myaccount.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGgo1LeuE1S6WO6oaLPsIzevBXIrhRRppnbvimjeoHpzdBhzeIIIwkrrzepBnyr...
Effective URL:
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.c...
Submission: On November 04 via manual (November 4th 2020, 3:39:40 pm UTC) from US

Summary HTTP 50 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 50 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is myaccount.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time myaccount.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.223.233.247 162.223.233.247	15334 (RESPONSYS) (RESPONSYS)
20	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
3	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	151.101.194.47 151.101.194.47	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE)
1	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81d::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:4600:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
50	16

1 162.223.233.247 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com

e.newyorktimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.47 (United States)

ASN54113 (FASTLY, US)

payments.worldpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:4600:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nytimes.com myaccount.nytimes.com a.nytimes.com a.et.nytimes.com et.nytimes.com dd.nytimes.com	2 MB
7	nyt.com a1.nyt.com typeface.nyt.com	222 KB
4	google.com www.google.com	869 B
4	paypal.com www.paypal.com t.paypal.com	6 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	gstatic.com www.gstatic.com	134 KB
1	sentry.io sentry.io	451 B
1	google.de www.google.de	106 B
1	doubleclick.net stats.g.doubleclick.net	92 B
1	liveperson.net lptag.liveperson.net	8 KB
1	googletagmanager.com www.googletagmanager.com	71 KB
1	worldpay.com payments.worldpay.com	36 KB
1	newyorktimes.com 1 redirects e.newyorktimes.com	854 B
0	chasepaymentech.com Failed safetechpageencryption.chasepaymentech.com Failed
50	14

	Domain	Requested by
12	myaccount.nytimes.com	myaccount.nytimes.com
6	typeface.nyt.com	myaccount.nytimes.com
4	www.google.com	myaccount.nytimes.com www.gstatic.com
4	a.et.nytimes.com	myaccount.nytimes.com
3	www.paypal.com	myaccount.nytimes.com
2	dd.nytimes.com	myaccount.nytimes.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.nytimes.com	a1.nyt.com dd.nytimes.com
1	www.gstatic.com	www.google.com
1	sentry.io	dd.nytimes.com
1	www.google.de	myaccount.nytimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	lptag.liveperson.net	myaccount.nytimes.com
1	et.nytimes.com	myaccount.nytimes.com
1	t.paypal.com	myaccount.nytimes.com
1	www.googletagmanager.com	a1.nyt.com
1	payments.worldpay.com	myaccount.nytimes.com
1	a1.nyt.com	myaccount.nytimes.com
1	e.newyorktimes.com	1 redirects
0	safetechpageencryption.chasepaymentech.com Failed	myaccount.nytimes.com
50	20

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
policies.google.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-03-10` - `2022-03-15`	2 years	crt.sh
payments.worldpay.com DigiCert Global CA G2	`2020-08-14` - `2021-08-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
t.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-07-15` - `2022-07-20`	2 years	crt.sh
a.et.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-11-16`	2 years	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-29` - `2021-04-02`	9 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Frame ID: A55F4E70460225ABECF6C905D04743F0
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&badge=none&cb=i06wq0nxszzm
Frame ID: 3DCD9D2F8CE947E2C5C60FB755B2299B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ko37ofglolfv
Frame ID: 5523CBD89A2505EFCF49E0095336C5E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGgo1LeuE1S6WO6oaLPsIzevBXIrhRRppnbvimjeoHp... HTTP 302
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8 Page URL
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

