help.nytimes.com Open in urlscan Pro
104.16.51.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQG1EN0FW6yPJL4zcHAgNEzdd7sTzdEzfE3gIrPp7EnIp4zaMX2bXD6BlzbpX3E4...
Effective URL:
https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Submission Tags: falconsandbox
Submission: On November 04 via api (November 4th 2022, 7:54:28 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 25 domains to perform 93 HTTP transactions. The main IP is 104.16.51.111, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is help.nytimes.com. The Cisco Umbrella rank of the primary domain is 461813.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 7th 2021. Valid for: a year.

This is the only time help.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.223.233.247 162.223.233.247	15334 (RESPONSYS) (RESPONSYS)
1 7	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
7	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
2	143.204.215.121 143.204.215.121	16509 (AMAZON-02) (AMAZON-02)
1 3	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
7	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:d200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	96.16.135.39 96.16.135.39	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::ac43:45f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	3.211.10.9 3.211.10.9	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
4	50.19.192.122 50.19.192.122	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:24e... 2600:1f18:24e6:b900:7bed:18ea:ee11:be62	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.151.210 13.248.151.210	16509 (AMAZON-02) (AMAZON-02)
93	30

1 162.223.233.247 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com

e.newyorktimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.51.111 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

help.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nytimes.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.70.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theme.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.72.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

p20.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customerchat.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customerchat.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-121.fra53.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45f7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.10.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-10-9.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.bd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.19.192.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-192-122.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:7bed:18ea:ee11:be62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2849 p20.zdassets.com — Cisco Umbrella Rank: 59736 theme.zdassets.com — Cisco Umbrella Rank: 15284	365 KB
15	nytimes.com help.nytimes.com — Cisco Umbrella Rank: 461813 customerchat.nytimes.com — Cisco Umbrella Rank: 283203 a.nytimes.com — Cisco Umbrella Rank: 10482 a.et.nytimes.com — Cisco Umbrella Rank: 8353 dd.nytimes.com — Cisco Umbrella Rank: 17312	206 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 2210 events.launchdarkly.com — Cisco Umbrella Rank: 1733 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1455	1 KB
9	nyt.com a1.nyt.com — Cisco Umbrella Rank: 10396 g1.nyt.com — Cisco Umbrella Rank: 13124	164 KB
7	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 760 stags.bluekai.com — Cisco Umbrella Rank: 785	4 KB
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 11406 iteratehq.com — Cisco Umbrella Rank: 9299	32 KB
4	doubleclick.net 3 redirects 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 13197 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	3 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 4019 collector.brandmetrics.com — Cisco Umbrella Rank: 4445	17 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 207	773 B
2	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8394
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 916	595 B
2	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	1 KB
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 849 match.adsrvr.org — Cisco Umbrella Rank: 457	525 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	154 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	20 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 864	393 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 445	535 B
1	google.de www.google.de — Cisco Umbrella Rank: 3590	548 B
1	google.com.bd adservice.google.com.bd — Cisco Umbrella Rank: 51755	776 B
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 10395	201 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4397	16 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1610	15 KB
1	zendesk.com 1 redirects nytimes.zendesk.com — Cisco Umbrella Rank: 581817	778 B
1	newyorktimes.com 1 redirects e.newyorktimes.com — Cisco Umbrella Rank: 184983	796 B
93	25

	Domain	Requested by
13	static.zdassets.com	help.nytimes.com static.zdassets.com
7	a1.nyt.com	help.nytimes.com a1.nyt.com www.googletagmanager.com
6	help.nytimes.com	static.zdassets.com help.nytimes.com
4	iteratehq.com	customerchat.nytimes.com
4	events.launchdarkly.com	customerchat.nytimes.com
4	app.launchdarkly.com	customerchat.nytimes.com
4	tags.bluekai.com	www.googletagmanager.com stags.bluekai.com
4	customerchat.nytimes.com	help.nytimes.com customerchat.nytimes.com
3	stags.bluekai.com	help.nytimes.com tags.bkrtx.com stags.bluekai.com
3	sb.scorecardresearch.com	1 redirects help.nytimes.com
3	theme.zdassets.com	help.nytimes.com p20.zdassets.com
2	g1.nyt.com
2	platform.iteratehq.com	help.nytimes.com platform.iteratehq.com
2	rum-http-intake.logs.datadoghq.com	customerchat.nytimes.com
2	sync-tm.everesttech.net	2 redirects stags.bluekai.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dd.nytimes.com	help.nytimes.com dd.nytimes.com
2	a.et.nytimes.com	help.nytimes.com
2	www.googletagmanager.com	help.nytimes.com www.googletagmanager.com
2	cdnjs.cloudflare.com	help.nytimes.com
2	p20.zdassets.com	help.nytimes.com
1	clientstream.launchdarkly.com
1	match.adsrvr.org	stags.bluekai.com
1	cm.g.doubleclick.net	1 redirects
1	analytics.twitter.com	stags.bluekai.com
1	c.bing.com	1 redirects stags.bluekai.com
1	www.google.de	stags.bluekai.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects stags.bluekai.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	adservice.google.com.bd	adservice.google.com
1	pnytimes.chartbeat.net	help.nytimes.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	insight.adsrvr.org	help.nytimes.com
1	tags.bkrtx.com	www.googletagmanager.com
1	static.chartbeat.com	help.nytimes.com
1	a.nytimes.com	help.nytimes.com
1	nytimes.zendesk.com	1 redirects
1	e.newyorktimes.com	1 redirects
93	41

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
myaccount.nytimes.com
www.nytco.com
nytmediakit.com

Subject Issuer	Validity	Valid
help.nytimes.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-07` - `2023-01-07`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
a.nytimes.com R3	`2022-10-15` - `2023-01-13`	3 months	crt.sh
a.et.nytimes.com R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.google.com.bd GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
events.launchdarkly.com Amazon	`2022-08-19` - `2023-09-16`	a year	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
clientstream.launchdarkly.com Amazon	`2022-09-09` - `2023-10-07`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Frame ID: E151FB823418F7289237D565A49CAAB3
Requests: 67 HTTP requests in this frame

Frame: https://help.nytimes.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=764fe6b0b99a9250
Frame ID: 7F1D76F296CD0CDB814D28A3F3D94AA3
Requests: 3 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale
Frame ID: E0B9610F017979769B4D748401113C31
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale
Frame ID: D9A8A146BA3FC79FAF84557D5FD7CF1B
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Frame ID: 54164F89EFB729AC03B78DE84BA89F0B
Requests: 7 HTTP requests in this frame

