NS02NGFkLTdkZGEtNzNmOTlhZWViNDVi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 69F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITvyYXxZXJxehAgOyFjrcE&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITvyYXxZXJxehAgOyFjrcE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITvyYXxZXJxehAgOyFjrcE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/ Frame 6183
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Flive%252F2023%252F02%252F13%252Fus%252Fmichigan-state-shooting%253Futm_term%253DOZY%2526utm_campaign%253Dpdb%2526utm_content%253DTuesday_02.14.23%2526utm_source%253DCampaigner%2526utm_medium%253Demail&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

usync.js
eus.rubiconproject.com/ Frame E8DF
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9f53a0959d5fe4bcd2b0b0d81563dc3b571128f04347dbbe322433fbcb855002

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 14:14:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2023 12:15:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79229
Connection
keep-alive
Content-Length
10005
Expires
Wed, 15 Feb 2023 12:15:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C9E4
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=557474&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a38edce2f6a4980a261666bb362a9443094a2791520795dde49991e5ec46eb52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 14 Feb 2023 14:14:44 GMT
content-length
1547
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame E8DF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LE4BSS0J-O-MCN3
  • https://s.amazon-adsystem.com/ecm3?id=LE4BSS0J-O-MCN3&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LE4BSS0J-O-MCN3&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
402B10QYND1BAVMRAPKG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LE4BSS0J-O-MCN3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
crum
dsum-sec.casalemedia.com/ Frame 970A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.uXVbF0Dm0Cglp3AIQQBQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7ypMSDVpiZ9iQabiPjwvg&google_cver=1&google_hm=2
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7ypMSDVpiZ9iQabiPjwvg&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7ypMSDVpiZ9iQabiPjwvg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 970A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-uXVbF0Dm0Cglp3AIQQBQAAAJMAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP28QJWE9Yn87qtvBgw66c8&google_cver=1
43 B
764 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP28QJWE9Yn87qtvBgw66c8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP28QJWE9Yn87qtvBgw66c8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 970A
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-uXVbF0Dm0Cglp3AIQQBQAAAJMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2NV6RWCF3Y0NHMDE9KJB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 970A
70 B
598 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 970A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y_uXVQAG5FtxuAAb
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_uXVQAG5FtxuAAb&_test=Y_uXVQAG5FtxuAAb
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_uXVQAG5FtxuAAb&_test=Y_uXVQAG5FtxuAAb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12833-YUL
pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1676384085.240193,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_uXVQAG5FtxuAAb&_test=Y_uXVQAG5FtxuAAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 970A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758885154381963
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758885154381963
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758885154381963
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 970A
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1692022485&external_user_id=6c23d632-002e-44cd-861f-7788b289495d
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1692022485&external_user_id=6c23d632-002e-44cd-861f-7788b289495d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1692022485&external_user_id=6c23d632-002e-44cd-861f-7788b289495d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ecm3
s.amazon-adsystem.com/ Frame 970A
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y-uXVbF0Dm0Cglp3AIQQBQAAAJMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RPGZC0YEQ1QWY4CTTBEM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 19A5
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.74.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-74-68.compute-1.amazonaws.com
Software
/
Resource Hash
e926b0591510ecddaf192767261e79834934d251a78c9cbcaf1d71c856a8e273

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 14:14:45 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 14 Feb 2023 14:14:45 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 14:14:45 GMT
location
/um/cs&eq_cc=1
vhs-plugin-nyt-analytics.min.js
static01.nyt.com/video-static/vhs3/
26 KB
6 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs-plugin-nyt-analytics.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c6f0d6099bda86c7b0606ec27a827a686cffe1d2f1859774d17e3089c0c39cb1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Fri, 17 Feb 2023 16:54:37 GMT
date
Tue, 14 Feb 2023 14:14:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
336008
x-guploader-uploadid
ADPycduDIetjLEL7mAOCJ2H6Dyx6IQa8BVW2xi7do103OO-ujv8j4WDdn0ETc5lQRmxlguXSalnm9MlXYcAbuZo40Gt5AY8bwktP
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
5697
x-served-by
cache-iad-kiad7000179-IAD, cache-yul12820-YUL
last-modified
Fri, 10 Feb 2023 16:54:31 GMT
server
UploadServer
x-timer
S1676384085.204911,VS0,VE0
etag
"ceacbc337ebf23d1168dec2794d940b4"
vary
Accept-Encoding
x-goog-generation
1676048071756676
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=5U3Asw==, md5=zqy8M36/I9EWjewnlNlAtA==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
26864
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
122, 30345
config.json
c.go-mpulse.net/api/ Frame 6183
6 KB
2 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5587947&v=1.720.0&sl=0&si=8f7ddeb7-63f9-4cd0-b6c8-4cc32e78ca8f-rq2q8l&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:689::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