50
Requests

90 %
HTTPS

56 %
IPv6

14
Domains

20
Subdomains

16
IPs

4
Countries

2773 kB
Transfer

3849 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/content/help/rights/privacy/policy/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/membercenter/sitehelp.html
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/help/index.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/california-notice
Title: California Notices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGgo1LeuE1S6WO6oaLPsIzevBXIrhRRppnbvimjeoHpzdBhzeIIIwkrrzepBnyr259yaHVXtpKX%3DSYYDWCY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbk6EGFWCF058C1GlF3Zxjr7_i54AwgHpObc8oNwhJUnOsn1zL9qYI7uIMvHFaUOwIY-g5TC0uQoqhqJQdZ6l9QTQ8Rjh3-63fbrWKov-e4lfcCJU3M_Mg-2tw.&_di_=k2cll2s33udu3lt56jht7n9909p0i9kkfqukspblvg371d0gb530 HTTP 302
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8 Page URL
https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGgo1LeuE1S6WO6oaLPsIzevBXIrhRRppnbvimjeoHpzdBhzeIIIwkrrzepBnyr259yaHVXtpKX%3DSYYDWCY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbk6EGFWCF058C1GlF3Zxjr7_i54AwgHpObc8oNwhJUnOsn1zL9qYI7uIMvHFaUOwIY-g5TC0uQoqhqJQdZ6l9QTQ8Rjh3-63fbrWKov-e4lfcCJU3M_Mg-2tw.&_di_=k2cll2s33udu3lt56jht7n9909p0i9kkfqukspblvg371d0gb530 HTTP 302
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

manage-billing Show response
myaccount.nytimes.com/get-started/
Redirect Chain

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGgo1LeuE1S6WO6oaLPsIzevBXIrhRRppnbvimjeoHpzdBhzeIIIwkrrzepBnyr259yaHVXtpKX%3DSYYDWCY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbk6EGFWCF058C1GlF3Zxjr7_i...
https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

1 KB
2 KB

495ms
427ms

Document
text/html

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2bf1aed537530b4d0525b11cb9a63db3196263edd460700cc093b75a769461ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /get-started/manage-billing?campaignId=6QKL8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: Apache
x-frame-options: SAMEORIGIN DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-datadome-timer: (null),VE391
accept-ranges: bytes bytes
date: Wed, 04 Nov 2020 15:39:22 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4047-HHN
x-cache: MISS
x-cache-hits: 0
x-api-version: F-X
content-length: 1455

Redirect headers

Date: Wed, 04 Nov 2020 15:39:22 GMT
Server: Apache
P3P: policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Cache-Control: no-store, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: 6.interact5.Tr6.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGgo1LeuE1S6WO6oaLPsIzevBXIrhRRppnbvimjeoHpzdBhzeIIIwkrrzepBnyr259yaHVXtpKX%3DSYYDWCY&_ei_=Eq2tf9zs59idfPO1Sc_9Bbk6EGFWCF058C1GlF3Zxjr7_i54AwgHpObc8oNwhJUnOsn1zL9qYI7uIMvHFaUOwIY-g5TC0uQoqhqJQdZ6l9QTQ8Rjh3-63fbrWKov-e4lfcCJU3M_Mg-2tw; expires=Fri, 04-Nov-2022 15:39:22 GMT; Domain=.newyorktimes.com; Path=/pub; SameSite=None;Secure; HttpOnly
Location: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET
H2 200 main.css
myaccount.nytimes.com/get-started/css/ 146 KB
146 KB 73ms
73ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/css/main.css

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

08cf56e6300ad8b8bd08cb496b1ef446ab0103f5f19bc59cad3e0a0edc54a611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 346
x-cache: HIT
status: 200
content-length: 149435
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4047-HHN
last-modified: Fri, 30 Oct 2020 13:38:06 GMT
server: Apache
date: Wed, 04 Nov 2020 15:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Tue, 03 Nov 2020 21:56:27 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE381
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor.bundle.7e6c5e6301bb10b2d58c.js Show response
myaccount.nytimes.com/get-started/js/dest/ 152 KB
152 KB 33ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/vendor.bundle.7e6c5e6301bb10b2d58c.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5313e1f6f09310269334a4c40dc1ac390a08cb2898aca592628c235f174f7bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 176
x-cache: HIT
status: 200
content-length: 155903
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4047-HHN
last-modified: Fri, 30 Oct 2020 13:38:06 GMT
server: Apache
date: Wed, 04 Nov 2020 15:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Tue, 03 Nov 2020 11:48:47 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE379
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 manage_billing.bundle.7e6c5e6301bb10b2d58c.js Show response
myaccount.nytimes.com/get-started/js/dest/ 2 MB
2 MB 73ms
73ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.7e6c5e6301bb10b2d58c.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