Frame: https://adservice.google.com.bd/ddm/fls/i/dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale
Frame ID: A9A8F5C2F811A3267B7A7D96B95E773E
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=55839227
Frame ID: C097C3C4FF42B709FC8252588964380C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terms of Sale – Help

Page URL History Show full URLs

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQG1EN0FW6yPJL4zcHAgNEzdd7sTzdEzfE3gIrPp7EnI... HTTP 302
https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

87 %
HTTPS

40 %
IPv6

25
Domains

41
Subdomains

30
IPs

4
Countries

1018 kB
Transfer

3112 kB
Size

29
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/seg/
Title: Account

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.nytimes.com/subscriptions/Multiproduct/lp87JHJ.html?campaignId=466K8
Title: here

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/cooking.html
Title: Cooking

Search URL Search Domain Scan URL

URL: http://www.nytimes.com/pages/crosswords/index.html
Title: Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/wirecutter
Title: Wirecutter

Search URL Search Domain Scan URL

URL: http://www.nytimes.com/subscriptions/Multiproduct/lp4021.html?campaignId=393LW
Title: gift subscriptions

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/membercenter/myaccount.html
Title: visit the Account area of NYTimes.com

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy#pp
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/sitemap/
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscriptions/Multiproduct/lp5558.html?campaignId=37WXW
Title: Subscriptions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQG1EN0FW6yPJL4zcHAgNEzdd7sTzdEzfE3gIrPp7EnIp4zaMX2bXD6BlzbpX3E4NLOfzafVXtpKX%3DTYTCSTY&_ei_=EW2tf9zs59idfPO1Sc_9Bbn_8-dtf-0omElUKkA2-z0bqxjDhqdAHRqA2nhlda1sEmmSaIY63ZAlPlF-F464jQSP-JIeVFEZKkbGHPVURiUiKUGZeTE.&_di_=c463shnk5dhg9ff7krg29pn16sbjhdmlbkd1vmbi2cc3kq2uqegg HTTP 302
https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://nytimes.zendesk.com/auth/v2/host.js HTTP 302
https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js

Request Chain 39

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale

Request Chain 57

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=815462973 HTTP 302
https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=815462973&ipr=y

Request Chain 58

https://c.bing.com/c.gif?uid=RrvnsEgV99YM4ZPM&Red3=MSBK_pd HTTP 302
https://tags.bluekai.com/site/4538?id=1A92B95495406F0925D2AB0694CB6E7F

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=UnJ2bnNFZ1Y5OVlNNFpQTQ%3D%3D& HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEGk_jSYm5R6MWX9vverZ6o&google_cver=1

Request Chain 61

https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123&_test=Y2Vt7wAFlS7dlAA7 HTTP 302
https://tags.bluekai.com/site/4413?id=Y2Vt7wAFlS7dlAA7&r=123&_test=Y2Vt7wAFlS7dlAA7

Request Chain 71

https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 115014893968-Terms-of-sale Show response
help.nytimes.com/hc/en-us/articles/
Redirect Chain

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQG1EN0FW6yPJL4zcHAgNEzdd7sTzdEzfE3gIrPp7EnIp4zaMX2bXD6BlzbpX3E4NLOfzafVXtpKX%3DTYTCSTY&_ei_=EW2tf9zs59idfPO1Sc_9Bbn_8-dtf-0omElUKkA2-z0bq...
https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

38 KB
12 KB

340ms
268ms

Document
text/html

104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35a9727411f91f19c9280745497b01d00bb9576cdc2e48239c96d2f77ffba1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, public
cf-cache-status: EXPIRED
cf-ray: 764fe6b0b99a9250-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 19:54:22 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol: HTTP/1.1 always
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2azfwCRKuMdfZvD96ON7Cj639cfXfO8UI8h1u5c9VrBZyx9nHbvqnNTBPH9GjCJ4eoraHCrcJFHlGdggFnINxeXWF9Z4OTg3tpnmWMO%2FZXQo95CVodzWg9EZtp1KltCY2A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-request-id: 764fe62c52b87e32-SEA
x-runtime: 0.150928
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-844db66874-dn95s
x-zendesk-processed-host-header: help.nytimes.com

Redirect headers

Cache-Control: no-store, no-cache
Connection: close
Date: Fri, 04 Nov 2022 19:54:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancellation
P3P: policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 application-1a1175db35230dfa282e711364a74c60.css
static.zdassets.com/hc/assets/ 47 KB
8 KB 56ms
31ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-1a1175db35230dfa282e711364a74c60.css

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf637b7823c9a484872231e61705b0b5f2610bde3d88b2bb7a9e602761516855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: bL2LWgMaoBLZUSQ8q4UNTV3qIFoccLs4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q8W6Y4Z73WYB4Q41
age: 309492
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: J49S9fIIasrueu8zw6sT27lUMHfKvgA/GzZGECCoSL+Vn1dpu9Sm8JtBJ4mmuhShQdPeCZjN/Ms=
last-modified: Tue, 13 Sep 2022 05:52:40 GMT
server: cloudflare
etag: W/"9cd4c45ddf4ed0a23f0cec50ae1389ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOmAjs89zt%2F%2FXzuXRuK%2FyEMMJQaS5i1%2FvOl04GOexPF6H7JXJl1G83wt2kJRraIy5fG0lnT7bES8GIEA6BaUcKrhoDYg%2FgEQgGJnw8ZvfFqn4UBiOXePZS5PVXOWuWo%2B4XX6Ccg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 764fe6b28e55906c-FRA

GET
H2 200 theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
static.zdassets.com/hc/assets/ 9 KB
3 KB 78ms
54ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836316444e9cede5ce83cfe98734b9c8ab27192a9634a59b82c118a8e6792037

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: oybSA9g.I0t7wOLbp6s55PJKwmeyFhJk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RQ63TQGP9D4GQYY6
age: 209397
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tdpS5WCidKnyGNsYdsUkCFwcOQ64X6J0CMWlQ8+YKOoSzACI9t8j25Oit4EHvOjleoiE3fhZDGM=
last-modified: Wed, 31 Aug 2022 09:40:23 GMT
server: cloudflare
etag: W/"359c3fce9769020f14763e4e3615597d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JknC3F4BVlH0EK0UWmrvmHaXmFs3isSo4fHHxNhl5FKhuG7xnsj1UvaB7wbtR4zet4MRep4cStdMFqbGVubukXMYVAozzLndIG8EYykGja1PEQsgusUrIEWnu47dUScDJpkw%2BQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 764fe6b28e5b906c-FRA

