myaccount.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuDB31Ms73Rgzc5wNTULemEsK72hgzafRDCyHRALJ5J8WzfJPmJ4e0KPEPzezb...
Effective URL:
https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&s...
Submission: On July 29 via api (July 29th 2021, 1:03:42 pm UTC) from US

Summary HTTP 82 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 21 domains to perform 82 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is myaccount.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time myaccount.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.223.233.247 162.223.233.247	15334 (RESPONSYS) (RESPONSYS)
1 18	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
1	23.45.106.90 23.45.106.90	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:ec00:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b8::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.132.84 151.101.132.84	54113 (FASTLY) (FASTLY)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
2	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
2	3.225.10.210 3.225.10.210	14618 (AMAZON-AES) (AMAZON-AES)
82	32

1 162.223.233.247 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com

e.newyorktimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.13.164 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.106.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-90.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:ec00:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b8::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.132.84 (Madrid, Spain)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.10.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-10-210.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	nytimes.com 1 redirects myaccount.nytimes.com a.nytimes.com a.et.nytimes.com dd.nytimes.com	2 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	791 KB
9	nyt.com g1.nyt.com a1.nyt.com typeface.nyt.com	251 KB
7	google.com www.google.com	66 KB
5	liveperson.net lptag.liveperson.net va.v.liveperson.net	106 KB
4	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	35 KB
4	pinterest.com ct.pinterest.com	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	100 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	88 KB
2	pinimg.com s.pinimg.com	18 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	paypal.com www.paypal.com t.paypal.com	6 KB
1	bluekai.com stags.bluekai.com	1 KB
1	google.de www.google.de	108 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	bkrtx.com tags.bkrtx.com	16 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	104 KB
1	newyorktimes.com 1 redirects e.newyorktimes.com	932 B
82	21

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
9	myaccount.nytimes.com	1 redirects myaccount.nytimes.com
7	www.google.com	myaccount.nytimes.com www.gstatic.com www.google.com
6	a.et.nytimes.com	myaccount.nytimes.com
5	fonts.gstatic.com	www.google.com
5	g1.nyt.com	myaccount.nytimes.com
4	ct.pinterest.com	s.pinimg.com myaccount.nytimes.com
3	va.v.liveperson.net	lptag.liveperson.net
2	errors.client.optimizely.com	cdn.optimizely.com
2	lpcdn.lpsnmedia.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	px.ads.linkedin.com	2 redirects
2	lptag.liveperson.net	myaccount.nytimes.com
2	typeface.nyt.com	myaccount.nytimes.com
2	s.pinimg.com	a1.nyt.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dd.nytimes.com	myaccount.nytimes.com dd.nytimes.com
2	a.nytimes.com	a1.nyt.com myaccount.nytimes.com
2	a1.nyt.com	myaccount.nytimes.com a1.nyt.com
2	c.go-mpulse.net	s.go-mpulse.net
2	s.go-mpulse.net	myaccount.nytimes.com
1	stags.bluekai.com	tags.bkrtx.com
1	www.google.de	myaccount.nytimes.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	myaccount.nytimes.com
1	www.linkedin.com	1 redirects
1	tags.bkrtx.com	a1.nyt.com
1	snap.licdn.com	a1.nyt.com
1	cdn.optimizely.com	a1.nyt.com
1	www.googleadservices.com	www.googletagmanager.com
1	t.paypal.com	myaccount.nytimes.com
1	www.googletagmanager.com	a1.nyt.com
1	www.paypal.com	myaccount.nytimes.com
1	e.newyorktimes.com	1 redirects
82	34

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-08` - `2022-01-11`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2021-07-18` - `2021-10-16`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-18` - `2021-11-22`	a year	crt.sh
a.et.nytimes.com GTS CA 1D4	`2021-06-03` - `2021-09-01`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2021-02-21` - `2022-02-21`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Frame ID: 8364F6118D099C67F1FE4C0576922D14
Requests: 50 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Frame ID: 228DB6EE4E27A59D2D720F40BCD96D07
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=invisible&badge=none&cb=54uq88nk77yl
Frame ID: 9E1ED8F8340E7150B52A0045106CDBDA
Requests: 7 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3Dfalse&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&phint=section&phint=subsection&phint=pagetype&phint=payflowbundletype%3Dunknown&phint=payflowiscooking%3Dtrue&phint=payflowiscrossword%3Dfalse&phint=payflowisdonation%3Dtrue&phint=payflowisedu%3Dtrue&phint=payflowregion%3Dint&phint=payflowisdigigift%3Dfalse&phint=payflowishdgift%3Dfalse&phint=payflowishd%3Dfalse&phint=payflowstep%3DAUTH&phint=sourceapp%3DSEG&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype&limit=10&r=26663933
Frame ID: 9B53323E601C77ADC53DFAAA65DB881B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5
Frame ID: 96493BF2EFD3E93F64EE795B6FCD7567
Requests: 11 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&env=prod
Frame ID: 5DB7C6FEF866E87F576E90127FBF2F15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuDB31Ms73Rgzc5wNTULemEsK72hgzafRDCyHRALJ5... HTTP 302
https://myaccount.nytimes.com/get-started/payment?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&... HTTP 302
https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mci... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

82
Requests

100 %
HTTPS

59 %
IPv6

21
Domains

34
Subdomains

32
IPs

4
Countries

4129 kB
Transfer

6373 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/?ad-keywords=acsm
Title: The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/california-notice
Title: California Notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuDB31Ms73Rgzc5wNTULemEsK72hgzafRDCyHRALJ5J8WzfJPmJ4e0KPEPzezbmthGzeucCzc5VXtpKX%3DTTDTCCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbmHg9QQjkbQupkR6Pp1g4MwQBsefPlU49njpgCqILEociZJrS4QSAlH4jkwZkAVXUNufOCFOU90f71HlypxU6rJQRVbrPogfSaWp-0tUmJH20.&_di_=ne7ri3i658ueacihhr0vq0u7dd721emq95pkpb1sfdk75cpc2i2g HTTP 302
https://myaccount.nytimes.com/get-started/payment?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785 HTTP 302
https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D40524%26time%3D1627563800012%26url%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fauth%253Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&liSync=true&e_ipv6=AQJHplAxBAA10AAAAXryXLg5YWmdf7rGk0RDInEagm7YPg5_et41-fU2Hc0bXgv67Uy4mgTD