69352f03110042797da93ae4260ea8bc23ce67e90ce2d9acbd0b6fa303eba72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 346
x-cache: HIT
status: 200
content-length: 1807098
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4047-HHN
last-modified: Fri, 30 Oct 2020 13:38:06 GMT
server: Apache
date: Wed, 04 Nov 2020 15:39:22 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Wed, 04 Nov 2020 13:04:31 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE383
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 json-kidd.min.js Show response
a1.nyt.com/analytics/ 178 KB
44 KB 49ms
48ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/json-kidd.min.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 97e649e4f52da2245df01edf874b88e1e614fb5124c20e47a5602d01213583de

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=hu1QRw==, md5=tk0OvQQ1nPA6XjE4ox+k5g==
date: Wed, 04 Nov 2020 15:39:22 GMT
content-encoding: gzip
age: 60641
x-guploader-uploadid: ABg5-UyuybeOv5KqXUSy_Qh2qhOhxqZq4KrmXJJ7E97c-SLbHCtlqA3XW1INZd9cIvA5uIyki-x7d7hTFUrJAjvDIN8
x-cache: HIT
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 44076
via: 1.1 varnish
x-served-by: cache-hhn4047-HHN
accept-ranges: bytes
expires: Wed, 23 Sep 2020 22:45:16 GMT
last-modified: Thu, 27 Aug 2020 19:39:32 GMT
server: UploadServer
x-timer: S1604504363.942212,VS0,VE0
etag: "b64d0ebd04359cf03a5e3138a31fa4e6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1598557172966603
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 182146
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 2318

GET
H2 401 manage-billing-profile
myaccount.nytimes.com/svc/get-started/api/v1/user/ 84 B
332 B 409ms
408ms Fetch
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/svc/get-started/api/v1/user/manage-billing-profile?country=DK

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.7e6c5e6301bb10b2d58c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Authorization: Cookie
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
x-cache: MISS
status: 401
content-length: 84
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4047-HHN
pragma: no-cache
server: Apache
date: Wed, 04 Nov 2020 15:39:23 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-datadome-timer: (null),VE376
accept-ranges: bytes, bytes
x-cache-hits: 0

GET
H2 200 pptm.js
www.paypal.com/tagmanager/ 12 KB
5 KB 115ms
23ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=myaccount.nytimes.com&source=checkoutjs&t=xo&v=4.0.299

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.7e6c5e6301bb10b2d58c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ISUDZOa5O8PswO3VEKjlitxcnejH5jD6Kdpqh38U5Znybw71' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ISUDZOa5O8PswO3VEKjlitxcnejH5jD6Kdpqh38U5Znybw71' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 3372
x-cache: HIT, HIT
status: 200
paypal-debug-id: 8c741f699a2a6
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7321-LHR, cache-cph20640-CPH
x-timer: S1604504363.309655,VS0,VE2
x-frame-options: SAMEORIGIN
date: Wed, 04 Nov 2020 15:39:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 nyt-credit-card-encryption.min.js
myaccount.nytimes.com/get-started/pt/ 2 KB
2 KB 33ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/pt/nyt-credit-card-encryption.min.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.7e6c5e6301bb10b2d58c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 267
x-cache: HIT
status: 200
content-length: 1904
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4047-HHN
last-modified: Fri, 30 Oct 2020 13:38:07 GMT
server: Apache
date: Wed, 04 Nov 2020 15:39:23 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Wed, 04 Nov 2020 04:07:58 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE382
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 worldpay-cse-1.latest.min.js
payments.worldpay.com/resources/cse/js/ 36 KB
36 KB 67ms
18ms Script
application/x-javascript 151.101.194.47
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.worldpay.com/resources/cse/js/worldpay-cse-1.latest.min.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.7e6c5e6301bb10b2d58c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.47 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 51725
x-cache: HIT
status: 200
content-length: 36550
x-served-by: cache-cph20628-CPH
last-modified: Tue, 01 Oct 2019 12:46:44 GMT
server
x-timer: S1604504363.280559,VS0,VE0
etag: "8ec6-593d8bea11500"
content-language: en
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 2115

GET
H2 200 nyt-logo-379x64.svg
myaccount.nytimes.com/img/ 12 KB
4 KB 32ms
32ms Image
image/svg+xml 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.nytimes.com/img/nyt-logo-379x64.svg
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-api-version: F-madb
age: 175
x-cache: HIT
status: 200
x-cache-hits: 1
content-length: 3625
x-served-by: cache-hhn4047-HHN
server: Google Frontend
etag: "1lCieQ"
content-type: image/svg+xml
via: 1.1 varnish
x-cloud-trace-context: ed01b76fdd3a41caf26575d797ec8a66
cache-control: public, max-age=600
x-datadome-timer: (null),VE163
accept-ranges: bytes
expires: Tue, 03 Nov 2020 20:45:49 GMT