GET
H2 200 style.css
p20.zdassets.com/hc/theming_assets/968999/987838/ 67 KB
13 KB 91ms
41ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p20.zdassets.com/hc/theming_assets/968999/987838/style.css?digest=8420659626004

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7098acb017323550c1cfdc8e3ce3441e08fe3c7a84e8d022fb71953bafd179

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84570
x-zendesk-origin-server: help-center-unicorn-5d969dbf85-xjmcm
protocol: HTTP/1.1
x-request-id: 8c078acca04f246574fe6103ab8d517c, e2fb978fd5149ec8b4eb22f5b8428a7b
x-ua-compatible: IE=edge
x-runtime: 0.011544
server: cloudflare
etag: W/"dc7098acb017323550c1cfdc8e3ce344"
x-zendesk-zorg: yes
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw9u3FUSnt%2Fe7mPZD5h9YLCvnJSQOn%2BBpW1cTzEzXXMstXLvnJ3wx8kr9IXpwytdi0oGUNkMD2eMEzcNFtZi1p87zD9d8%2FeW19hCas8aZ6v0he5KM4LXNjdXlqHpsxycQek%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
x-robots-tag: none, noarchive
cf-ray: 764fe6b2bf3d92b7-FRA

GET
H2 200 jquery-09d07e20ce042ef10e301661ad1f316c.js Show response
static.zdassets.com/hc/assets/ 90 KB
33 KB 71ms
47ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1fc56c5af917b653be54d619245c4079c1afec0991321f0d358679b1ef529a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: rpSxj.WLn2z7XAModSczuGOT2.c4K6Jx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MS16Z5MVACCY20FA
age: 290960
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /YuDkixZN6+T1jliyrWr63uPhX9Rylbb3wU2thvwFHUii+qvtEH1C0VWjqLrjAXAJWuUE4l1z5Q=
last-modified: Tue, 30 Aug 2022 11:01:39 GMT
server: cloudflare
etag: W/"06821d0f1e25137c2297502c6ced525d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PC77pC175KRpDT2wMVBUaK8Wfx0nieaCFzoZr5HOZfykalTyHRXXGhzo5qqhQEG79aJV%2F1TkzXSH9knP63%2FhCePAvZlxDzgleIjYYiKjo14h023H%2BRSz%2Fwi3jZZ7aRDnk1RpOxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b28e5d906c-FRA

GET
H2 200 fonts.css
a1.nyt.com/fonts/css/ 100 KB
5 KB 64ms
17ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/fonts/css/fonts.css

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

073144c5c0d999e3df547827cd6265befb161ffa30413534cd2f1b5b84471a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Wed, 18 Oct 2023 23:47:38 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1454804
x-guploader-uploadid: ADPycdvYm3mHqklzDID1Ko2XcY6w-uWOEQnFein2_RO6YoQbL1wbD13p-zrYP2EwgwvN1xvgxQTE7mTy9J_U0Yw_N_EC_8_SAcBu
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 4585
x-served-by: cache-hhn4054-HHN
last-modified: Mon, 16 Nov 2020 16:08:38 GMT
server: UploadServer
x-timer: S1667591663.511774,VS0,VE0
etag: "f0eea1c4ac76554200979f9458158196"
vary: Accept-Encoding
x-goog-generation: 1605542918961972
x-goog-hash: crc32c=uRwjuA==, md5=8O6hxKx2VUIAl5+UWBWBlg==
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 4585
accept-ranges: bytes
x-nyt-pagetype: nyt5-asset
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 bundle.js Show response
customerchat.nytimes.com/contact-us-ui/ 382 KB
125 KB 53ms
10ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://customerchat.nytimes.com/contact-us-ui/bundle.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1f863a830de4687bdad7f6e52d9e3227e460d02c8970c857f86eef6f73ee2027

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: chat.care.nyti.nyt.net:443/*
content-encoding: gzip
date: Fri, 04 Nov 2022 19:54:22 GMT
via: 1.1 varnish
age: 228
x-cache: HIT
x-envoy-upstream-service-time: 5
content-length: 128008
x-request-id: f15c70dd-d651-43de-a7d8-1b3837c5f627
x-served-by: cache-hhn4054-HHN
last-modified: Wed, 21 Sep 2022 19:25:36 GMT
server: envoy
x-nyt-backend: care_chat_nyti
x-timer: S1667591663.509185,VS0,VE2
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0
x-nyt-route: customer-chat-nyti
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.5/ 13 KB
3 KB 48ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.5/jquery.fancybox.min.css

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca092a961dc261252b8b72e1431cdd726d27d4442f1f663e5394b689d6cbb71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 168793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2687
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-34b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFr0lcqXzOUHzTl96J1N%2FFgn7dzSEhQs0%2BaXcdSCNGw2r0ecHq8EULffluD1%2BFoUorSNBg6U6tSpGThBEAGpVzuaW82O7neH0cG8ipNLA9AVln345YPPLjyUoB01upBh%2FC9melpYSts63YJIkBcituvg"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764fe6b29d50910c-FRA
expires: Wed, 25 Oct 2023 19:54:22 GMT

GET
H2 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.5/ 57 KB
17 KB 56ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.5/jquery.fancybox.min.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f93e8137294e65f89717fb0d3da7fc0797d0332b7df70b8849d88f52e660f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 702601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16923
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-e485"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr6zTLPv5Pyd34cbYkdcjfQB0Rdkh1V%2F626%2BqO4uAWoUcNK5upRowo4FqESbjbbTYRYc0rxLOVG5r2u610A00CtdVBBx%2BOgD7qjDJHLQTx1ZmeSSqvjjH2lXf%2BhcIy%2BTdb0oDt9WFiTivQJC4ExapYPt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764fe6b29d51910c-FRA
expires: Wed, 25 Oct 2023 19:54:22 GMT

GET
H2 200 script.js Show response
p20.zdassets.com/hc/theming_assets/968999/987838/ 7 KB
3 KB 105ms
55ms Script
text/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p20.zdassets.com/hc/theming_assets/968999/987838/script.js?digest=8420659626004

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f6ee9ca3aac02f389980ffb8f67e78c93f83f73a8f71555a9bff4e22da10183