82 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
myaccount.nytimes.com/get-started/
Redirect Chain

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGuDB31Ms73Rgzc5wNTULemEsK72hgzafRDCyHRALJ5J8WzfJPmJ4e0KPEPzezbmthGzeucCzc5VXtpKX%3DTTDTCCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbmHg9QQjkbQupkR6Pp1...
https://myaccount.nytimes.com/get-started/payment?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

9 KB
9 KB

415ms
415ms

Document
text/html

151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5b230f73b07824da6c4bdad5d293884c74a3567023444fca68f7795c8c1e906e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
server: Apache
x-frame-options: SAMEORIGIN DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-datadome-timer: (null),VE392
accept-ranges: bytes
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
x-served-by: cache-fra19168-FRA
x-cache: MISS
x-cache-hits: 0
x-api-version: F-X

Redirect headers

content-type: text/html;charset=UTF-8
server: Apache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
location: /get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-datadome-timer: (null),VE379
accept-ranges: bytes
date: Thu, 29 Jul 2021 13:03:18 GMT
via: 1.1 varnish
x-served-by: cache-fra19168-FRA
x-cache: MISS
x-cache-hits: 0
x-api-version: F-X
content-length: 0

GET
H2 200 vendor.bundle.e1abed26031a3c36b0b1.js Show response
myaccount.nytimes.com/get-started/js/dest/ 153 KB
153 KB 23ms
23ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/vendor.bundle.e1abed26031a3c36b0b1.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f35644d3dc9d35e8941a7240fe8164ae290800d37a121387fdf88d23b7fb9e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /get-started/js/dest/vendor.bundle.e1abed26031a3c36b0b1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: myaccount.nytimes.com
referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 136
x-cache: HIT
content-length: 156677
x-xss-protection: 1; mode=block
x-served-by: cache-fra19168-FRA
last-modified: Mon, 26 Jul 2021 13:33:57 GMT
server: Apache
date: Thu, 29 Jul 2021 13:03:19 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Thu, 29 Jul 2021 09:28:59 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE471
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 checkout.bundle.e1abed26031a3c36b0b1.js Show response
myaccount.nytimes.com/get-started/js/dest/ 2 MB
2 MB 63ms
63ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/checkout.bundle.e1abed26031a3c36b0b1.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

1b7adeb8e7128cc12123bcdac1a415dc65a6454b5dd7c231c2b5ed0c9e1f8ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /get-started/js/dest/checkout.bundle.e1abed26031a3c36b0b1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: myaccount.nytimes.com
referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 301
x-cache: HIT
content-length: 1968285
x-xss-protection: 1; mode=block
x-served-by: cache-fra19168-FRA
last-modified: Mon, 26 Jul 2021 13:33:57 GMT
server: Apache
date: Thu, 29 Jul 2021 13:03:19 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Thu, 29 Jul 2021 12:52:47 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE381
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 20ms
7ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 11:27:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 50 B
322 B 33ms
32ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5425213&v=1.720.0&sl=0&si=b58f195b-524a-4424-ab05-4274c6d892cb-qx0c9h&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: be02a900b9ca948ecd29a75a7f01aff05abbc7d3cfe7b90ee63dcaadb86cf2a7

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 13:03:19 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50
Content-Type: application/json

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 277ms
46ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=myaccount.nytimes.com&source=checkoutjs&t=xo&v=4.0.299

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/checkout.bundle.e1abed26031a3c36b0b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-BBMHcdge8Er962EI4PkwXT8Tx4W4LrOvvRtrDOvSFV1feeLY' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-BBMHcdge8Er962EI4PkwXT8Tx4W4LrOvvRtrDOvSFV1feeLY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
paypal-debug-id: 6a545d0a6b5b6
cache-control: public, max-age=3600
date: Thu, 29 Jul 2021 13:03:19 GMT
strict-transport-security: max-age=63072000
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4321
x-xss-protection: 1; mode=block

GET
H2 200 standalone.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 46 KB
19 KB 23ms
23ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/unified_lire/js/standalone.bundle.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/checkout.bundle.e1abed26031a3c36b0b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9be3ed9a2dc140f79ffebddd8e00c04e64f4955f1f525ffe80fe8c2493e81fd7

Request headers

:path: /unified_lire/js/standalone.bundle.js
pragma: no-cache
cookie: RT="z=1&dm=nytimes.com&si=b58f195b-524a-4424-ab05-4274c6d892cb&ss=kroxgnbd&sl=0&tt=0"
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: myaccount.nytimes.com
referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
x-api-version: F-X
age: 302
x-cache: HIT
x-cache-hits: 1
content-length: 18831
x-served-by: cache-fra19168-FRA
server: Google Frontend
etag: "rsy7qQ"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: e3ba4f9f3bf8502a2b679a54cc8b0b64
cache-control: public, max-age=600
x-datadome-timer: (null),VE140
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Thu, 29 Jul 2021 04:29:26 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08cd18445c6b36281295051959279ea330bb23dc4ca2e3b359549e02ea5916fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 Books-Image.jpg
myaccount.nytimes.com/get-started/images/ 225 KB
225 KB 25ms
25ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.nytimes.com/get-started/images/Books-Image.jpg

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c01c6c339b91168fe5772cc47eaa6003c6b046de65e344e9aed9fc8cac820f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /get-started/images/Books-Image.jpg
pragma: no-cache
cookie: RT="z=1&dm=nytimes.com&si=b58f195b-524a-4424-ab05-4274c6d892cb&ss=kroxgnbd&sl=0&tt=0"
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: myaccount.nytimes.com
referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 301
x-cache: HIT
content-length: 230211
x-xss-protection: 1; mode=block
x-served-by: cache-fra19168-FRA
last-modified: Mon, 26 Jul 2021 13:33:57 GMT
server: Apache
date: Thu, 29 Jul 2021 13:03:19 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Thu, 29 Jul 2021 12:52:49 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE400
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ 27 KB
27 KB 67ms
20ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 44ce733e1c9cedefd832ff0b571555695fb7f8dbff7a066d3de45c446e44bb45