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 871 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af0e1d602b67bc5d650cf54cf03c737de6bf1cd46e5c7d06a67adf867f0d8cfb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 105ms
31ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/get-started/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 11463078
x-guploader-uploadid: AEnB2UqBI1h_fayqElwwPN37eDAY6jwBH6vQTpt6U5cTn6qTVPungt384_Q4Imk4HqNkQufJKSx9QIWId6Lyc478kZA-WRmEUA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn4054-HHN
accept-ranges: bytes
expires: Wed, 24 Jun 2020 23:28:03 GMT
last-modified: Mon, 04 Mar 2019 22:54:23 GMT
server: UploadServer
x-timer: S1604504363.335217,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1551740063855820
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 8094

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 126ms
52ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/get-started/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 2378666
x-guploader-uploadid: ABg5-UwQ2YnnhVZXeiyi6zI0FV7uJzsN2TZykzb-h_IKx4pAgBXFrDulcjJPCC1Y7aFzy3EMm_pOzIEGtx1vAeLE2fBgonBQDg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn4054-HHN
accept-ranges: bytes
expires: Fri, 08 Oct 2021 02:54:57 GMT
last-modified: Tue, 08 Oct 2019 20:47:01 GMT
server: UploadServer
x-timer: S1604504363.335335,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567621043745
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 8366

GET
H2 200 nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ 30 KB
31 KB 139ms
66ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/get-started/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 144685
x-guploader-uploadid: ABg5-UwtAiS0vs43hYo3Oo2xLWF5qgKjq-eO7RalPfiGdDEhtMbM0ReUO9Ecuy1P1umn5YuCbqhi99oxBx3ORAaewJc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 31172
x-served-by: cache-hhn4054-HHN
accept-ranges: bytes
expires: Tue, 02 Nov 2021 23:27:57 GMT
last-modified: Tue, 08 Oct 2019 20:47:00 GMT
server: UploadServer
x-timer: S1604504363.335443,VS0,VE0
etag: "5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567620942592
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 31172
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 2924

GET
H2 200 gtm.js
www.googletagmanager.com/ 299 KB
71 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQS5DX3&gtm_auth=BxlVOowD_jvqTyNZ6sqMEA&gtm_preview=env-5&gtm_cookies_win=x

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: br
vary: *
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72180
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer
a.nytimes.com/svc/nyt/ 1 KB
1 KB 162ms
139ms XHR
application/json 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&jkcb=1604504363287
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: f31cd69eb2a6b54269ac37c50f57e678
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 536
expires: Wed, 04 Nov 2020 15:39:23 GMT

GET getkey.js
safetechpageencryption.chasepaymentech.com/pie/v1/64100000000025/ 0
0

GET encryption.js
safetechpageencryption.chasepaymentech.com/pie/v1/ 0
0

GET
H2 200 ts
t.paypal.com/ 42 B
701 B 230ms
189ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=New%20York%20Times%20Manage%20Billing&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1604504363340&g=-60&completeurl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8&ru=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status: 200
http_x_pp_az_locator: slca.slc
x-cache-hits: 0, 0
content-length: 42
x-served-by: cache-lhr7348-LHR, cache-cph20628-CPH
pragma: no-cache
server: akka-http/10.1.11
x-timer: S1604504363.392092,VS0,VE171
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, no-transform
accept-ranges: bytes, bytes
expires: Wed, 04 Nov 2020 15:39:23 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
106ms Other
application/json 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 analytics.js
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQS5DX3&gtm_auth=BxlVOowD_jvqTyNZ6sqMEA&gtm_preview=env-5&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6598
date: Wed, 04 Nov 2020 13:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 04 Nov 2020 15:49:25 GMT