79e8f8060db60213607388d50e54f219bb8ac69cab12fffa06d01ed6e495006a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://myaccount.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 14:14:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1506
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

match
c1.adform.net/serving/cookie/ Frame 0987
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 14 Feb 2023 14:14:45 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 14 Feb 2023 14:14:45 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame E0E4
85 B
236 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 14 Feb 2023 14:14:45 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1676384085.254215,VS0,VE14
ecm3
s.amazon-adsystem.com/ Frame 2862
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDE0826D71-B9CD-49FF-A1F0-C251CFCFBC85
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Feb 2023 14:14:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RQ03HB40G1F0TWB1RKDB
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4IJtcbnNSf-h8MJRz8-8hQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.200.192.201 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-192-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=161351
accept-ranges
bytes
content-length
5554
expires
Thu, 16 Feb 2023 11:03:56 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame C9E4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEUwODI2RDcxLUI5Q0QtNDlGRi1BMUYwLUMyNTFDRkNGQkM4NRAAGg0I1a6unwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=037f7ceda807db4623bd6b856cfeab5a762fd7eb3baa7d2a12fb8687c198bbb6791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwMzdmN2NlZGE4MDdkYjQ2MjNiZDZiODU2Y2ZlYWI1YTc2MmZkN2ViM2JhYTdkMmExMmZiODY4N2MxOThiYmI2NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwMzdmN2NlZGE4MDdkYjQ2MjNiZDZiODU2Y2ZlYWI1YTc2MmZkN2ViM2JhYTdkMmExMmZiODY4N2MxOThiYmI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1a6unwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=189ff973-b1d5-44a0-b532-7da9660cc2c6
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=189ff973-b1d5-44a0-b532-7da9660cc2c6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=189ff973-b1d5-44a0-b532-7da9660cc2c6
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
33141
tags.bluekai.com/site/ Frame C9E4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E0826D71-B9CD-49FF-A1F0-C251CFCFBC85&gdpr=0&gdpr_consent=
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-iwWnPrxE2pRFfAClrcgo_W7RSvTmxmmC1Q--~A&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=da339986-d862-4a98-bbf5-fdea003b2639&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=932625c9a02cf235
62 B
436 B
Image
General
Full URL
https://tags.bluekai.com/site/33141?&id=932625c9a02cf235
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 14 Feb 2023 14:14:45 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=932625c9a02cf235
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame C9E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTA4MjZENzEtQjlDRC00OUZGLUExRjAtQzI1MUNGQ0ZCQzg1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 14:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C9E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcETpGv9mGqte0Qp3ye-F8&google_cver=1
42 B
527 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcETpGv9mGqte0Qp3ye-F8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 14:14:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcETpGv9mGqte0Qp3ye-F8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C9E4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A3F51CBB47514622B71CB37E13E3FD70
42 B
289 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A3F51CBB47514622B71CB37E13E3FD70
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 14:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 14 Feb 2023 14:14:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A3F51CBB47514622B71CB37E13E3FD70
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 13 Feb 2023 14:14:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9E4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7620079821392486248&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7620079821392486248&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 14:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7620079821392486248&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 14 Feb 2023 14:14:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C9E4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=
42 B
510 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Feb 2023 14:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
tap.php
pixel.rubiconproject.com/ Frame E8DF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NEURYnlsPl8bb2gMPblTeA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wD7ApZhE2oJ9UnVuh8nt2xtJ8hUoun_dphEm6A--~A
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wD7ApZhE2oJ9UnVuh8nt2xtJ8hUoun_dphEm6A--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 14 Feb 2023 14:14:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wD7ApZhE2oJ9UnVuh8nt2xtJ8hUoun_dphEm6A--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E8DF
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K667N80FN4S2GHTHPXWE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E8DF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=&expires=30
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da339986-d862-4a98-bbf5-fdea003b2639&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame E8DF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4BSS0J-O-MCN3
0