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tEQkCg==, md5=QUdY3gmNxkS2iK+gMdNfmw==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: font/woff
age: 1862011
x-guploader-uploadid: ADPycdsl4ezDXLKVaCSv_aobq9tfiWS_64uFfAw8bvMugMUBLocXzEDJWPX9mmDd8xZb_Z_GX5LAzQ49V1SVnw3SKX9YZ64bSQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27196
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:49:48 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627563799.442205,VS0,VE0
etag: "414758de098dc644b688afa031d35f9b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513131086
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27196
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 109

GET
H2 200 franklin-italic-600.woff
g1.nyt.com/fonts/family/franklin/ 28 KB
28 KB 81ms
35ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-italic-600.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 81bbd72fd89a648606e310631ac244511224b04109669bdd8e32025e1e31bce3

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=LPGmIA==, md5=fGqTxoRxTgP8aghesGEQog==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: font/woff
age: 1243105
x-guploader-uploadid: ADPycdtUr9H6t7ribCI4QLQl48LhnZXi_8inp5JkSW6rojQRNzOvIRVFSm56bXrUUdM_dTaeAU4KyWzz5fArAd4rwng
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28504
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Fri, 15 Jul 2022 03:44:53 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627563799.442192,VS0,VE0
etag: "7c6a93c684714e03fc6a085eb06110a2"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743512978225
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 franklin-normal-600.woff
g1.nyt.com/fonts/family/franklin/ 27 KB
27 KB 81ms
34ms Font
application/octet-stream 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fc6adb58ed6e469f9d51d84ba52b4133c5e227a292828693058ebb880b9ba0ca

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i3YxGA==, md5=ioaZivmm9Uh3WNeP71SSDQ==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 649697
x-guploader-uploadid: ADPycdvKumHiLMEnTYYp9Ccuh0vzgYNyx61KwOSXhkNMCsWWdP_NPu_5xO24p-tBek8ifjTcTreXIqAD4a7Qr30cEPAk-K8wBw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27696
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:35:01 GMT
last-modified: Wed, 21 Jul 2021 17:23:54 GMT
server: UploadServer
x-timer: S1627563799.442307,VS0,VE0
etag: "8a86998af9a6f5487758d78fef54920d"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888234417214
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27696
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ 27 KB
28 KB 81ms
35ms Font
application/octet-stream 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=44i2vg==, md5=oZLbMQk12KiCgy4syD8hGQ==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 47062
x-guploader-uploadid: ADPycdsmRg6xC7hwCDamiAxLPhVmJYqlH-vFAMkQNZQeCW0GswGHpTBuuOd7-hfrUaWbgXUlp_KnC3OWG6VeGreUGGfgpKlJPw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27688
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Thu, 28 Jul 2022 23:58:56 GMT
last-modified: Wed, 21 Jul 2021 17:23:54 GMT
server: UploadServer
x-timer: S1627563799.442352,VS0,VE0
etag: "a192db310935d8a882832e2cc83f2119"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888234428957
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27688
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 122

GET
H2 200 cheltenham-normal-400.woff
g1.nyt.com/fonts/family/cheltenham/ 36 KB
37 KB 53ms
53ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4793e23b5bee0b1e4cbd0c56d606ee75789976edf8991db62445259d7fb6c202

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=1QABtA==, md5=I71OXAwnJZsGSqmubXh5gA==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: font/woff
age: 1246841
x-guploader-uploadid: ADPycdseodi5PB7yNW-g5SBbXjYJDxuRWS_Iq_g2kszBrozCKT6AdW4lhlOCmW_5kjtha97KZUtjkcPz_RSDivE1-HQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37080
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Fri, 15 Jul 2022 02:42:38 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627563799.448714,VS0,VE0
etag: "23bd4e5c0c27259b064aa9ae6d787980"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511925337
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 37080
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 json-kidd.min.js Show response
a1.nyt.com/analytics/ 178 KB
44 KB 24ms
23ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/json-kidd.min.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c37b8f12ac71dad4f488ceaaf46d11f9319bc0b2c8ddda3970e6974936587056

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=7T8KVw==, md5=jRcAPpBidNzVVOzFxaudQQ==
date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
content-type: application/javascript
age: 40393
x-guploader-uploadid: ADPycdv1buZnF6RotG1SYtJ0e1gV_O3fZCkJaoxE-xDEgsGzMVpyia9Z-2rRwgvoYwafiFL3R_yYsBf3jzKxzN4UuTD6lxQXhQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 44066
via: 1.1 varnish
x-served-by: cache-fra19168-FRA
accept-ranges: bytes
expires: Fri, 23 Jul 2021 01:43:15 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1627563799.483648,VS0,VE0
etag: "8d17003e906274dcd554ecc5c5ab9d41"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975877156
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 182122
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame 228D 18 KB
9 KB 173ms
173ms Document
text/html 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

2480bfafe2fa392603f9ac4645889eaab2f9c969af1bd1d1ff494f04d0203a03

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: RT="z=1&dm=nytimes.com&si=b58f195b-524a-4424-ab05-4274c6d892cb&ss=kroxgnbd&sl=0&tt=0"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 1805137775108082480
x-datadog-parent-id: 1805137775108082480
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
resp-details: [[it:lui]]
x-nyt-backend: lire-ui
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests
etag: W/"49fa-3SyNCL7oHUqDU7oXBqSpSL0nKWg"
content-encoding: gzip
x-cloud-trace-context: 4e336b1b59b9da882d7e08f201831e85
server: Google Frontend
x-datadome-timer: (null),VE140
accept-ranges: bytes
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
x-served-by: cache-fra19168-FRA
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
x-api-version: F-X

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
666 B 18ms
17ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

215b2909f7a7325a90bf69b36689585647f8e5337fab3cb51fa20d43bdf6dba3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Thu, 29 Jul 2021 13:03:19 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ 341 KB
341 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 15:10:23 GMT
x-content-type-options: nosniff
age: 78776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 349415
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 04:06:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 15:10:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 384 KB
104 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FQC2Q6&gtm_auth=DyMl56JJEuAAdIQqYEzq1w&gtm_preview=env-6&gtm_cookies_win=x

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99ea5969a6f7f82a91e3b316e4a47dd881c705716fd83f1a3e3bac8339ec8182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106212
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1005 B
1 KB 258ms
232ms XHR
application/json 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&jkcb=1627563799581
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d6611f3b7c965f088168f3920604b3942a26ae737ca992647094d978465a4fbd