GET
H2 200 /
et.nytimes.com/ 0
102 B 34ms
31ms Script
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%3Fproduct%3Dunknown%26mode%3Ddigi%26rate%3Dregular99%3D%2Fget-started%2Fmanage-billing%26hash%3D%26campaignId%3D6QKL8&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&referrer=&clientTimeStamp=1604504363482&totalTime=0&gtm=GTM-TQS5DX3-51-Production&et2_pageview_id=YJdUaMTWiHS9B5rJ4q3yS_Eh&sourceApp=seg-pip&skipFilter=%5B%22content%22%5D&callback=NYTD.EventTracker.cb0&pageMetaData=%7B%22PT%22%3A%22%22%2C%22CG%22%3A%22Digital%20Subscription%22%2C%22SCG%22%3A%22%22%2C%22byl%22%3A%22%22%2C%22tom%22%3A%22%22%2C%22hdl%22%3A%22%22%2C%22ptime%22%3A%22%22%2C%22cre%22%3A%22%22%2C%22articleid%22%3A%22%22%2C%22channels%22%3A%22%22%2C%22CN%22%3A%22%22%2C%22CT%22%3A%22%22%7D&additionalClientData=%7B%22ul%22%3A%22en-US%22%2C%22js%22%3A%22Yes%22%2C%22jv%22%3A%221.5%22%2C%22fi%22%3A%22No%22%2C%22tz%22%3A1%2C%22bh%22%3A16%2C%22cd%22%3A24%2C%22sr%22%3A%221600x1200%22%2C%22bs%22%3A%221600x1200%22%2C%22jo%22%3A%22No%22%2C%22or%22%3A%22land%22%7D
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
et1: true
x-api-version: F-(null)
x-timer: S1604504364.501725,VS0,VE0
x-served-by: cache-hhn4047-HHN
x-cache: HIT
content-type: application/json
status: 200
server: Varnish
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 tag.js
lptag.liveperson.net/tag/ 21 KB
8 KB 132ms
32ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

POST
H3-Q050 200 collect
www.google-analytics.com/j/ 2 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=880896354&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&dr=&dp=%2Fget-started%3Fproduct%3Dunknown%26mode%3Ddigi%26rate%3Dregular99%3D%2Fget-started%2Fmanage-billing%26hash%3D&ul=en-us&de=UTF-8&dt=New%20York%20Times%20Manage%20Billing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1581051996&gjid=809847222&cid=1230428558.1604504363&tid=UA-58630905-1&_gid=1288095124.1604504363&_r=1&gtm=2wgal2TQS5DX3&tc=x&cd1=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing&cd2=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8&cd3=%3FcampaignId%3D6QKL8&cd4=Digital%20Subscription&cd9=&cd10=&cd14=&cd15=earned&cd16=referring_links&cd26=&cd27=&cd28=&cd29=&cd37=0&cd42=seg-pip&cd48=&cd49=blurb_under_100&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&z=868721686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Nov 2020 15:39:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://myaccount.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58630905-1&cid=1230428558.1604504363&jid=1581051996&gjid=809847222&_gid=1288095124.1604504363&_u=YEBAAEAAAAAAAC~&z=119850451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 04 Nov 2020 15:39:23 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://myaccount.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 18ms
18ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-58630905-1&cid=1230428558.1604504363&jid=1581051996&_u=YEBAAEAAAAAAAC~&z=752202807

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Nov 2020 15:39:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 32ms
32ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-58630905-1&cid=1230428558.1604504363&jid=1581051996&_u=YEBAAEAAAAAAAC~&z=752202807

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Nov 2020 15:39:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 225ms
187ms Other
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Origin: https://myaccount.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://myaccount.nytimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
paypal-debug-id: d9bcd56bd46cd
x-content-type-options: nosniff
x-powered-by: Express
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Wed, 04 Nov 2020 15:39:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7356-LHR, cache-cph20630-CPH
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1604504364.608171,VS0,VE169
vary: Accept-Encoding
content-encoding: br

GET
H2 200 Primary Request login Show response
myaccount.nytimes.com/auth/ 4 KB
3 KB 151ms
151ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/manage_billing.bundle.7e6c5e6301bb10b2d58c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

89ba45c5ce12cbe85176932585fb1eac4ec92d5af90830f996b857c8986ddd26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors 'none'; block-all-mixed-content ; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; nyt-jkidd=uid=0&lastRequest=1604504363373&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon; walley=GA1.2.1230428558.1604504363; walley_gid=GA1.2.1288095124.1604504363; _gat_UA-58630905-1=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8