517 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4BSS0J-O-MCN3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 92BE0A7EE0C84E7B97B1FC5FEF9F8FB5 Ref B: YTO01EDGE0721 Ref C: 2023-02-14T14:14:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0qZXr3HE61OfoHK9V/w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LE4BSS0J-O-MCN3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame E8DF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7ayZDw_sRkWfjyl4Yf01TQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7ayZDw_sRkWfjyl4Yf01TQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7ayZDw_sRkWfjyl4Yf01TQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WGNB59VG5R9W3PB1E6EC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7ayZDw_sRkWfjyl4Yf01TQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E8DF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDdmZDVlYzc4ZmM2ODIyNDhlZjhkZmIxMTJhNjc1NThkM2JkZTIwMw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDdmZDVlYzc4ZmM2ODIyNDhlZjhkZmIxMTJhNjc1NThkM2JkZTIwMw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDdmZDVlYzc4ZmM2ODIyNDhlZjhkZmIxMTJhNjc1NThkM2JkZTIwMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E8DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK5d5mb9ClKfBDtnXIWgGM8&google_cver=1
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK5d5mb9ClKfBDtnXIWgGM8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK5d5mb9ClKfBDtnXIWgGM8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E8DF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0QlNTMEotTy1NQ04z
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0QlNTMEotTy1NQ04z
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU0QlNTMEotTy1NQ04z
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 19A5
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=61db2d0d-3e76-4eb9-9ad2-3c9b779e9425&expiration=1684073685
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Feb 2023 14:14:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0
report
csp.dev.nytimes.com/ Frame 6183
418 B
498 B
Other
General
Full URL
https://csp.dev.nytimes.com/report
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
4caa07916e63e2f1750861737c750532cd363c955c6a0ec8649e1f5e316265b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://myaccount.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/csp-report

Response headers

x-served-by
cache-yul12824-YUL
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
Varnish
x-cache
MISS
content-type
text/html; charset=utf-8
accept-ranges
bytes
content-length
418
retry-after
0
x-cache-hits
0
.status
a.et.nytimes.com//
0
0
Fetch
General
Full URL
https://a.et.nytimes.com//.status
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept
*/*
Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93e5663f6062c2f3ec5f632db38a2b873fa74b2ef7ffe945ec9e53fbb8071a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11212
x-xss-protection
0
loader.js
platform.iteratehq.com/
1 KB
1 KB
Script
General
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8ef923620119d860440bb5514bcfe1500bbab3e46b3be9ee463bb93076e2d00
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
x-amz-version-id
BMyBA95hUR0f9yPvYSJ0RVU6YvypTSRs
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
7X1HR3KBD3WRR6B4
age
91
x-amz-id-2
HteAoxSqBOwG9Wla+vNTTVg5mvLcboUGvmcu/hZs2lXldwdpVlww1BCW025TX0UbZKEGGsuaGrqRydhp3e4qjRwCVh+nLgew
last-modified
Mon, 06 Feb 2023 16:07:04 GMT
server
cloudflare
etag
W/"ddca1e7d5aa5ce85b5bc90c78097fe9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TbqPUT98tOc%2BGgdppEZPVB1MGbTsRUac66vajaXMpby6sysPazoc06AX6CsJxEll4GSFpqeXavehJADqiOX8JWXwsvqAv%2F%2FgNRJc8mP2to9F9vN6W3GyW8ucD%2FKc%2BkguhsDOOQ3yLKPIeN3BEYLYMACHwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
799669789be3c47c-EWR
cs.js
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/3005403/cs.js
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
0
359 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol
H2
Server
18.238.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-110.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:00:42 GMT
via
1.1 ccbf01f3e1fbbe27e81779a9bd6e91de.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:41:51 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
844
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
roYYHykX98-MPyIso21rBr0bAJSCqnMxirvcxA2v6ZOBDvZEazP-Hw==

Redirect headers

location
/internal-c2/3005403/cs.js
date
Tue, 14 Feb 2023 14:14:45 GMT
via
1.1 ccbf01f3e1fbbe27e81779a9bd6e91de.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
content-length
0
x-amz-cf-id
zEsMjEDoAoJpnxVHkknyhXsZ_MKQRHH0zlHrs24ZniaJgkO5mKdyQQ==
x-cache
Miss from cloudfront
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 14:14:45 GMT
match-prod-cbb473c85178be03894e.js
platform.iteratehq.com/
85 KB
29 KB
Script
General
Full URL
https://platform.iteratehq.com/match-prod-cbb473c85178be03894e.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215a35cd71ad0a1a35555f891b22cecabed6fe3acf6c4dd5109a8370e94bf398
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:45 GMT
x-amz-version-id
Hkbo5AfKJR6JVBuZtF2LLVDK3lUPne9Q
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
PHQ0XP8JSMYT6XM0
age
684432
x-amz-id-2
9Y60WiL06AjEdUBmGWaZ5tXn3YekLvSkYU0ELCPqHBI3dxYhCy1d2imwmEYgl/tbrAxBKE3m0YSnslsNC+2f7w==
last-modified
Mon, 06 Feb 2023 16:07:03 GMT
server
cloudflare
etag
W/"183f8ca4fc7d445482e2d02db78168d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfvRGRJwsnhuglbqNAd2aZKvC5kHw3SMcyz4Z9uvFx16D8xa8aOJFMx%2B5xtWFiICp8hsnCSkktahIg%2BjeE86tFXjZ8tHw3vAiagIjdPnik44JCo694dwYmrhTYVYG0ue7rmlNzMVzZKSGxHEqxqLFrX%2BRzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
79966978ec75c47c-EWR
embed
iteratehq.com/api/v1/surveys/
64 B
366 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-cbb473c85178be03894e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Feb 2023 14:14:46 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI1DvTvyc51xTdALn%2B8NJ5f%2B4zKquAyo2vpENpI4wyNtSV7XeCRxCJ2vrb8XQ%2F4zzPTRq4q1DKNxn%2FumDHc99f0u%2FRcAgbG%2BJ2eCmgMETM1EBy%2FxiIKSETkhFI6Ipf4Dft9pim93mAE3HQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7996697aaf353fdf-YYZ
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
799669798de53fdf-YYZ
content-length
0
date
Tue, 14 Feb 2023 14:14:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTDM6452V290j8awBNjXCUmK54q5dg55grSmM0AIEhB0KpgekLNAZyidigurFJAqn9ZTp8ksHwBNzB48vFQMEZX1g50WQwD6W51Z8piBotoSmf3XPzGkJBdrkTa6d1YGjGAHgHh8wb5Okdc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4183
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
108026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 08:14:20 GMT
expires