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84570
x-zendesk-origin-server: help-center-unicorn-5d969dbf85-q5kf7
protocol: HTTP/1.1
x-request-id: 9cebc6d4a8e4bc5e7e2a368cd01be20f, 7334d27cc156cd2d45191d305880e9f8
x-ua-compatible: IE=edge
x-runtime: 0.013475
server: cloudflare
etag: W/"0f6ee9ca3aac02f389980ffb8f67e78c"
x-zendesk-zorg: yes
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJn5G%2Famg19DgxZTSwp%2BZZuNfMhfAxtBp1uVygYjcGxBl19JBUcZlZ%2FqH9K320BMnehl2yEzqpUraIlk8goA%2FOAGs20vo0rIMZP7%2BGw1exjWoIFclUeamsZSpkEO9cIFZUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
x-robots-tag: none, noarchive
cf-ray: 764fe6b2bf4292b7-FRA

GET
H2 200 51caa74a53a7c7d938c23ab40a5941798a5ccb79.svg
theme.zdassets.com/theme_assets/968999/ 2 KB
2 KB 51ms
24ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/968999/51caa74a53a7c7d938c23ab40a5941798a5ccb79.svg

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131bbce63874c2fbb7431972981bdd34faeeea49d88d9feecbff890a412720a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: F6BAsVQt79Y303NkGF0gAhHe3UOF068K
via: 1.1 d25cb96b3c4f731e4d2f3764ef7262ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: ATL56-C2
age: 7670
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Aug 2018 02:37:42 GMT
server: cloudflare
etag: W/"5399df6fd86cb574ac04419db607e925"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJpaySFk8L77JB5YNQ%2BWTNOukVLrgSo7ytwMpwHiMvE5cyMXpjZ%2FYR2D4zhDbJEhpaxGp5wvGnVBqEuhfdMMAx5QIS24URyGVWWjGTmkbEfkwBvxOxlKKao0sUTb2lNxtirOJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 764fe6b36825906c-FRA
x-amz-cf-id: DcGaAoJpjzVzZGB86R3FMq2E1aEehRnEuplvO5KWg6j0o_T0rtObTQ==

GET
H2 200 en-us.eae8afc918a13192e738.js Show response
static.zdassets.com/hc/assets/ 201 KB
36 KB 40ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/en-us.eae8afc918a13192e738.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e739df2ca2f7e04d306ca3b67d508da0b0a6a4d738a80f3015453d225f2c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: A3aewzBCcY_Bkrh_2.RaVX71XPzJSDcl
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JZ8SF5Y4F6SXQJVC
age: 214740
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tXGuiVsXhmGORSRyEwOqfdYh7P1a8d4dtDMulo1HcM1P047aiDqXsmzAS7j8Lt1qpgWxVQ3IUFs=
last-modified: Wed, 19 Oct 2022 08:11:12 GMT
server: cloudflare
etag: W/"eae8afc918a13192e738e4ef3eef2e2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1zLxAkH8IPfkkS9Je54%2BUzUHsQByQoo5TaQHQGBlAt0JH6ntRPpOHtLklu3s9TVQnM03cjlDn%2FDLoWtw293zcZoX0yjel%2BnioHeSu%2BmEem0nanqcN6Fh%2FKAbS6oRLCxO6QdvxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b2ff3b906c-FRA

GET
H2

200

host.js Show response
static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/
Redirect Chain

https://nytimes.zendesk.com/auth/v2/host.js
https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js

27 KB
10 KB

30ms
30ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6b3acac84ed57a0c82d2a51fc92a787bd9ae1cf49fef6dda4488ee74e1aef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: GGpmZXneYaIIkD9RpNG_UVNXWFJk4gcQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PX0321EM3JY8CCQD
age: 4190
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Mo8ey4MvLh+ge6j47ZtAiyrGA4I7nQH1Tmm7rLkXV0f98En27Qgz53Kic8Janpji5fCMgWYKQZ0=
last-modified: Mon, 31 Oct 2022 19:00:02 GMT
server: cloudflare
etag: W/"529f256a5f626ab8428b8c9566e4b53f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0inlPtvCBtGs9jJk11HL9W%2BTyHqcchYmhHPLPtCWi2OtJBzv%2BC8rK13y4vmwl31ZaMGoiq2wSnEt47GKuFWVbmtXm05HhRR7plTMH3pgQ6F81rZ9eH%2BGEdldM8fiZzQlmCsTFVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 764fe6b3e94b906c-FRA

Redirect headers

date: Fri, 04 Nov 2022 19:54:22 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 44864
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-78c44d6544-kvvf4
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: 764b9f61cf70bbdd-SEA, 764b9f61cf70bbdd-SEA
x-runtime: 0.055594
server: cloudflare
x-zendesk-zorg: yes
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZetgy9AYOGrVG%2BDpM2koEloqUgcNTDssX7WCH02zsF51zKoGMzUd1qs4WkDNyvZa6XGqYCpG1rQYO6vJ6oG%2FPmmBpZbKTEMoOq3qGV2NqIe69tDe4XwGF5%2Bp5aDdHQuKzhyx80%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host.js
cache-control: max-age=86400, public
cf-ray: 764fe6b36e48bb9d-FRA

GET
H2 200 moment-4ef0d82f9fc65c8a28f659aa3430955f.js Show response
static.zdassets.com/hc/assets/ 24 KB
9 KB 24ms
22ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd03b0b6236cb66eb345ef4921d76c8d9be436ea7cc7c89f9e62163c3e0a4a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: yHS78Fri7Q31GrRwEikYrjosKjOhuD1x
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MS1CT0VVK8RJDE0G
age: 290961
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xM3V34G43nDIiNlv/E4WXEym8mRqBBAOGU8Vo65FODyGBrIiml2koAqINr1QW5treACWqMDuG4E=
last-modified: Tue, 30 Aug 2022 11:01:40 GMT
server: cloudflare
etag: W/"e1ae1e8e526e50ac4d8ce91396726097"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAHfS2LSVFfnJzG9vvc1SsJbg4NrZHfEQ6L2H7dlVNv7MMXIJ9DGqFMa%2FRD8XnI%2Baw0u0o%2FdOQmfrHpTmZNZR7UdM5crMWz0CSrl1ESXOKDhoYKD%2FnloX1%2Ffd2AJfz6uwiaj3Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b33fd7906c-FRA

GET
H2 200 hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js Show response
static.zdassets.com/hc/assets/ 557 KB
176 KB 35ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d8013986f9cf5b89a16a6dd1226a9d87ee6786a96ea11a3c5d4622d7ac2d006