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: c526a980c659f9d1e832837dc1643e7b
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 523
expires: Thu, 29 Jul 2021 13:03:19 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
819 B 224ms
178ms Image
image/gif 23.45.106.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=New%20York%20Times%20Checkout&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1627563799623&g=-120&completeurl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.106.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-106-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 13:03:19 GMT
P3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id: 98e0d372a4c8b
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 29 Jul 2021 13:03:19 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 228D 393 KB
133 KB 22ms
22ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=7f05129
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f19b9f81b3d1bbe85c88f609e4b5249a28e0318ecb6a2d3f1fb5049ea9fc35a2

Request headers

:path: /lire_ui/js/unified-lire.bundle.js?v=7f05129
pragma: no-cache
cookie: RT="z=1&dm=nytimes.com&si=b58f195b-524a-4424-ab05-4274c6d892cb&ss=kroxgnbd&sl=0&tt=0"; _gcl_au=1.1.1203845594.1627563800
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: myaccount.nytimes.com
referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
x-api-version: F-X
age: 405
x-cache: HIT
x-cache-hits: 6
content-length: 135929
x-served-by: cache-fra19168-FRA
server: Google Frontend
etag: "rsy7qQ"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: e8c1fc7b2029f22f87e1ae660c6c56c9;o=1
cache-control: public, max-age=600
x-datadome-timer: (null),VE628
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 27 Jul 2021 16:15:10 GMT

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame 228D 205 KB
49 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 11:27:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame 228D 0
0 144ms
109ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame 228D 231 KB
35 KB 32ms
7ms Script
text/javascript 2600:9000:20eb:ec00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ec00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f6b5ddc10d0f9b4c3f6449b88a5b7601beb45ab5162009e157a7ee5574272f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 12:44:47 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1112
x-cache: Hit from cloudfront
content-length: 35069
access-control-allow-origin: *
last-modified: Fri, 09 Jul 2021 13:43:31 GMT
server: Apache
etag: "39b38-5c6b0f5119638-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: cTn1VOvJ4lE_naiNBnMomzjeohs5L948dhTOxYeYr3w3Qef3CNZk_g==
expires: Thu, 29 Jul 2021 13:44:47 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 228D 50 B
322 B 38ms
37ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5425213&v=1.720.0&sl=0&si=b58f195b-524a-4424-ab05-4274c6d892cb-qx0c9h&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: be02a900b9ca948ecd29a75a7f01aff05abbc7d3cfe7b90ee63dcaadb86cf2a7

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 13:03:19 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50
Content-Type: application/json

POST
H2 200 track
a.et.nytimes.com/ Frame 228D 0
0 107ms
106ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame 228D 1012 B
1 KB 164ms
141ms Fetch
application/json 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dpur.flow.bus%26redirect_uri%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fpayment%253Fo%25253D0fd8cf46-d029-11ea-a072-340cee6a52b6%252526campaignId%25253D9LUJ9%252526mcid%25253DNYT%252526mc%25253DEInternal%252526subid%25253DUSGM%252526launch_id%25253D11430785%26display%3Ddefault%26application%3Dpayflow%26preloaded%3Dfalse%23lire-ui-779622
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=7f05129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 664daed5769ae544611ff04b0dc3cc48a51ad1829d48e2f87e48d4dd951a8fef

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 16464cd588bce4e3daf83ae91b57b311
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 528
expires: Thu, 29 Jul 2021 13:03:19 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 81ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FQC2Q6&gtm_auth=DyMl56JJEuAAdIQqYEzq1w&gtm_preview=env-6&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6d2b2652cd4f5b0c8ce1b586871e24d54cc134737f50f8ba6a16c469ad9cf5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13913
x-xss-protection: 0
server: cafe
etag: 9921229738351535883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Jul 2021 13:03:19 GMT

GET
H2 200 my_account_prod.js Show response
cdn.optimizely.com/public/3013110282/s/ 295 KB
88 KB 136ms
122ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/3013110282/s/my_account_prod.js

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a4346f1ca1df87066eb4c7ab7457e7b923676b70227379586e2a12e2d62e36c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: OnZSfAH7ISUpN9KZvXpJ_oB_IXj2VHHZ
content-encoding: gzip
etag: "3ad0ceecdfca064a7415251a7050b2e8"
x-amz-request-id: 8V1XBY0JCVDMEP2M
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 55582
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 89061
x-amz-id-2: qygu71XBQ/NmlRgg0tQLkMTbb4+0MsmYRuYxuMfEXPFqDyMNZ0tyFBry0xTFnCkrXsGCaI7rDyY=
last-modified: Mon, 04 Jan 2021 16:02:31 GMT
server: AmazonS3
date: Thu, 29 Jul 2021 13:03:20 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ab-config Show response
myaccount.nytimes.com/svc/get-started/api/v1/ 39 B
215 B 428ms
427ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/svc/get-started/api/v1/ab-config

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

245f2469539df8f69cba0b7b03d529912e744e8543adf80116a67a77c5cc7670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /svc/get-started/api/v1/ab-config
pragma: no-cache
cookie: RT="z=1&dm=nytimes.com&si=b58f195b-524a-4424-ab05-4274c6d892cb&ss=kroxgnbd&sl=0&tt=0"; _gcl_au=1.1.1203845594.1627563800; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; nyt-jkidd=uid=0&lastRequest=1627563799665&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: myaccount.nytimes.com
referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
x-cache: MISS
content-length: 39
x-xss-protection: 1; mode=block
x-served-by: cache-fra19168-FRA
pragma: no-cache
server: Apache
date: Thu, 29 Jul 2021 13:03:20 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-datadome-timer: (null),VE395
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FQC2Q6&gtm_auth=DyMl56JJEuAAdIQqYEzq1w&gtm_preview=env-6&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6295
date: Thu, 29 Jul 2021 11:18:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 29 Jul 2021 13:18:24 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 135ms
118ms Script
application/javascript 2a02:26f0:6c00:2b8::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b8::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 5e2d7a0c-2.16.186.156
accept-ranges: bytes
content-length: 584
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 13:03:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=21156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
109ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 228D 29 KB
29 KB 23ms
20ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: font/woff
age: 1852908
x-guploader-uploadid: ADPycdtg-ZeGD_1W8sDDZ2AV2lKJ-gOjApUKxGye0eYviA9IQyPbYB9SbjtthtaJwpwfq9rg1NZoZ8c_PSFTZPsxDAT3kBgWKQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Fri, 08 Jul 2022 02:21:32 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1627563800.923890,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717313763
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 62