Tue, 13 Feb 2024 08:14:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 73DF
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3b4f1edf79cb9a1725da234564724c2a8a25c688112a00ebcdb17d12e6ac4065
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dvl371yNwsVTCYA6JGN4yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Dvl371yNwsVTCYA6JGN4yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:14:46 GMT
expires
Tue, 14 Feb 2023 14:14:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame 4183
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:41:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
502406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 18:41:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 73DF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020801&jk=823308635577086&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 4087
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuXPUcgOM_pQ40-hLa7WckjSXCh_TtEt0Q5UnfPXm9hf9YSEs2Ud2_EgWLZscOWH3qo_xrrmXdWdd46W4mkVE1wHxSAxwhs56uz2ksmQghMZHEOGmZ&sig=Cg0ArKJSzOE8esY_VUlUEAE&id=lidar2&mcvt=1011&p=146,0,420,1600&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2115286922&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676384084559&rpt=263&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4183
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?iSO67w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
embed
iteratehq.com/api/v1/surveys/
298 B
522 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-cbb473c85178be03894e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e79a2984f6dfa75e6acb23723fb760cc61bc50c03ed18243430fae7167cad46
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Feb 2023 14:14:46 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d89zXTrQhmOcJGMm7svGZeYkIXLf7GJMAxZXQlTv7JAlM5hkCjeEG8oYUODAo8YQY8CFksO5A6YnbAEkZbcA6gvTUfAOu6eX2SrBLGZzcKElRvL9Olm18a4HOfBWKx46hoCfreytJIVBDJM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7996697ba8a03fdf-YYZ
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7996697b280a3fdf-YYZ
content-length
0
date
Tue, 14 Feb 2023 14:14:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISOBvT3F4qCMM5VVM7GaqDohRmVpu8ggkD0Gsil0UfbiDmMXQEU3YLj3CPUCb1%2FMSXQa17JYw5TminYNguuUN1jRNkcr%2B6B0wPFvqgryx42wT%2B%2B6%2BQUzsYoPSs7pzhaDA9UjIcSY1zwzYuc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020801&jk=823308635577086&bg=!u7iluOzNAAYuhb89DoU7ADkAdvg8WkyzniLoNIQeBsvLG3PAFEsgtOXzgvzyB34P4btqGrtG6TahzBkVPWbm_7L73xN3B-oFXL0CAAAAXlIAAAACaAEHCgBhDCIVndsmFrPVhqfTPsZ-9OC2jvoWkce0K8ClKRnLyp1eK7WKs_bypCxBCqvHUinBHDqFqskU9TXwSq1xaLvM9mSHJR5nSk9uVOdKwGKHV2IJbfsN4mJzu_VbbH-9M83IhpkCoon4RPilL8cA7fB7VsGHCCVnsSPvgtHIWxz3h77xZ3_Bvle1kJ9Fp8qFQU74NHJaW3ColVoRxzUUWQGqh9JPr-Q5mnaA0qHGTMg9MLjh89oIUue34GrHzBHbJ_782_-Jk2kF_lf1WiDBUjEjlXMuoPHLj5IUr1ExZwqFz_NqJOvGkAN4niSOylOZrPvwgKrTPRR9LFn6NP7lbaNDnxBQfX0pkA-jQHzhBiqYR-HB3JqBvJj88xyreUJxx1gXb8GgGPdpsucHzw-G1mVMRgVEygN5EyQvRYeJi5e7pSJnXWg803YlFnLtWObDkOYkAHX43S_1IgAtLqyrFPasePjeTQ5X2DNax0oaXauUwc0c61BdjKPB2AvFqeZSOeL-H9o3MHqw2F_R7Y5lnEUXyt9ke0dLWIsgO2QA2WWDS1soTDY3tGAJRoYJx8UdcPnZv6gxcLMlDNRbp-OcE7aX9KrS-58BhDGw_tciXnvEhKWagP2rbYz3B3vh4iuqOuAbBNcsdpQ8CqQuzCXW5JfGw0ys6b4QzUgr61oT5kQ0OuJAf2cYBvdbH2aFJ4_d0p2xlzaDdX8VCZBouiPdEdtYASB3oULpeYqgN_OJVI0MD1rOd6lTDbv8NkRBNu0r8OowN9W6try7MonCw5lK5y4-brxJ8uuWVO3mZf3JkXghEu30GavFZZeTETI0MPUiawYNsT8LuJvRH6QA5iXjPKo5evS8iV2sXurJEWrwDVfM4DjsW-FqFhfr2PXN1FFNoiW0ae-vB_JDA1dJq7DQGYhtGg2uqPoWua7EU5ERL9DbjHbkGUP3J-7QcFqwK6uMKDYGhgzb8Kk6s8Rx3v1z5XMF_t0_1izjheCMCHAhvov-l3Wqud43U5k05DNuF5sqf3iFJyciBEUS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

SPug
simage4.pubmatic.com/AdServer/ Frame C9E4
0
261 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:14:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-42-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| event boolean| credentialless object| oncontentvisibilityautostatechange object| Sentry number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 object| grumi object| apstag string| sov object| AdSlot object| nytg_loader_v1 object| __preloadedData object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ boolean| canTrackPerformance object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| google_tag_manager object| google_tag_data object| nytAnalytics string| ddjskey object| ddoptions object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| apscustom function| sprintf function| vsprintf object| meter boolean| VHS_PLAYER_DEPS_LOADING boolean| NYT_VI_RENDERED boolean| initialDeviceTypeResizeCallback boolean| hasStoppedMeasuringUserStateRequest undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| slotElement function| _0x2682e1 object| _0x4fad3c object| _0x542acf function| _0x1bc7 function| _0x521d object| _0x4ae122 object| _0x4749f3 object| _0x226003 object| _0x2b87fa object| _0x2624c3 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| webpackJsonpVHS function| __VHS__ function| VHS boolean| hasStoppedMeasuringMessageSelectionRequest boolean| LireUILoaded object| LireUI object| AIQ_DATA boolean| notprod string| GoogleAnalyticsObject function| ga object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY boolean| hasStoppedMeasuringOfferPresentationRequest boolean| adBlockDetected object| core object| LireUIForms object| ns_ object| brandmetrics object| gaplugins object| gaData object| _brandmetrics object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType string| surveyTriggerCookie object| params object| GoogleGcLKhOms function| setImmediate function| clearImmediate undefined| Raven object| google_image_requests

102 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhCsyZyC5TA=
.nytimes.com/ Name: nyt-a
Value: 0GkrDjZIJjUJIhztjxStr-
.nytimes.com/ Name: nyt-gdpr
Value: 0
.nytimes.com/ Name: nyt-purr
Value: cfhhcfhhhukfhu
.nytimes.com/ Name: nyt-us
Value: 0
.nytimes.com/ Name: nyt-geo
Value: CA
.nytimes.com/ Name: nyt-b3-traceid
Value: d6d6714502a140ba9be3a28e88cc8773
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1676384081507|0GkrDjZIJjUJIhztjxStr-|1676384081507
.rubiconproject.com/ Name: khaos
Value: LE4BSS0J-O-MCN3
.adnxs.com/ Name: icu
Value: ChgIkbx3EAoYASABKAEw0a6unwY4AUABSAEQ0a6unwYYAA..