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: tEfRfG21s_7ogseGg5BvTrrffuZ65CtQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YW8GGT1KSZY7GBVY
age: 110665
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: IwjaaV18Yfpp7N6sdfnoLqqt1tdNUc0T0fwKyU+f5mvfVpQFEC42zzZOrwAhZIjhfKctQ9I5VOU=
last-modified: Thu, 03 Nov 2022 13:05:28 GMT
server: cloudflare
etag: W/"aa36ad89ea2b282dd2aaeeaffa57abf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rclY3dH4PtKhtLoBN2CoA%2FiTLzv2%2BzVkr9lvB7VGSFQCxkZf5O5imAqk7v9oo6%2FVQM6TPEgQJ1h23e1ktZf10yIke6D3lf1TwOt1XAzxgzeeTFmCFcOtPD%2BQ9PO8Sv7UGNZl3o4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b34fd8906c-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 413 KB
113 KB 85ms
58ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddcda8f523b1483d6711cfdd4db9e06ea348d8b5fff9b5aa974051f66378aa8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115409
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1 KB
1 KB 374ms
136ms XHR
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-help&referrer=&assetUrl=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-Sale

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

60518c66d82e96415cae48231422bdcad1360662ab137b6372ce39f324411b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://help.nytimes.com
x-cloud-trace-context: 7311ba155e9b47a140b29ace9f2a430e
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 39
access-control-allow-headers: Content-Type, x-requested-by
expires: Fri, 04 Nov 2022 19:54:22 GMT

GET
H2 200 franklin-normal-300.woff2
a1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 29ms
6ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/fonts/family/franklin/franklin-normal-300.woff2

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/fonts/css/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://a1.nyt.com/fonts/css/fonts.css
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Tue, 17 Oct 2023 23:25:18 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1542544
x-guploader-uploadid: ADPycdsldpEmvvUO7JB43P40HPOcO0eLnk8DdnWnbAzYxGENe_JMW7pRxCr1tIUtFDxY9vNMobJg9EEFrorxHKS33eISfDahKA3S
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4077-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1667591663.644128,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598151029342
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: nyt5-asset
timing-allow-origin: *
x-cache-hits: 1395

GET
H2 200 franklin-normal-700.woff2
a1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 31ms
10ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/fonts/family/franklin/franklin-normal-700.woff2

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/fonts/css/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://a1.nyt.com/fonts/css/fonts.css
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Thu, 26 Oct 2023 02:02:01 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 841940
x-guploader-uploadid: ADPycdtnyEkX-VMxC593GzHrA8aOCTDO12wJIu18iN19ck1Tfoj0BqozPg4gi_B3LnIwSXc-JRhkfyKkhMZjgBpSXLS78CdfT9Jk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-hhn4077-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1667591663.644441,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1651598151071151
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: nyt5-asset
timing-allow-origin: *
x-cache-hits: 1632

GET
H2 200 franklin-normal-500.woff2
a1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 35ms
14ms Font
font/woff2 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/fonts/family/franklin/franklin-normal-500.woff2

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/fonts/css/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://a1.nyt.com/fonts/css/fonts.css
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Wed, 01 Nov 2023 22:42:51 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 249091
x-guploader-uploadid: ADPycdt_vXd_J1MmDhagl1pDywMntXS-VjiFbyWf50LuBV_jd9ixo5XcMnYQvvYLNy9k3JvoT0RmYk0ayoyBNADhxbbsxZ7hFqrI
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1667591663.644425,VS0,VE1
etag: "d6c06a3d84a57100edad5bf9b84ff739"
x-goog-generation: 1605542921545758
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19836
accept-ranges: bytes
x-nyt-pagetype: nyt5-asset
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 copenhagen-icons-268fb7c014de8a06d7d40310b5000daa..woff
static.zdassets.com/hc/assets/ 4 KB
5 KB 57ms
36ms Font
application/font-woff 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/copenhagen-icons-268fb7c014de8a06d7d40310b5000daa..woff

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d5b516d840c7f050b44630b17a495e6549316b53c4a81bff2c8d11f1f0500e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: ZJljgkMmajoaekrxG3eklAlYhH7zhTqO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: N6B2KEHBWX20G7WC
age: 190107
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: zBNN13rtW199nf/SR36XLM3RaGaPPldTIFjyTXe0EdYUBEaHvmCGEaWCJQD9CtyUCyv+PDdB4I0=
last-modified: Wed, 31 Aug 2022 09:40:07 GMT
server: cloudflare
etag: W/"74ee60bf509aab9976dd0c4358b7bd5c"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eDK369e8XmrnalPeeHAwVhfR7F7H0Z5jJREXahGOjR%2BgnXtzRA%2BM4c2O5mBaFufoty6R7bBtJg%2FBJnW7bdIehPtSD8c%2BpdmSZOMfZq4zv7sThQpQ65Tvq%2BCik00CnxiDTfTyME%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Type, Content-Length, ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=604800
cf-ray: 764fe6b38cf09b67-FRA

GET
H2 200 cheltenham-normal-200.woff2
a1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 32ms
12ms Font
font/woff2 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.woff2

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/fonts/css/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://a1.nyt.com/fonts/css/fonts.css
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Wed, 11 Oct 2023 22:38:26 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2063756
x-guploader-uploadid: ADPycds9ifhwQxc1TnIzTcOr_26L4M4vPC3sKcbfy9O2gqfdhb7L1MohPi-2sUyAHvZ1mue3COh0TzfJ9ofz51Q1L-RSPeqWpEHz
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 16 Nov 2020 16:08:39 GMT
server: UploadServer
x-timer: S1667591663.644409,VS0,VE1
etag: "40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation: 1605542919305289
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: nyt5-asset
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 155bee84d74bf93d7e5690f035d87bbd91112fcc.png
theme.zdassets.com/theme_assets/968999/ 1 KB
2 KB 36ms
35ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/968999/155bee84d74bf93d7e5690f035d87bbd91112fcc.png

Requested by

Host: p20.zdassets.com
URL: https://p20.zdassets.com/hc/theming_assets/968999/987838/style.css?digest=8420659626004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

475ab18f9935eb27b85d51a457f86477e6f6721ee3df7dedd517a52777fb7614

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p20.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: jHAi8dq5.8mov2axkwL8vvQRMDqdQQIM
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 80874
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 1310
last-modified: Thu, 23 Aug 2018 02:37:42 GMT
server: cloudflare
etag: "5a3319630e4ff830d7354f7089c88db7"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTYCA8%2FaovB2eYzRGuxM8Tdkd6UGurgEsTb5VFroMNNpYPt3s3hDgmQupAQXGQYwW81EIGM1cXVynltXC%2FFw0AlLKk56pvI8L6M4reMz5r5LznrbNwip5jOtSuX3RH67gLjq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 764fe6b3a8b8906c-FRA
x-amz-cf-id: MsITUl1Ifk-xP5sq1wdv2TQL3DPopSFHjeUjjCy3w4HSCLxqPo-9jQ==