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 228D 29 KB
29 KB 21ms
20ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Thu, 29 Jul 2021 13:03:19 GMT
via: 1.1 varnish
content-type: font/woff
age: 1847868
x-guploader-uploadid: ADPycdtc5duM1SBVkeJ7c8-rFcMq9hE0rdNxLI0Km6y1rybqJ4HsrNTx8ISpLZ54jXpm0qNFtaATuJmhe-e9VcxjwrU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-fra19170-FRA
accept-ranges: bytes
expires: Fri, 08 Jul 2022 03:45:32 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1627563800.925742,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717322939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 60

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9E1E 39 KB
20 KB 38ms
37ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=invisible&badge=none&cb=54uq88nk77yl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1681c15795ba27ee72b69004703e0f3ea03d1b6ce332aa303706ac9e08789b4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xTboRk7pC4duBEdEmUrDgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=invisible&badge=none&cb=54uq88nk77yl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Jul 2021 13:03:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-xTboRk7pC4duBEdEmUrDgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20461
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 135ms
52ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 29 Jul 2021 13:03:20 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Thu, 05 Aug 2021 13:03:20 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame 228D 0
0 106ms
106ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame 228D 232 B
564 B 28ms
14ms XHR
application/json 2600:9000:20eb:ec00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: 47b1cfdd3dcb29bb91ee4605349a48637596d92137161dfb97366ab808a587d8

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:20 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
x-amz-cf-id: Kjpc_TL_yZS2L-lP3hHYBcMuHnTOZdGUS7d8cgQPAzQheE1iMYEg5g==
expires: 0

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 122ms
33ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:20 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1453853006&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth&dr=&dp=%2Fget-started%2Fsignup%3Fproduct%3Dsubscription%26mode%3Ddigi%26rate%3Dregular&ul=en-us&de=UTF-8&dt=New%20York%20Times%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=USGM&cs=NYT&cm=EInternal&ck=&cc=&_u=YEBAAEABAAAAAC~&jid=780119811&gjid=813744272&cid=106869010.1627563800&tid=UA-58630905-1&_gid=2005839279.1627563800&_r=1&gtm=2wg7s05FQC2Q6&cd1=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth&cd2=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&cd3=%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&cd4=Digital%20Subscription&cd9=&cd10=NYT&cd14=&cd15=paid&cd16=marketing_campaign&cd26=&cd27=&cd28=&cd29=&cd37=0&cd42=SEG&cd48=&cd49=blurb_under_100&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd98=&cd114=&cd117=&z=852519897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9L...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D40524%26time%3D1627563800012%26url%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9L...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9...

0
155 B

3067ms
216ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&liSync=true&e_ipv6=AQJHplAxBAA10AAAAXryXLg5YWmdf7rGk0RDInEagm7YPg5_et41-fU2Hc0bXgv67Uy4mgTD
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:23 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: hz1V/6dElhaguQlivCoAAA==

Redirect headers

date: Thu, 29 Jul 2021 13:03:20 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1627563800012&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&liSync=true&e_ipv6=AQJHplAxBAA10AAAAXryXLg5YWmdf7rGk0RDInEagm7YPg5_et41-fU2Hc0bXgv67Uy4mgTD
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: AoFUSKdElhbAfOL/2SoAAA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?random=1627563800017&cv=9&fst=1627563800017&num=1&label=9sgRCN2pgmgQyL734AM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&data=wat%3D&frm=0&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&tiba=New%20York%20Times%20Checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eadcfabfd129222ae3e5413f526aea56d3e3ca5fad929a5608788368da1652c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1168
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame 228D 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3Fo%253D0fd8cf46-d029-11ea-a072-340cee6a52b6%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D11430785&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 9E1E 52 KB
52 KB 19ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=invisible&badge=none&cb=54uq88nk77yl

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 12:45:49 GMT
vary: Accept-Encoding
last-modified: Mon, 19 Jul 2021 04:06:17 GMT
server: sffe
x-content-type-options: nosniff
age: 1051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:45:49 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 9E1E 341 KB
133 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 09:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136001
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 04:06:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 09:23:40 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1008590664/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1008590664/?random=1627563800017&cv=9&fst=1627563600000&num=1&label=9sgRCN2pgmgQyL734AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&data=wat%3D&frm=0&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&tiba=New%20York%20Times%20Checkout&async=1&fmt=3&is_vtc=1&random=656051782&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1008590664/ 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008590664/?random=1627563800017&cv=9&fst=1627563600000&num=1&label=9sgRCN2pgmgQyL734AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&data=wat%3D&frm=0&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&tiba=New%20York%20Times%20Checkout&async=1&fmt=3&is_vtc=1&random=656051782&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 130ms
130ms Script
application/javascript 2a02:26f0:6c00:2b8::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b8::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 5e2d7ac8-2.16.186.156
accept-ranges: bytes
content-length: 17418
access-control-expose-headers: X-CDN

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9E1E 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 221355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 02 Aug 2021 23:34:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9E1E 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 228959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 21:27:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9E1E 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 167822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 14:26:18 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9E1E 102 B
132 B 17ms
17ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed4b06b4fbf7117c1910a1480845b4880615606bb4f399cb5df51583889fdc27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=invisible&badge=none&cb=54uq88nk77yl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 29 Jul 2021 13:03:20 GMT