.adnxs.com/ Name: uuid2
Value: 6456543293076970714
.openx.net/ Name: i
Value: 40bce2b3-2d75-05fe-32ec-e1a8342b49c6|1676384081
.scorecardresearch.com/ Name: UID
Value: 19C47ee92a695cb22c015231676384082
.nytimes.com/ Name: nyt-m
Value: 7460E04457FDCF56A97B7A3812694A26&s=s.core&e=i.1677679200&t=i.0&imu=i.1&igd=i.0&vp=i.0&cav=i.1&ird=i.0&iir=i.0&v=i.0&pr=l.4.0.0.0.0&rc=i.1&igf=i.0&iub=i.0&iga=i.0&iru=i.1&uuid=s.0fb143df-90b3-4ee3-bf6d-453636116395&g=i.0&ft=i.0&fv=i.0&igu=i.1&iue=i.0&ifv=i.0&ira=i.0&n=i.2&vr=l.4.0.0.0.0&prt=i.0&ica=i.0&imv=i.0&er=i.1676384082&ier=i.0
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1676384082732&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.a.nytimes.com/ Name: jkidd-s
Value: referrer=&landing=&start=1676384082732&isNew=1&pageIndex=1
.a.nytimes.com/ Name: jkidd-p
Value: prevPage=&currPage=
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0
.nytimes.com/ Name: _gcl_au
Value: 1.1.1399178697.1676384084
.adsrvr.org/ Name: TDID
Value: da339986-d862-4a98-bbf5-fdea003b2639
.nytimes.com/ Name: __gads
Value: ID=5b6d4de684fbf330:T=1676384083:S=ALNI_MZqis7E7wQuRNpZkkz7AVMVWBf93Q
.nytimes.com/ Name: __gpi
Value: UID=000009ae127ad534:T=1676384083:RT=1676384083:S=ALNI_MZwsifNYv_Sd6IjDNZxbhzZHnrYNQ
.www.nytimes.com/ Name: datadome
Value: 5y8DUAaRTgER6T2WbzI4rhvGjU8JPtwIrszXKs7TKSq~0qacn0U2nLfeCyLz7LUoE6HSggiKtNip2V9qCZdU_m_BX27VOe_b5sXVygYJXi1T2Y8Z~DyNarvzSJuL5VmR
.nytimes.com/ Name: _cb
Value: DdhDqTOZjujdvFWX
.nytimes.com/ Name: _chartbeat2
Value: .1676384084609.1676384084609.1.B9Cf8SKXWlZC4pDlBkgIlxB2Ulu4.1
.nytimes.com/ Name: _cb_svref
Value: null
.doubleclick.net/ Name: IDE
Value: AHWqTUmsLTbRCQISRgRMoclCpP-pcQV057bwagXkwheiAR8lG8jWawXQ9L0CyMgNj64
.nytimes.com/ Name: walley
Value: GA1.2.1731079406.1676384084
.nytimes.com/ Name: walley_gid
Value: GA1.2.567902836.1676384085
.nytimes.com/ Name: _gat_UA-58630905-2
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A25UbZ-fCk64t3n_Jc8py4Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.et.nytimes.com/ Name: et-ppvid
Value: https://myaccount.nytimes.com/auth/iframe/enter-email=7HlZYiqomwrS1rpZD_TXQ0Ae^https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting=FtMpe_h5u1aC0H2U5n3ODG4s
.openx.net/ Name: pd
Value: v2|1676384085|iKvPvMgakWgy
.3lift.com/ Name: tluid
Value: 307613228197535395416
.casalemedia.com/ Name: CMID
Value: Y.uXVbF0Dm0Cglp3AIQQBQAA
.casalemedia.com/ Name: CMPS
Value: 147
.casalemedia.com/ Name: CMPRO
Value: 147
.criteo.com/ Name: uid
Value: dd3d1a48-adb2-4256-95be-4d1e2a18bad1
.myaccount.nytimes.com/ Name: datadome
Value: HD2MZSPqH3LiHMVAqNBKn7wBVDRGFHNZdztkC~NhLMk30yiItYJ8nGET00GWj12~e9YrCAXdY5jurkRbFrkMgP1qrhsJBVGEq14Wb-m-4q0nT2BwkMJIurb~5s~oQjQ
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E0826D71-B9CD-49FF-A1F0-C251CFCFBC85
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1677542400%3A201_197_219%7C1676937600%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1677542400%3A54_22_220_21_13%7C1676937600%3A2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y_uXVQAG5FtxuAAb
.bidswitch.net/ Name: tuuid
Value: 0914d83a-7bba-44af-9da1-f0d0c93f2e36
.bidswitch.net/ Name: c
Value: 1676384085
.bidswitch.net/ Name: tuuid_lu
Value: 1676384085
.w55c.net/ Name: wfivefivec
Value: MsmCxGOl1PrW4Z5
.w55c.net/ Name: matchmedianet
Value: 5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDe1sLAwNTQ1MbYwtDQzFuIz1A3M9ggJzMtzrHJydgMAV-CkkCQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5mbGFiYGFqZGYGAHzz-v4QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDe1sLAwNTQ1MbYwtDQzFuIz1A3M9ggJzMtzrHJydgMAV-CkkCQAAAA
.eqads.com/ Name: EQUser
Value: UID=61db2d0d-3e76-4eb9-9ad2-3c9b779e9425
.dotomi.com/ Name: DotomiTest
Value: 5baff17e6f1613ae
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7498415039601983947
.simpli.fi/ Name: suid
Value: A3F51CBB47514622B71CB37E13E3FD70
.yahoo.com/ Name: A3