GET
H2 200 d9c9466c372b4e605f064cd8498f7977c68d4bff.png
theme.zdassets.com/theme_assets/968999/ 1 KB
2 KB 37ms
37ms Image
image/png 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/968999/d9c9466c372b4e605f064cd8498f7977c68d4bff.png

Requested by

Host: p20.zdassets.com
URL: https://p20.zdassets.com/hc/theming_assets/968999/987838/style.css?digest=8420659626004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9856d4bddb59705e83ada5eef8f4c384de9c5fa84beeb616e045a73ef1e44a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p20.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: 8jlFpEzX6Z7rnh4j0x0zEVCNDdynBpVL
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
age: 7670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 1268
last-modified: Thu, 23 Aug 2018 02:37:43 GMT
server: cloudflare
etag: "935e13df9f8fa9e57561800ce5c58abc"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yRwNskivVhIhwPNMdmMnyICMB%2BIYwP2AI84tZ6BRIZVePj1bi1oSf4QFERbLeD%2BlPlRSAPI5La3lInQ6eJyWOdZolZNuTICi4gYnVWSlwXaDAeDomh%2B1KYPJI2SI86J%2Fw8TtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 764fe6b3a8bb906c-FRA
x-amz-cf-id: yogACXwmbpgU904qvhOVnk75Sl5kcHPobXJlO6tGy2WLsnd1qXJOUw==

POST
H2 200 track
a.et.nytimes.com/ 0
0 357ms
127ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
41 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7fd3b0c4c51872dfab8f31f578f7c157ff86084e4eb5207415e10d3357b9c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 41344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 19:54:22 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 206 KB
43 KB 334ms
9ms Script
text/javascript 143.204.215.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-121.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

5795c162503a8a8db1b67d8e38ff5b901d6278579c73750bb6641a69f54baad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 19:43:54 GMT
x-amz-cf-pop: FRA60-P2, FRA53-C1
age: 630
x-cache: Hit from cloudfront
content-length: 43000
last-modified: Fri, 30 Sep 2022 11:57:45 GMT
server: Apache
etag: "33929-5e9e3b3bbc8ac-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 8kCP_IUxiNYH__cykqUaZBRWv9IAQomOiZtPQchkuF6SulX49iyMtw==
expires: Fri, 04 Nov 2022 20:43:53 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
192 B 56ms
9ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1667591662749&ns_c=UTF-8&c8=Terms%20of%20Sale%20%E2%80%93%20Help&c7=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&c9=
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fBAPr5j-B2Z7uvJGJkVVZWUvUVYNyGkrI-Z10OJhZj7czaYPPXxaLQ==
x-cache: Miss from cloudfront

GET
H2 200 react-56493a1793e64505e8e4058de58a1cef.js Show response
static.zdassets.com/hc/assets/ 135 KB
43 KB 36ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/react-56493a1793e64505e8e4058de58a1cef.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a7be70025ccbe492986449e34cad65ed68478ca78362d508282fe385926ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: XJZIUpZcPvLSeMXjb7myDJm7ihoZt0VA
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: W9BGP6S31Z50A4E9
age: 209396
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZGS2AuQmWpGoXsVfWvGLCUUPl6fc9ZoE8obKQg5iWJOGD1he1BNshYnr20UnRao6hvpK+nRDfQI=
last-modified: Wed, 31 Aug 2022 09:40:22 GMT
server: cloudflare
etag: W/"ef0668e9329c77e1544e80d861258de8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRsoSs1l8i1V%2ByyKKKfAu7hXTp6EakLCPkTqF8E7TTkeC6oHWgLNZ90QJlmwphP7Th576HsLAiBEwQZ2o0mOiVAswYY8ENtuaSk%2FyNOcRFe%2FOj4qLNah%2BZ37fIpyrePK7Rkmjfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b49ab9906c-FRA

GET
H2 200 Notifications-c3ead3acc6739af34739b80cf1366af1.js Show response
static.zdassets.com/hc/assets/ 7 KB
3 KB 57ms
57ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/Notifications-c3ead3acc6739af34739b80cf1366af1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

630289b7c03bdb6e89d7361bd639497353f88d29f28327f0dc8ad668eb3c3304

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: cSIBtRaOL3ZS5mXWYmtPHYGrv50cmNf_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: W9BMZP168VZKHPZ2
age: 209396
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: to5NdHJLGd0ns7Ibb1xYBWnfW1nXkOZJej+SrU4ex0OBUDUVYvG1V1nIAhBZISkbADteo6aaMUo=
last-modified: Wed, 31 Aug 2022 09:40:05 GMT
server: cloudflare
etag: W/"f236403223cbdfa3292dec411b19d4d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTNedoh7nCPXAHpIg%2FbCoA2eWZ37RDdQW6hzzv8eAmX0gQnE4xzE%2FedXvhUJ5POdo51Ire1rJbgEXJjp6wtnRmCVwW4FhFG4LSdyNsMeO%2BTZunEEOv1%2BKUP4QkkNH6n1a1QBGwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b49abd906c-FRA

GET
H2 200 VoteControls-dbf9ac073b7ad607a81f77355806121f.js Show response
static.zdassets.com/hc/assets/ 5 KB
2 KB 51ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/VoteControls-dbf9ac073b7ad607a81f77355806121f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6352884f9b67de039f766838e02950e4cc1bacf9af49d167e9e082f95995a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: cqDqQqXFeM08wXdJRhWiFLerIoAG1PnD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QPV88BTT2KCMZWDK
age: 209337
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: me+XOlpzHWi7hpVT5wFvXO3/kfY69xYER1c1znVQp1Hbmn/Y/mvzpoqlet3L7otTbucpmFaaZvc=
last-modified: Wed, 31 Aug 2022 09:40:05 GMT
server: cloudflare
etag: W/"2fee96fbe415ade1732dce6a2043809f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii8M%2Bqs9j6RLsD5wdx61Y%2FqIv4rpWyKCkjCzrIyRdMfyjZqYg9QUpp%2BfnEv8Po6zpDO4uOA%2F7yJTTBnbNv5UBPAjnOtALs2lZaLqvkZhkR%2BMj1sEVT6qJYZofrF0FbanhyRBhPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b4aad1906c-FRA