Response headers

status: 200
content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 5008440480697648504
x-datadog-parent-id: 5008440480697648504
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
resp-details: [[it:lui]]
x-nyt-backend: lire-ui
x-frame-options: DENY
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors 'none'; block-all-mixed-content ; upgrade-insecure-requests
etag: W/"f4a-FrNqWNITeWql/W2tV+fNDkB9rFg"
content-encoding: gzip
x-cloud-trace-context: c14d2bf958095464d50d593c9941f858
server: Google Frontend
x-datadome-timer: (null),VE119
accept-ranges: bytes bytes
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4047-HHN
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
x-api-version: F-X

POST logger
www.paypal.com/xoplatform/logger/api/ 0
0

GET .jsonp
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 0
0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 218ms
216ms Other
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Origin: https://myaccount.nytimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://myaccount.nytimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
paypal-debug-id: 7f6949c992dba
x-content-type-options: nosniff
x-powered-by: Express
dc: phx-origin-www-2.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Wed, 04 Nov 2020 15:39:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7355-LHR, cache-cph20630-CPH
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1604504364.727595,VS0,VE199
vary: Accept-Encoding
content-encoding: br

POST logger
www.paypal.com/xoplatform/logger/api/ 0
0

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ 2 KB
1 KB 33ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-api-version: F-X
age: 538
x-cache: HIT
status: 200
content-length: 1252
x-served-by: cache-hhn4047-HHN
expires: Fri, 30 Oct 2020 20:58:42 GMT
server: Google Frontend
etag: "713_uA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 80f1e0e48a552634dda90ee2a749db31
cache-control: public, max-age=600
x-datadome-timer: (null),VE692
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 113

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ 401 KB
133 KB 33ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=f050cd6
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e883ab7421ca60a1e5597feec3fc3e2ab816e55ff502feb42029b8fca1fed5b5

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-api-version: F-X
age: 283
x-cache: HIT
status: 200
content-length: 136227
x-served-by: cache-hhn4047-HHN
expires: Fri, 30 Oct 2020 20:53:45 GMT
server: Google Frontend
etag: "713_uA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: f4533a47b4c982f5cb5a63c240598950
cache-control: public, max-age=600
x-datadome-timer: (null),VE184
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 58

GET
H2 200 sentry.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ 107 KB
36 KB 38ms
37ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a4eceaaee380b228d248aac4d9df34f2096cdfd94ff35762765dbcb89fc8b6d3

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-api-version: F-X
age: 561
x-cache: HIT
status: 200
content-length: 36753
x-served-by: cache-hhn4047-HHN
expires: Mon, 02 Nov 2020 23:35:48 GMT
server: Google Frontend
etag: "713_uA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 5113ac8e2e096d4cf5da2c102c858ad6
cache-control: public, max-age=600
x-datadome-timer: (null),VE651
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 17

GET
H2 200 tags.js Show response
dd.nytimes.com/ 132 KB
22 KB 43ms
10ms Script
text/javascript 2600:9000:214f:4600:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4600:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a119e1e0b5a371d5cbfdc73f49c2cf661693662e0a9b6f1c0961abbb9f893de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 14:41:04 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3499
x-cache: Hit from cloudfront
status: 200
content-length: 21791
access-control-allow-origin: *
last-modified: Fri, 30 Oct 2020 15:27:51 GMT
server: Apache
etag: "211a0-5b2e50a33846c-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: XfV2ImZgn_ybdLMQa-QW138CnUyC6QyIA3bhbgsPxba4aZFhynhBiw==
expires: Wed, 04 Nov 2020 15:41:04 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Other
application/json 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1009 B
1 KB 264ms
245ms Fetch
application/json 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Flogin%3Fresponse_type%3Dcookie%26client_id%3Dmngbill%26redirect_uri%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fmanage-billing%253FcampaignId%253D6QKL8
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 734b84dc325004b199b8e72f9033af4112ea414891bc67f45ba5e1f89ac6a94e

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:24 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: db9e3e6b0e59ce89d0735b9d6e4f907c
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 525
expires: Wed, 04 Nov 2020 15:39:24 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 909 B
763 B 17ms
17ms Script
text/javascript 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=f050cd6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