GET
H/1.1 200
OK Cookie set 50134 Show response
stags.bluekai.com/site/ Frame 9B53 71 B
1 KB 2130ms
2084ms Document
text/html 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3Dfalse&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&phint=section&phint=subsection&phint=pagetype&phint=payflowbundletype%3Dunknown&phint=payflowiscooking%3Dtrue&phint=payflowiscrossword%3Dfalse&phint=payflowisdonation%3Dtrue&phint=payflowisedu%3Dtrue&phint=payflowregion%3Dint&phint=payflowisdigigift%3Dfalse&phint=payflowishdgift%3Dfalse&phint=payflowishd%3Dfalse&phint=payflowstep%3DAUTH&phint=sourceapp%3DSEG&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype&limit=10&r=26663933
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://myaccount.nytimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: fa16
Date: Thu, 29 Jul 2021 13:03:20 GMT
Connection: keep-alive
Set-Cookie: bkdc=phx; expires=Tue, 25-Jan-2022 13:03:20 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bkpa=KJh2P1+rtp9xdOg78AxwVTAwHCs6uj3ifuUJGSKYJkzuRVGoA1rbIFLrjEZtoqi9er/10Ul1nsIXJgCjJZZIImu9NMDN833+B5/bKceD+EenFyi6K//SVNVQBeJEYrBCGvHNT1ms9/mno68CLr686MgqtBWasiL7J/pxuo4AxmoV92/TjvtBToiUIWN9juesDfguhy0mKvlsbBI55HBxVgFk21SyoHgzYjC+m95Bjkhe/2yViYIynDlbPkgUQOrb20Wcvk0iSMPkV1iRCAD4nptZCfepOGM9Iuw/0ryWKEigpVLWfNW68p3txZt1k5rhqoTEcssLqyF/frgtl9Erzh+x/D7d9uVbZa5bbOkUyP6JFSMET0OMCH1Xm7SbZDNIXvXp4aNBNcvLIN7t0adEY5AcrLSm59wIV+3sXxoGfAAT9LDgWSiK8RdH+WZofZu8vmR30PqpB9DhaXk+BLXUixxGhenqanmLAvJoCSfym5oo24l+tTgOHr3Tdw7g+PdyfX1pz3DGe91LjAIdFEp2TvDH9VU2rT4u5JW7+l4nGjepOFY8DDzWjlduY2sPhrftgCtZmr9Vfxfw5tCd+e389OwVVKIcYE7EIfOOVHxhMyF72tbR1Qb3ducsJk40f1jUTan/VFt4djMhOwaBr72fdUoGGQNmQZQMdwny5JQshlrMwF6y4vf8TUG4yR9/8ripS/llSEsCy5wo1VRF6ci3198gn8UHMSjNZk085PRDHqfvXlXClhsH; expires=Tue, 25-Jan-2022 13:03:20 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=NL199Oi79Za5opQA; expires=Tue, 25-Jan-2022 13:03:20 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9649 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de609e64fb434aee823431baefcbf7d9476b471bae44c565e8a46aa463124861

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-71IB+5+RVwIf/GbkbcZ87A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Jul 2021 13:03:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-71IB+5+RVwIf/GbkbcZ87A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 267 KB
95 KB 39ms
39ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 5a2717b3d335103d0609f0a67a8921755d773e8af572cf8f0d51864351b7125a

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:20 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
ct.pinterest.com/user/ 316 B
530 B 2180ms
2085ms XHR
application/json 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612709798038&cb=1627563800252
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d48338735df35a1809a90ce6b18aa24ec4aed6b06ed9632a42ce7fd662910334

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:22 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myaccount.nytimes.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU1EUXlNbUU0TVRVdE5XTXhPUzAwTmpBNUxXRm1Zakl0Wm1ZMU5XWm1OamxpT1RKag
x-pinterest-rid: 1747436071827260
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 296
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 2179ms
2085ms Image
image/gif 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612709798038&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1627563800254
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:22 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1392045590902195
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
82 B 2179ms
2085ms Image
image/gif 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614963538652&ov=%7B%22page_name%22%3A%22%22%2C%22page_category%22%3A%22%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1627563800254
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:22 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 3840714721629030
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 abra.min.js Show response
a1.nyt.com/analytics/abra/v1.0.9/ 2 KB
2 KB 22ms
22ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/abra/v1.0.9/abra.min.js
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f73c1255ccc1f100b5f3f4789babd6e7de579918a2605bd591a31f07147d082b

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KplWvA==, md5=ZRdImeSrwMi6ngwOYVkLBA==
date: Thu, 29 Jul 2021 13:03:20 GMT
content-encoding: gzip
content-type: application/javascript
age: 7748
x-guploader-uploadid: ADPycdsntTIHja0ztz5W18xC2OKnInBEElyjx5ZuT5xGjXdFvYFqrOimH1kAuq-I-G-EJDrIATr_tPOu-UppHBZGaiSu1MZ8jw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1069
via: 1.1 varnish
x-served-by: cache-fra19168-FRA
accept-ranges: bytes
expires: Mon, 26 Jul 2021 10:31:45 GMT
last-modified: Fri, 01 Mar 2019 22:51:51 GMT
server: UploadServer
x-timer: S1627563800.345760,VS0,VE1
etag: "65174899e4abc0c8ba9e0c0e61590b04"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1551480711411415
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 1820
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 9649 52 KB
52 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 12:45:49 GMT
vary: Accept-Encoding
last-modified: Mon, 19 Jul 2021 04:06:17 GMT
server: sffe
x-content-type-options: nosniff
age: 1051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
expires: Fri, 29 Jul 2022 12:45:49 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 9649 341 KB
133 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 09:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136001
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 04:06:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 09:23:40 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 6 KB
2 KB 2967ms
33ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb8162x69019
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 108def55e036de7bbfa267372fa9bcff0178176046536b54b875766ae104791a

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:23 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Thu, 29 Jul 2021 13:04:23 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/ 13 KB
2 KB 2962ms
34ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 2ff0f7e55288d87709d3e13918075d6657f5fc97fe74c0fae0a8923ee1a9ee02

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:23 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 0
expires: Thu, 29 Jul 2021 13:04:23 GMT

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9649 35 KB
21 KB 58ms
58ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b72d81a38b8a6c858b85232e740c1fcad903244baaa5ceb724a1691e7876eb9e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 29 Jul 2021 13:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21427
x-xss-protection: 1; mode=block
expires: Thu, 29 Jul 2021 13:03:20 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9649 600 B
622 B 10ms
10ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:57:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 187527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Tue, 03 Aug 2021 08:57:53 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9649 530 B
552 B 11ms
10ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:51:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 169904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Tue, 03 Aug 2021 13:51:36 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9649 665 B
687 B 11ms
10ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 03:00:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 208975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Tue, 03 Aug 2021 03:00:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9649 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 228959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 21:27:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9649 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 167822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 14:26:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9649 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 167822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 14:26:18 GMT