Value: d=AQABBFWX62MCELv2Z4UEFF_VDmOvFKEwih8FEgEBAQHo7GP1YwAAAAAA_eMAAA&S=AQAAApDkEXxwaH7zyepTMkqA1hY
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-da339986-d862-4a98-bbf5-fdea003b2639&KRTB&22918-da339986-d862-4a98-bbf5-fdea003b2639&KRTB&23031-da339986-d862-4a98-bbf5-fdea003b2639
.company-target.com/ Name: tuuid
Value: 6c23d632-002e-44cd-861f-7788b289495d
.company-target.com/ Name: tuuid_lu
Value: 1676384085
.turn.com/ Name: uid
Value: 7620079821392486248
.media.net/ Name: data-xu
Value: MsmCxGOl1PrW4Z5~~8
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEEcETpGv9mGqte0Qp3ye-F8&KRTB&22987-CAESEEcETpGv9mGqte0Qp3ye-F8&KRTB&23025-CAESEEcETpGv9mGqte0Qp3ye-F8&KRTB&23386-CAESEEcETpGv9mGqte0Qp3ye-F8
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A3F51CBB47514622B71CB37E13E3FD70
.media.net/ Name: visitor-id
Value: 3193856851454790000V10
.media.net/ Name: data-c-ts
Value: 1676384085
.media.net/ Name: data-c
Value: dd3d1a48-adb2-4256-95be-4d1e2a18bad1~~1
.onaudience.com/ Name: cookie
Value: 52a7120adba1a849
.onaudience.com/ Name: done_redirects252
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7620079821392486248&KRTB&23150-7620079821392486248
.pubmatic.com/ Name: PugT
Value: 1676384085
.rlcdn.com/ Name: rlas3
Value: U6N3ZEMFK9nezxvIB14MrueAF0FvGE59YIlbel41Jmw=
.nytimes.com/ Name: RT
Value: "z=1&dm=nytimes.com&si=5e02527f-5832-42c3-8102-9d991e9f0256&ss=le4bsu5y&sl=1&tt=b7&bcn=%2F%2F173bf10f.akstat.io%2F&ld=ll"
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxLbmhsMOr5zau1WuCoMxA8a+JUixCbOKdouEuITR0xnqBxogahC5ugnPOv4ka1Jxuqp7VtEw4brJOCAnekPgJibfNKzVeTd+EPQD5U7tEfUTQ==
.rlcdn.com/ Name: pxrc
Value: CNWurp8GEgUI6AcQABIFCOhHEAA=
.adkernel.com/ Name: ADKUID
Value: A7030510351426108912
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A7030510351426108912
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~29zq:199z~29zq"
.linkedin.com/ Name: bcookie
Value: "v=2&63332492-9eb4-447a-8db2-fa89ba7faafe"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2948:u=1:x=1:i=1676384085:t=1676470485:v=2:sig=AQHuMbobIiFD8ATu34ONU0aBJv4pXZ95"
.media.net/ Name: data-co
Value: AAAIneeMuiewjwN2ieKKAAAAAAA~~8
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIoJOtrPunxzsQBRIWCgdydWJpY29uEgsIgvXgsfunxzsQBRIXCghhcHBuZXh1cxILCIaBta_7p8c7EAUSGQoKcmlnaHRtZWRpYRILCNi9srL7p8c7EAUSFQoGY2FzYWxlEgsI-K2zsPunxzsQBRgBIAEoAjILCPCX-eCRqMc7EAU4AVoHeGtzdzlsYWAC
.pippio.com/ Name: did
Value: tRII7q411r9yFvdT
.pippio.com/ Name: didts
Value: 1676384085
.pippio.com/ Name: nnls
Value:
.onaudience.com/ Name: done_redirects109
Value: 1
.pippio.com/ Name: pxrc
Value: CNWurp8GEgQIAhAAEgYI7OsBEAA=
.media.net/ Name: data-bs
Value: 0914d83a-7bba-44af-9da1-f0d0c93f2e36~~1
.bluekai.com/ Name: bku
Value: 5RW99aVUbt1e6HxT
.bluekai.com/ Name: bkpa
Value: KJy9/9e4d02pSUHknp1p1Exhw0joje681p/t1MPMmVWy1ZBZ1M1N9yYxhyCX
.linksynergy.com/ Name: rmuid
Value: 189ff973-b1d5-44a0-b532-7da9660cc2c6
.linksynergy.com/ Name: icts
Value: 2023-02-14T14:14:45Z
.nytimes.com/ Name: iter_id
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2M2ViOTc1NjM1M2FhNTAwMDFiMjI1ZDkiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjc2Mzg0MDg2fQ.Ii04tnMczdfcSinahXywe6XyI7OeLYkDIqHpusV9EA4
.pubmatic.com/ Name: SPugT
Value: 1676384086

5 Console Messages

Source Level URL
Text
javascript warning URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email(Line 16)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email(Line 16)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://int.nyt.com/newsgraphics/dev/loader_v1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.nytimes.com/live/2023/02/13/us/michigan-state-shooting?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_02.14.23&utm_source=Campaigner&utm_medium=email(Line 16)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9)
Message:
Refused to connect to 'https://173bf10f.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net".