72e549b09df0cb5ec424c648589ff90b1e93d3d2a31229d9546c91bdf2dbcb05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 1; mode=block
expires: Wed, 04 Nov 2020 15:39:23 GMT

GET
H2 200 nyt-logo.svg
myaccount.nytimes.com/lire_ui/img/ 10 KB
5 KB 31ms
31ms Image
image/svg+xml 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.nytimes.com/lire_ui/img/nyt-logo.svg
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d3e16687ec9c4de367a88d0da210e208574799844e0f9d4874bf41be1dd83424

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:39:23 GMT
content-encoding: gzip
x-api-version: F-X
age: 495
x-cache: HIT
status: 200
content-length: 4722
x-served-by: cache-hhn4047-HHN
expires: Fri, 30 Oct 2020 20:57:09 GMT
server: Google Frontend
etag: "713_uA"
content-type: image/svg+xml
via: 1.1 varnish
x-cloud-trace-context: 4fb6b46d895bcb317bc5eeb3ab03790e
cache-control: public, max-age=600
x-datadome-timer: (null),VE598
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 13

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 31ms
30ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 2378667
x-guploader-uploadid: ABg5-UwQ2YnnhVZXeiyi6zI0FV7uJzsN2TZykzb-h_IKx4pAgBXFrDulcjJPCC1Y7aFzy3EMm_pOzIEGtx1vAeLE2fBgonBQDg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn4054-HHN
accept-ranges: bytes
expires: Fri, 08 Oct 2021 02:54:57 GMT
last-modified: Tue, 08 Oct 2019 20:47:01 GMT
server: UploadServer
x-timer: S1604504364.888467,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567621043745
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 8367

GET
H2 200 nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ 30 KB
31 KB 34ms
33ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 144686
x-guploader-uploadid: ABg5-UwtAiS0vs43hYo3Oo2xLWF5qgKjq-eO7RalPfiGdDEhtMbM0ReUO9Ecuy1P1umn5YuCbqhi99oxBx3ORAaewJc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 31172
x-served-by: cache-hhn4054-HHN
accept-ranges: bytes
expires: Tue, 02 Nov 2021 23:27:57 GMT
last-modified: Tue, 08 Oct 2019 20:47:00 GMT
server: UploadServer
x-timer: S1604504364.889425,VS0,VE0
etag: "5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567620942592
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 31172
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 2925

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ 29 KB
29 KB 37ms
36ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Wed, 04 Nov 2020 15:39:23 GMT
via: 1.1 varnish
age: 11463078
x-guploader-uploadid: AEnB2UqBI1h_fayqElwwPN37eDAY6jwBH6vQTpt6U5cTn6qTVPungt384_Q4Imk4HqNkQufJKSx9QIWId6Lyc478kZA-WRmEUA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn4054-HHN
accept-ranges: bytes
expires: Wed, 24 Jun 2020 23:28:03 GMT
last-modified: Mon, 04 Mar 2019 22:54:23 GMT
server: UploadServer
x-timer: S1604504364.889558,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1551740063855820
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 8095

POST
H2 200 / Show response
dd.nytimes.com/js/ 232 B
565 B 32ms
14ms XHR
application/json 2600:9000:214f:4600:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: 1dd1fd13f2be7878c0a189ba05db8ae9321e1cc4d3e6891b794a286e8596dd89

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 04 Nov 2020 15:39:24 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
x-amz-cf-id: k2K-5oirFmNnY1rylOFL32SeYSA5BGW3-WhpSSVvN0Bhmk2K7YWjHA==
expires: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/1352341/store/ 41 B
451 B 627ms
153ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1352341/store/?sentry_key=45a6b9fa57434bc9bdfa55a12508577f&sentry_version=7

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e7e2f890035571b753783a5af1bf63b148a246b7c3058484088c006ed9e3ffaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 04 Nov 2020 15:39:24 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://myaccount.nytimes.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 41

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ 343 KB
134 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1462
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137574
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 04:07:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Nov 2021 15:15:02 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 3DCD 0
0 33ms
33ms Document
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&badge=none&cb=i06wq0nxszzm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zXAz8+DPL6k3SATqn8R5tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&badge=none&cb=i06wq0nxszzm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 04 Nov 2020 15:39:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-zXAz8+DPL6k3SATqn8R5tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10711
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Other
application/json 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/manage-billing?campaignId=6QKL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 5523 0
0 37ms
21ms Document
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ko37ofglolfv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tMEpPqAzqDNkGRaNcAqz1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ko37ofglolfv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=mngbill&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fmanage-billing%3FcampaignId%3D6QKL8