GET
H3-29 200 payload
www.google.com/recaptcha/api2/ Frame 9649 22 KB
22 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq26sNEp_zBuCqpaL_MVRdVKVB-i8cjLsyWxEg7xRooBtnprfihdI6G_FEeNzoCZv7ymNvM6IESJ_M-fiqE-sQ4T4p-bdV1dmUWdzYQe3vNVUMozCsBKuj1-2yGBqBrtRXkWP6xGjHrrGryGRCtCDSIOs55IJUPqgiXJtLNnzojJJUassTGt9VuhOsQl7K55IfpgerGL-dV3UROIszQ39FLrwzwxVMQ&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?o=0fd8cf46-d029-11ea-a072-340cee6a52b6&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=11430785

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

04a19a95974bddf2303ffb4a9e491960a49f566cf96ed443322fbd93a2ff9eed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=ywup7wovijx5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:20 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22841
x-xss-protection: 1; mode=block
expires: Thu, 29 Jul 2021 13:03:20 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 186ms
84ms XHR
text/plain 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 13:03:22 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8470371122963869
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/ Frame 5DB7 39 KB
16 KB 119ms
33ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.13.1.0-release_5043/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

date: Thu, 29 Jul 2021 13:03:23 GMT
content-type: text/html
last-modified: Wed, 16 Jun 2021 19:00:26 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Thu, 29 Jul 2021 13:13:23 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/ 38 KB
15 KB 50ms
49ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.13.1.0-release_5043/storage.secure.min.js?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 540834be0c71d9542ef6ff9fb4b79e8dc6fba5d70546a3e1d1583869a4b2f6ff

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:23 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 19:00:26 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 29 Jul 2021 13:13:23 GMT

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 237 B
1 KB 532ms
208ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?&cb=lpCb18277x15335&t=sp&ts=1627563800538&pid=5813103883&tid=1271641687&pt=New%20York%20Times%20Checkout&u=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3Fo%3D0fd8cf46-d029-11ea-a072-340cee6a52b6%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D11430785&df=0&os=0&sdes=%5B%7B%22type%22%3A%22prodView%22%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22unknown%22%2C%22category%22%3A%22Digital%20Subscription%22%7D%7D%5D%7D%2C%7B%22type%22%3A%22cart%22%2C%22total%22%3A%22unknown%22%2C%22numItems%22%3A1%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22unknown%22%2C%22category%22%3A%22Digital%20Subscription%22%2C%22sku%22%3A%22unknown%22%2C%22price%22%3A%22unknown%22%7D%2C%22quantity%22%3A1%7D%5D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 6475d45a8e232070af85c138bc3dd98cfaf19a2e824d812bbce44029abc863b6

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:24 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 113ms
112ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=njBYnapNQ2ObzWI9XmlXTQ&cb=lpCb45263x18969&t=pl&ts=1627563803782&pid=5813103883&tid=1271641687&vid=c2MzBkMjk1NzM1ZmE3YTIz
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 9e33ee49f756e3933671f4b7fee461d2595162795bd612516ce33c5912f7dc57

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:24 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 457ms
113ms Preflight
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://myaccount.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://myaccount.nytimes.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Thu, 29 Jul 2021 13:03:24 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
247 B 114ms
113ms XHR
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/my_account_prod.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://myaccount.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Thu, 29 Jul 2021 13:03:24 GMT
Content-Type: text/plain

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 73 B
823 B 210ms
209ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=njBYnapNQ2ObzWI9XmlXTQ&cb=lpCb81407x24781&t=ip&ts=1627563814434&pid=5813103883&tid=1271641687&vid=c2MzBkMjk1NzM1ZmE3YTIz
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: f3add5a36e36976ccb51b4029014014a51badf1a63899d356c4dcee61179ea14

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 13:03:34 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluekai.com/	1970-01-20 00:25:15	Name: bku Value: NL199Oi79Za5opQA
.bluekai.com/	1970-01-20 00:25:15	Name: bkpa Value: KJh2P1+rtp9xdOg78AxwVTAwHCs6uj3ifuUJGSKYJkzuRVGoA1rbIFLrjEZtoqi9er/10Ul1nsIXJgCjJZZIImu9NMDN833+B5/bKceD+EenFyi6K//SVNVQBeJEYrBCGvHNT1ms9/mno68CLr686MgqtBWasiL7J/pxuo4AxmoV92/TjvtBToiUIWN9juesDfguhy0mKvlsbBI55HBxVgFk21SyoHgzYjC+m95Bjkhe/2yViYIynDlbPkgUQOrb20Wcvk0iSMPkV1iRCAD4nptZCfepOGM9Iuw/0ryWKEigpVLWfNW68p3txZt1k5rhqoTEcssLqyF/frgtl9Erzh+x/D7d9uVbZa5bbOkUyP6JFSMET0OMCH1Xm7SbZDNIXvXp4aNBNcvLIN7t0adEY5AcrLSm59wIV+3sXxoGfAAT9LDgWSiK8RdH+WZofZu8vmR30PqpB9DhaXk+BLXUixxGhenqanmLAvJoCSfym5oo24l+tTgOHr3Tdw7g+PdyfX1pz3DGe91LjAIdFEp2TvDH9VU2rT4u5JW7+l4nGjepOFY8DDzWjlduY2sPhrftgCtZmr9Vfxfw5tCd+e389OwVVKIcYE7EIfOOVHxhMyF72tbR1Qb3ducsJk40f1jUTan/VFt4djMhOwaBr72fdUoGGQNmQZQMdwny5JQshlrMwF6y4vf8TUG4yR9/8ripS/llSEsCy5wo1VRF6ci3198gn8UHMSjNZk085PRDHqfvXlXClhsH
.bluekai.com/	1970-01-20 00:25:15	Name: bkdc Value: phx
.google.com/recaptcha	1970-01-20 00:25:15	Name: _GRECAPTCHA Value: 09AF3sbRxIvklI_CzOLBztuIGm-vzuI0Mf6Dv3qMEDMhZ51t5QTVC3afJ-KXmjfydQC-5itPbPlOcN3dR2z0gMiVU
.nytimes.com/	1970-01-19 20:16:08	Name: RT Value: "z=1&dm=nytimes.com&si=b58f195b-524a-4424-ab05-4274c6d892cb&ss=kroxgnbd&sl=1&tt=5jh&rl=1&ld=5ji"
.myaccount.nytimes.com/	1970-01-20 04:51:39	Name: _pin_unauth Value: dWlkPU1EUXlNbUU0TVRVdE5XTXhPUzAwTmpBNUxXRm1Zakl0Wm1ZMU5XWm1OamxpT1RKag
.nytimes.com/	1969-12-31 23:59:59	Name: LPSID-17743901 Value: njBYnapNQ2ObzWI9XmlXTQ
.nytimes.com/	1970-01-20 04:51:39	Name: LPVID Value: c2MzBkMjk1NzM1ZmE3YTIz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js(Line 1) Message: Pinterest Tag Error: 'load' command was called multiple times. Previously for tag id '%s', now for tag id '%s'. 2612709798038 2614963538652