network error URL: https://csp.dev.nytimes.com/report
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
als-svc.nytimes.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
cdn.brandmetrics.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
collector.brandmetrics.com
contextual.media.net
cs.media.net
csp.dev.nytimes.com
d5b7f7879d5dae25d16de23eb68e4c6b.safeframe.googlesyndication.com
dd.nytimes.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g1.nyt.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
int.nyt.com
iteratehq.com
js.sentry-cdn.com
lnk.ozy.com
match.adsrvr.org
medianet-match.dotomi.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
nytimes-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.iteratehq.com
pm.w55c.net
pnytimes.chartbeat.net
pr-bh.ybp.yahoo.com
prebid.media.net
purr.nytimes.com
px.ads.linkedin.com
rtb2-useast.marketiq.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static01.nyt.com
sync-tm.everesttech.net
tags.bluekai.com
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
typeface.nyt.com
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
x.bidswitch.net
104.127.172.242
104.36.115.113
107.178.254.65
142.250.80.38
142.250.81.226
15.235.15.221
151.101.1.164
151.101.129.164
151.101.2.49
151.101.65.164
162.248.18.37
174.137.133.49
18.238.10.22
18.238.3.30
18.238.4.110
18.238.4.128
185.167.164.43
192.40.39.223
199.38.167.131
20.40.202.2
209.54.182.161
23.200.192.201
2600:141b:13:689::11a6
2600:141b:9000:6af::11a6
2600:1f18:4e9:5a05:2953:22ad:7c97:d637
2600:9000:25c8:2800:4:b37b:9440:93a1
2600:9000:25c8:f400:18:1fcd:351:7bc1
2602:803:c002:300::97
2604:9e00:1:129::2:a01
2606:4700:20::681a:6e5
2606:4700:20::ac43:479c
2606:4700:e0::ac40:6409
2606:ae80:1451:12::1690
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2008
2607:f8b0:4006:816::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2620:112:f002:bbbb::21
2620:1ec:21::14
2a04:4e42:400::729
3.83.59.245
3.97.124.126
34.107.148.139
34.227.243.32
34.96.71.22
34.98.64.218
34.98.67.3
35.190.60.146
35.211.178.172
35.236.220.17
35.244.159.8
35.71.131.137
52.0.74.68
52.223.22.214
52.3.42.214
52.54.49.121
54.165.236.171
54.175.87.114
67.220.226.232
68.67.179.166
74.119.119.150
76.13.32.147
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
96.17.64.208
96.17.64.29
019368388d333da1161e8e6a76883b1ea236735cdcf3d8b99cf59a80283f8650
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053e57457f03b8be1810797e6057afdc606e8bb492a73c2a27f2e22230971bcc
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05e0513a959873f32ffc7694b323e3a10add5815351bceae533d5dc419fead0b
064713199f704da4c404f31cc140b7df3bab94b00e06dcc09f87cdc9d1ab1a89
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0750628f424f214d17ca7574e299e57842389fc5453a9c9b651e092580f96fd1
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
092d166797b8c29a677b03a33241ed55e4ba9ac35d825b2a7ad5ad113238c6ae
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
100b58f2d6b117f3387a19b93320e8682a33ca32101f2eeb7e75420524aead23
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
12f31c7c17a6218e7bad4e3d46537eccd2a34c16e27904fbac5bdc2f3b9b130d
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1aa1da82bbcd26c77851d91d8e089d8677bde5e05f63fabe6f0a086f0c95f168
1baef97532021ed479e06a7b99c565b495ab07ae4e8306424e863689c6c563ac
1c5395f6205dc8e59a1869a8e3b4a38ee649e96f23907d907f4b9cc958aa5f76
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ebca68ae52073ff14c491a30b8aeaef14ed694f79c70c1c5a095ff64e645b54
1f4a49e702d0d77e1694817dd9cf1ba8569a9e2506ff6f3e6eaab2be2b14b46d
215a35cd71ad0a1a35555f891b22cecabed6fe3acf6c4dd5109a8370e94bf398
22786d3d9f25d82147c5bf891fd1ac9fc99af6b92de40978c2084224558137e0
25c5444f9cf815dbf8d7101748a3646f56150945a62d10c9a6eec45417fdd67f
27fd5af36d4d26d1e4ec9a195476034c22906f899b48cc738afb0d63c9964fc9
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
29cd49f61d6124f05a6cd8d781742624ea2205be8dcee00249e588e2a02737e2
2a2130aee214631ef98d31a2f0fd33a7cd844ae1aeb997bd48c89fb63eb0e037
2b0f824babe9d179a2094eba7075ce1ab999f67fa779c9aa9688298d4bfa9b66
2e8f3ec3943b3c904bc49bf6dd7e6cd58015d37cc146a6026b7b32dd1a226cc8
32548b1201fe272d4deac20adf1766a384b6d28dd4ddc76aa1bf4ba61a5a8e42
32936e7feed43f662694252c472e2599fc1def500e58c229f962298b793a9409
32f1f0e37b0041981359ea26673a749ad78f474c49f19b4aeb7e425c48d26475
3b4f1edf79cb9a1725da234564724c2a8a25c688112a00ebcdb17d12e6ac4065
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40573b8e117c579e179e1735087407146ee55034749be26c2407731e936b8843
420cdccf6362de40cf6027e27b1f70c8a554d8e02f467146f536b2271274d2d0
443ab21d666b7617b49d52adc0ae147d89db882397cf119f4efae94f6f29fe0c
4486a33a70b0ab6227074c97c026bc4c4ad732d4290f349c1eedd4d4d5e311d9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470a6505ac2b36a1f2888a1ff34961732ec3a4c832e6edae908a164307a06bd2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4acf30f8b5b5abc1bd6deb2c13677669a857c8906cad2ca7277b754c32d0dc89
4caa07916e63e2f1750861737c750532cd363c955c6a0ec8649e1f5e316265b0
4dce82188087b5a879afaed84f7c41579a9ccd759994d30d908879edc355ca62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e79a2984f6dfa75e6acb23723fb760cc61bc50c03ed18243430fae7167cad46