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 04 Nov 2020 15:39:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-tMEpPqAzqDNkGRaNcAqz1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1172
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: safetechpageencryption.chasepaymentech.com
URL: https://safetechpageencryption.chasepaymentech.com/pie/v1/64100000000025/getkey.js

Domain: safetechpageencryption.chasepaymentech.com
URL: https://safetechpageencryption.chasepaymentech.com/pie/v1/encryption.js

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Domain: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-19 22:27:20	Name: nyt-a Value: rh7cTIiUCy-Zhqptso0Cg-Sj
.nytimes.com/	1970-01-19 13:41:44	Name: _gat_UA-58630905-1 Value: 1
.nytimes.com/	1970-01-19 13:43:10	Name: walley_gid Value: GA1.2.1288095124.1604504363
.nytimes.com/	1970-01-20 07:12:56	Name: walley Value: GA1.2.1230428558.1604504363
.nytimes.com/	1970-01-19 22:27:20	Name: nyt-jkidd Value: uid=0&lastRequest=1604504363373&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 13:42:14	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-19 13:42:14	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.et.nytimes.com
a.nytimes.com
a1.nyt.com
dd.nytimes.com
e.newyorktimes.com
et.nytimes.com
lptag.liveperson.net
myaccount.nytimes.com
payments.worldpay.com
safetechpageencryption.chasepaymentech.com
sentry.io
stats.g.doubleclick.net
t.paypal.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
lptag.liveperson.net
safetechpageencryption.chasepaymentech.com
www.paypal.com
151.101.1.21
151.101.1.35
151.101.113.164
151.101.194.47
162.223.233.247
178.249.101.23
2600:9000:214f:4600:a:a8c5:a040:93a1
2a00:1450:4001:806::200e
2a00:1450:4001:809::2013
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2003
2a00:1450:4001:817::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2013
2a00:1450:400c:c07::9c
35.188.42.15
08cf56e6300ad8b8bd08cb496b1ef446ab0103f5f19bc59cad3e0a0edc54a611
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
1dd1fd13f2be7878c0a189ba05db8ae9321e1cc4d3e6891b794a286e8596dd89
2bf1aed537530b4d0525b11cb9a63db3196263edd460700cc093b75a769461ea
2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531
5313e1f6f09310269334a4c40dc1ac390a08cb2898aca592628c235f174f7bdd
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
69352f03110042797da93ae4260ea8bc23ce67e90ce2d9acbd0b6fa303eba72c
72e549b09df0cb5ec424c648589ff90b1e93d3d2a31229d9546c91bdf2dbcb05
734b84dc325004b199b8e72f9033af4112ea414891bc67f45ba5e1f89ac6a94e
738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5
84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6
89ba45c5ce12cbe85176932585fb1eac4ec92d5af90830f996b857c8986ddd26
97e649e4f52da2245df01edf874b88e1e614fb5124c20e47a5602d01213583de
a119e1e0b5a371d5cbfdc73f49c2cf661693662e0a9b6f1c0961abbb9f893de7
a4eceaaee380b228d248aac4d9df34f2096cdfd94ff35762765dbcb89fc8b6d3
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
af0e1d602b67bc5d650cf54cf03c737de6bf1cd46e5c7d06a67adf867f0d8cfb
d3e16687ec9c4de367a88d0da210e208574799844e0f9d4874bf41be1dd83424
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e2f890035571b753783a5af1bf63b148a246b7c3058484088c006ed9e3ffaa
e883ab7421ca60a1e5597feec3fc3e2ab816e55ff502feb42029b8fca1fed5b5

myaccount.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

90 %HTTPS

56 %IPv6

14 Domains

20 Subdomains

16 IPs

4 Countries

2773 kBTransfer

3849 kBSize

7 Cookies

7 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myaccount.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

90 %
HTTPS

56 %
IPv6

14
Domains

20
Subdomains

16
IPs

4
Countries

2773 kB
Transfer

3849 kB
Size

7
Cookies

50 HTTP transactions
2 data transactions