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.et.nytimes.com
a.nytimes.com
a1.nyt.com
accdn.lpsnmedia.net
c.go-mpulse.net
cdn.optimizely.com
ct.pinterest.com
dd.nytimes.com
e.newyorktimes.com
errors.client.optimizely.com
fonts.gstatic.com
g1.nyt.com
googleads.g.doubleclick.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
myaccount.nytimes.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.go-mpulse.net
s.pinimg.com
snap.licdn.com
stags.bluekai.com
t.paypal.com
tags.bkrtx.com
typeface.nyt.com
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
104.111.228.123
104.111.228.137
108.174.10.14
142.250.186.66
151.101.13.164
151.101.132.84
162.223.233.247
178.249.97.23
178.249.97.98
178.249.97.99
208.89.12.87
23.45.106.90
23.45.99.241
2600:9000:20eb:ec00:a:a8c5:a040:93a1
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:828::2013
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2003
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:2a0::13b8
2a02:26f0:6c00:2b8::1931
2a02:26f0:6c00:2b9::11a6
3.225.10.210
04a19a95974bddf2303ffb4a9e491960a49f566cf96ed443322fbd93a2ff9eed
08cd18445c6b36281295051959279ea330bb23dc4ca2e3b359549e02ea5916fb
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
108def55e036de7bbfa267372fa9bcff0178176046536b54b875766ae104791a
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1681c15795ba27ee72b69004703e0f3ea03d1b6ce332aa303706ac9e08789b4e
1b7adeb8e7128cc12123bcdac1a415dc65a6454b5dd7c231c2b5ed0c9e1f8ec2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
215b2909f7a7325a90bf69b36689585647f8e5337fab3cb51fa20d43bdf6dba3
245f2469539df8f69cba0b7b03d529912e744e8543adf80116a67a77c5cc7670
2480bfafe2fa392603f9ac4645889eaab2f9c969af1bd1d1ff494f04d0203a03
2eadcfabfd129222ae3e5413f526aea56d3e3ca5fad929a5608788368da1652c
2ff0f7e55288d87709d3e13918075d6657f5fc97fe74c0fae0a8923ee1a9ee02
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44ce733e1c9cedefd832ff0b571555695fb7f8dbff7a066d3de45c446e44bb45
4793e23b5bee0b1e4cbd0c56d606ee75789976edf8991db62445259d7fb6c202
47b1cfdd3dcb29bb91ee4605349a48637596d92137161dfb97366ab808a587d8
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
540834be0c71d9542ef6ff9fb4b79e8dc6fba5d70546a3e1d1583869a4b2f6ff
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5a2717b3d335103d0609f0a67a8921755d773e8af572cf8f0d51864351b7125a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b230f73b07824da6c4bdad5d293884c74a3567023444fca68f7795c8c1e906e
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
6475d45a8e232070af85c138bc3dd98cfaf19a2e824d812bbce44029abc863b6
664daed5769ae544611ff04b0dc3cc48a51ad1829d48e2f87e48d4dd951a8fef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2b2652cd4f5b0c8ce1b586871e24d54cc134737f50f8ba6a16c469ad9cf5fb
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5
81bbd72fd89a648606e310631ac244511224b04109669bdd8e32025e1e31bce3
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
99ea5969a6f7f82a91e3b316e4a47dd881c705716fd83f1a3e3bac8339ec8182
9be3ed9a2dc140f79ffebddd8e00c04e64f4955f1f525ffe80fe8c2493e81fd7
9e33ee49f756e3933671f4b7fee461d2595162795bd612516ce33c5912f7dc57
a4346f1ca1df87066eb4c7ab7457e7b923676b70227379586e2a12e2d62e36c5
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b72d81a38b8a6c858b85232e740c1fcad903244baaa5ceb724a1691e7876eb9e
be02a900b9ca948ecd29a75a7f01aff05abbc7d3cfe7b90ee63dcaadb86cf2a7
c01c6c339b91168fe5772cc47eaa6003c6b046de65e344e9aed9fc8cac820f88
c37b8f12ac71dad4f488ceaaf46d11f9319bc0b2c8ddda3970e6974936587056
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
d48338735df35a1809a90ce6b18aa24ec4aed6b06ed9632a42ce7fd662910334
d6611f3b7c965f088168f3920604b3942a26ae737ca992647094d978465a4fbd
de609e64fb434aee823431baefcbf7d9476b471bae44c565e8a46aa463124861
e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ed4b06b4fbf7117c1910a1480845b4880615606bb4f399cb5df51583889fdc27
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19b9f81b3d1bbe85c88f609e4b5249a28e0318ecb6a2d3f1fb5049ea9fc35a2
f35644d3dc9d35e8941a7240fe8164ae290800d37a121387fdf88d23b7fb9e62
f3add5a36e36976ccb51b4029014014a51badf1a63899d356c4dcee61179ea14
f6b5ddc10d0f9b4c3f6449b88a5b7601beb45ab5162009e157a7ee5574272f61
f73c1255ccc1f100b5f3f4789babd6e7de579918a2605bd591a31f07147d082b
fc6adb58ed6e469f9d51d84ba52b4133c5e227a292828693058ebb880b9ba0ca

myaccount.nytimes.com Open in urlscan Pro 151.101.13.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

100 %HTTPS

59 %IPv6

21 Domains

34 Subdomains

32 IPs

4 Countries

4129 kBTransfer

6373 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myaccount.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

100 %
HTTPS

59 %
IPv6

21
Domains

34
Subdomains

32
IPs

4
Countries

4129 kB
Transfer

6373 kB
Size

8
Cookies

82 HTTP transactions
2 data transactions