GET
H2 200 71320-790a469460dfe0b7ff45386112c363a5.js Show response
static.zdassets.com/hc/assets/ 24 KB
9 KB 54ms
53ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/71320-790a469460dfe0b7ff45386112c363a5.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b10ee35e45d0f0a4b8b4c6915f869ba169a96e47ef350240234b1239fda3cce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: 0HSXuadzXujtZsPg5GlETTfQ2qTNrR1e
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3MV4SWD2YYMB15CC
age: 209384
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RNkAHeY0UoKNEpeyci6kOexJYj0xMoJ5mQF2eMIE0wXxSEJfywu1JJ+QT5Yaa3qCg/iWCb2xn7um+aV/t+AbSQ==
last-modified: Wed, 31 Aug 2022 09:40:04 GMT
server: cloudflare
etag: W/"b90b9cc5cd34a981d7c011e5472f41be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ%2FOR8Ovfk398DWDqtKzdMRftiZTVPVDQwkxvNcCP2gezCK%2BZ%2FUq%2BfoIGEm7KV1FVJ%2FJfJ%2FvdOFcmIzcTVM20N68SPW7MwKOWNAVINceWJqjkwGC5AYyoWB3DnMtwoAjkX%2FtYvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b4aadd906c-FRA

GET
H2 200 subscribe-8fcbb35799e52775feeb18c8224da99c.js Show response
static.zdassets.com/hc/assets/ 13 KB
4 KB 53ms
53ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/subscribe-8fcbb35799e52775feeb18c8224da99c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd054f7f2a9f13c76806c053440a1b6a98dba76ff897c46a1af441ae3a64337

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
x-amz-version-id: Y4rTfvkVWMhixmu_5_sdNttM_KTy2QDq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3MVAMMGYJAP3E47C
age: 209384
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 992gEsRw7yt/HSzSqhBPloHGZrqMbOO/OZ08T5kNaBZeiObheunxKmMxGYcPiY2KGVhSWII5kx0=
last-modified: Wed, 31 Aug 2022 09:40:23 GMT
server: cloudflare
etag: W/"bbadc43554abbd834220e80bf361b21a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UimondTyTZEtMddTIC1qS%2BDtAANOnNwMF3Bdz1VZrcYgZv8pm0%2FHv4lC5EmyD7yJnORAXlK567qZURY7VPyyuz9F0SwoFE4q9b18CuEjX4mzAgoxzIMZJUx4jMf0vB%2BMo4790TE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 764fe6b4aae1906c-FRA

POST
H2 200 view.json Show response
help.nytimes.com/api/v2/help_center/en-us/articles/115014893968/stats/ 0
455 B 266ms
266ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://help.nytimes.com/api/v2/help_center/en-us/articles/115014893968/stats/view.json

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: help-center-unicorn-844db66874-5mcs4
protocol: HTTP/1.1 always
x-xss-protection: 1; mode=block
x-request-id: 764fe6b4a8e89250-SEA
x-ua-compatible: IE=edge
x-runtime: 0.053068
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwKcuf6fKUEPusj11MErWmV2LQ2dCpwc4Wp2spBk8L3nKD5kjBZ0FE%2FV8E7Mba06IeKxXqCow%2BkP%2BhoYGUqZ56oW88XTlMif666nmG2vZjVAYpYFEwLM5S%2Fnol85myMvA9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://help.nytimes.com
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: no-cache
access-control-allow-credentials: true
x-zendesk-processed-host-header: help.nytimes.com
cf-ray: 764fe6b4a8e89250-FRA

POST
H2 200 activity
help.nytimes.com/hc/ 0
0 231ms
230ms Fetch
text/html 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://help.nytimes.com/hc/activity

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-b2b68178df8f4f8f6b33822af0dbbfa6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 764fe6b4d6219250-SEA, 764fe6b4d6219250-SEA
x-runtime: 0.001750
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mD8BjiihxZ2i9Tjmz%2Fc1VGXZig%2BfWTMIjwhsAtDefedFyNnB1XLKknfkr5ws9BZ0OHMKgtjkmRE0tm614D1BKq%2F6TcVggIrcSVTa5Fz9TylgZmya523gP%2FrgKr%2FuOdm49M4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
vary: Accept-Encoding
x-zendesk-zorg: yes
cf-ray: 764fe6b4b8f79250-FRA

GET
BLOB 200
OK b9586b18-ae3b-4c4f-82d9-fc8d4c57a72b
https://help.nytimes.com/ 819 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://help.nytimes.com/b9586b18-ae3b-4c4f-82d9-fc8d4c57a72b
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length: 819

GET
H2 200 invisible.js Show response
help.nytimes.com/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame 7F1D 32 KB
14 KB 16ms
15ms Script
application/javascript 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nytimes.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=764fe6b0b99a9250
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc358418d879447dacb1ce05fbb2fa5241cdc8bcdbfc3bc2987512fb0cfe67e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcQnEXAEGZ%2FrtfQiXh4bZizgUXZEuhSvfEdwvCusirhjNEMAJYIkIrfP9T4w8h%2F3ms0K6RKw%2F5Lk7al%2F%2FgCbnhHF%2FrI7d3JDjohmjBoZUd%2F0ETnyuCu8d0Fx5UHS%2FM580NA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 764fe6b4c9259250-FRA

GET
H2 200 pica.js
help.nytimes.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 7F1D 18 KB
8 KB 22ms
22ms Other
application/javascript 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nytimes.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2091549f8f3ca8a9039046e4b2cfd3907695c1be2638cdcd7aeef9d4b92394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWslv54MBZjnyMt3vrisSdUEkg9BMxMTqlFZbFDQ5YDVN4KM1RVV8k7OwuiQWxOX1Hl3QcCDKCqH2NPlcZiLv4i%2B4%2FfNPlnZ8YViNCbn1jU6a3ftZZXXtXterHS9U8nru24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 764fe6b4f9799250-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 19:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2308
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 21:15:54 GMT

GET
H2 200 50550 Show response
tags.bluekai.com/site/ 38 B
295 B 224ms
168ms Script
text/javascript 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/50550?ret=js&limit=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c1f66940e22d66301667eefccc248df97e5309985b48dd11e5329dffd9e8a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 04 Nov 2022 19:54:23 GMT
content-length: 38
content-type: text/javascript

GET
H3

200

activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farti... Show response
5290727.fls.doubleclick.net/ Frame E0B9
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Far...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2F...