517f8f86a625691b1fecc3061b49131c6a181bd018bb01476f7e114a7674c503
548e814e13bbbc47350c9b02bda6c27f11dd9e8da7a7a848b1e0415b5af71c55
5559f926fd806c4747f4f8a13a4a2dd11e65681ce644c110f553fb57839b3e28
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b1e6e8a48f4f9f2b5c1651045906dfb671cf15e8a9571b94d223dbc00109874
5bacb59c42a6ba81649f4204e7c6f37e1708399c6f3a69e410ce7ee48e80d99c
5c62ee1a557995adb45a055a6b14daa8fba4a093d596454e12fdf50f67f9b566
5e76f734357c3563d4520d6251ad81761497e8cb133557a76c78e017aae84ef5
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62479a86148f4aae04f477a870c40db91d11c84c4c47062dd47d83eab4dc7158
62b87cc1460c4afdc8a8c0729c7f887575887ab8fb41a2b8ffcaded7422496bf
67c3152b92aa6bd53e31bea31b12c0b7f776359d19585905c48010110f9aaa3b
6b0519dbff83def2b6bd9aff431b96f8fb23719a7b503a51db1ca05428614a1b
6b32218f7bee034f726211a4d2b6951a42d74213b7baaf9e1431b7f420a761af
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
768ba7fac83c05223050ffeea4609e1b56cb7034d789cfd48b5686280ab98b7a
79e8f8060db60213607388d50e54f219bb8ac69cab12fffa06d01ed6e495006a
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
801f5461ab5233791c7e6db4bbca794e69cbad5ab048ffc0d3d45d900ea19091
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a4deb78c2fdb6f3481ee0b27e53b65b04d30365d527cf25d92da31375bbe6b
881b3bb2e653a1344d933b1716f46044ecc58d238ae663b49a0bee4260e935d2
8972988af10b066e292bb3404c7e3853a03766da8cc473fc6285f95408ab7087
89c621cba92a10f0b3c8cd9cfeec1cc73e961d101f05b4507ca33cdeebc0c37e
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e52e0cf00bf4af2a3ec8a31905b98b9b9e99bb789c28fc0e5e7f9e612ffbe51
90a9a82692abbe5ef1dda1f51f76a258316a8372969f1bb59c1174c64a628b84
93e5663f6062c2f3ec5f632db38a2b873fa74b2ef7ffe945ec9e53fbb8071a70
96841eedf52d29d710373f4905a8232c96c0ab58201adb0beba011516ad4cd04
96afe489023e3e604b96c48d0d9b77005dd82358a71b24eab849a23159094c38
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
9b1c1e318ca29b1805e42e7b40baa4fe51a633d941429b9954553ea2aea86b99
9f53a0959d5fe4bcd2b0b0d81563dc3b571128f04347dbbe322433fbcb855002
a14bab5a4b1db65b3b291dd0c51ed44bc63cac0fc0a8682534248883ae44c0b3
a19ad43af9b4443371f405820f6f96fcb301e6d384fe0188790012de6e2e78bb
a3128ea436a6cf8295a2c73c934b9d60053e42ec5dc3529f0113f26c6ca8c1cd
a38edce2f6a4980a261666bb362a9443094a2791520795dde49991e5ec46eb52
a3f21ed3c19d26db8a4b3616b8104d44b8177ec29433a68d7bcae33c511d46cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8ef923620119d860440bb5514bcfe1500bbab3e46b3be9ee463bb93076e2d00
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
ab58c90a662cf700705e739676c14e82d7ab3e91ec18689f6f30daf88d8a2194
abea00264481983d230978c5e8753fc3226b968183abc81f1ae00a577ff13480
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
afa0bfcc224d1dcc253bf0f815ec32b0125d6c1d393cbdc58e303e162939516f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b3fdb813192098028336976db08f3065344ea01a1d5df815c29bc1476d4f3912
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b67d4a0b87ec653465171ef26e08dce78b330805ce90d103d3dd92acf7eff782
b6903a87e0dba9112a6facc193f5372c2f449d35e1d66b12ea10311eb626f566
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4e3adf3060d01f9ffd158e2033acab7390f3f2aaec313e252bd01e142c4c32
c194a9ec916c0635928631a94592e9e4480296e587bee95be1822cfc3af5adcc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c30b136b9735f7b13929325f6182019d96e2c02c31a0624ef2c86bf55f6e40e7
c6f0d6099bda86c7b0606ec27a827a686cffe1d2f1859774d17e3089c0c39cb1
cc3b41571baf0fbf583709a064d10851dce07925d587b1fa3758a11a16074931
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3fa97ca0121b71d725769fd97cb7c33a42ed6d4951fb42858e340c493efa4ae
d56fe1ae3ba2ea4c307cce2b8cd356704ea5d1d5a2183973460da0cb1a59d5c6
d75d88b11cc63085f08b0f53a106a2948ad2cd92c056306ef06535badf4ae9c0
d7b8ecfd11e8086450c73ba71ec182da2ef46cb8602cfdaccf9640efe20fdcb1
d8f7ceb7f315b311a4fead2fb761be439b5d653a7718422620d43e55d8acb95a
d9010097ba089af77bb33456f16a43b72f0e8d1f3bcdc3197143ea4fb62b2e2f
d9e6e07501dffffcab98d5dafc7e4eef587b0a3afa05b38434c8423df4870e50
e25ce582dfe275a43a98584d7babde9df9606515ce460fe5b9bdde39b9866c7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40325574c3f9b68feeabc7041fd46863a834cc29001096c0dc9699686cf8386
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e4eafbf3e0a04d7305755d34ef0edb7260b79b085515e67fd1a147243e170211
e926b0591510ecddaf192767261e79834934d251a78c9cbcaf1d71c856a8e273
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2859c18a274d988c4e21803e47de7c41f66060fc060b66822e165b44f82492c
f31253ee4c07f10b5fccaa7c6747a95882a3fd5ca722ce8bb292c1e09a169413
f36437459221e814601528b4f884b5bbd811261d56037e3b9d42420865fb0a1a
f57146e039bca225728bf1264e2a68401a2165607331d1c45068e37542baf733
f63a4230ae88e5ad9c0254cb8c4b959f05eecb68206f7b27354351bfc228a1b0
f745cef00cf29b0b9806d20bdc65ae6c07696c7daa7984f37dcf21b3e64ac9bc
f75a6e180a35173c3cafd5f13900a3578048f7843cdf4d9d17e5cec5fa1edc55
f7e0436a4ee3bb08313041ee4368957e9e93880e0cb269c3d87741cd370ccb2d
f80d0d241321e4821b86874153a10ee2d3535b874d1e65bb2e0cc2c061ac0f52
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a