638 B
339 B

62ms
44ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

0389e95eb9cb47878c2143de03116163617cc6703739ec3e3c89bfb092c85c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://help.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 314
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 19:54:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 19:54:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 110ms
9ms Script
application/x-javascript 2600:9000:20eb:d200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:49:19 GMT
content-encoding: gzip
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
x-amz-cf-pop: FRA2-C1
age: 3904
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: xBWP464fAmyCg0lyr3t2gb-VtwEYiM_OiaIRNfhFT9afMW1ZayQaJA==
expires: Fri, 04 Nov 2022 20:49:19 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 61ms
7ms Script
application/javascript 96.16.135.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-135-39.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 04 Nov 2022 19:54:23 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 11 Nov 2022 19:54:23 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
504 B 8ms
7ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 23 Aug 2021 07:13:52 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 63649
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-hhn4054-HHN
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1667591663.998373,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1608239975905841
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2213

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 8ms
8ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Tue, 11 Oct 2022 23:30:57 GMT
date: Fri, 04 Nov 2022 19:54:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 73373
x-guploader-uploadid: ADPycduZ0ICBD2yAEQnE1bg3Cv9vDIekM4mW6lhr4pU5xYT6q0Nxb69arA5VqQ8dVnTKaRAEB60UKY5_c_uWlifByWYp20WAZvZL
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-hhn4054-HHN
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1667591663.998580,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1238

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 71ms
39ms Script
text/javascript 2606:4700:20::ac43:45f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dadde92340126226fab77a5a6cef5da6509a1f5abec49e2a159d948f3c7f577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 04 Nov 2022 19:39:08 GMT
server: cloudflare
age: 915
cf-polished: origSize=4735
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPNoGhB883ePoIMUWv6Q%2BBP0UquqbKxqE4zzs7RYIwUVnCUb8%2BLaBwK9h6AG%2BsO%2Fq222lDJ4bEI3CEUPWK5KUK%2BWDwqrTqMI8EDzCppar3MkufqR%2BoQsk26e7IgvB58GbPnvGsbx%2BNkpX8nRvNydsrHx"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 764fe6b5ff5b90fb-FRA

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 117ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=73760424
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1994800793&t=pageview&_s=1&dl=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-Sale&dr=&ul=en-us&de=UTF-8&dt=Terms%20of%20Sale%20%E2%80%93%20Help&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgBM~&jid=1080576449&gjid=638975521&cid=1675086445.1667591663&tid=UA-58630905-28&_gid=1478294594.1667591663&_r=1&gtm=2wgb20P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-Sale&cd2=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&cd3=&cd9=9&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-help&cd48=null&cd49=blurb_under_100&cd51=nyt-help&cd52=&cd54=null&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&z=693244177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://help.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 764fe6b0b99a9250 Show response
help.nytimes.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7F1D 2 B
529 B 48ms
47ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nytimes.com/cdn-cgi/challenge-platform/h/g/cv/result/764fe6b0b99a9250
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=764fe6b0b99a9250
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764fe6b76e439250-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUjs233eJmlpIiiS8t4cH3wMkDulYaOx2xx%2BgJKU0EB9%2BKTmPNlAqoBVp1U5NoT9qnnAJA1iHFqp%2BewgIz2%2FG8%2B04p1rtylHw%2Fdyuivgwnbm%2FqoePblgwZztOtRvbQuZCaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

POST
H2 200 track
a.et.nytimes.com/ 0
0 129ms
129ms Ping
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115... Show response
adservice.google.com/ddm/fls/i/ Frame D9A8 641 B
786 B 68ms
45ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed4a1439d54f9d51aa5cf0be648a8083bb2e08aa528775cdaecbd60ad7642dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 318
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 19:54:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 311ms
101ms Image
image/gif 3.211.10.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-Sale&u=_4bNrDAYG6TCMr-u8&d=help.nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=5195&m=5195&y=7124&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2341&t=xtR33D_Gb5cCXRDh6BOb5pM5UwEm&V=136&i=Terms%20of%20Sale%20%E2%80%93%20Help&tz=0&_acct=anon&sn=1&sv=CuKEj9C-FqjwD0BMS1BoAXEIB90tbz&sd=1&im=06070cf3&_
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.10.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-10-9.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 50136
stags.bluekai.com/site/ 62 B
468 B 186ms
162ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/50136?limit=1&id=mCUj8uZHkKE-Z0NRS0b3F73_&gtmcb=12245364
Requested by: Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: 3d24
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 50134 Show response
stags.bluekai.com/site/ Frame 5416 2 KB
3 KB 210ms
198ms Document
text/html 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 38f302f383b2315cbecbfccb57a80c4582f61d6982a7cdad8d443c1623d0b934

Request headers

Referer: https://help.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: f694
cache-control: max-age=0, no-cache, no-store
content-length: 2311
content-type: text/html
date: Fri, 04 Nov 2022 19:54:23 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 43 KB
14 KB 60ms
59ms Script
text/javascript 2606:4700:20::ac43:45f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=help.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d74eb7e1ca5ad2bbe04c5380ab61592470c420ab194855a9977cf6a76a5c7ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 04 Nov 2022 19:25:10 GMT
server: cloudflare
age: 1753
cf-polished: origSize=45189
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBqD6oQn8B8wcrJC1x4r96nXIzFVx%2FiY219ZlUlAV%2FfsfZU%2Fn8B5APIkhhzF%2FnSBgteOdD28gDfQRGvuL1MswYVW26c3H0kueN8EN2HL2IT1hNtC8Bt9MU0zsvQRaCJBrmNBtJhoUcxfrrfcuN1LO%2B12"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 764fe6b7eb6790fb-FRA

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
617 B 35ms
18ms XHR
application/json 143.204.215.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-121.fra53.r.cloudfront.net

Software

DataDome /

Resource Hash

3f04a94e0088216db8fee41145e318d32ece17b54f628c04488f74aaa564f155

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: cxqAvHbdkTPqqUeXUNJUHbva1gUm8olfRaDTaGzvbwQp2jbaO9tE-w==
expires: 0

GET
H2 200 dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115... Show response
adservice.google.com.bd/ddm/fls/i/ Frame A9A8 194 B
776 B 88ms
46ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.bd/ddm/fls/i/dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLfQ0oWnlfsCFQaAsgodnfIPXQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=1464690936713;gtm=2wgb20;auiddc=1100432271.1667591663;u17=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale;u5=;u18=anon;~oref=https%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 19:54:23 GMT
expires: Fri, 04 Nov 2022 19:54:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 198ms
20ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=help.nytimes.com&rnd=537848
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=help.nytimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2

200

/
www.google.de/pagead/1p-user-list/1008590664/ Frame 5416
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=815462973
https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=815462973&ipr=y

42 B
548 B

45ms
21ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=815462973&ipr=y

Requested by

Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1008590664/?label=IsVWCMvUln4QyL734AM&guid=ON&script=0&is_vtc=1&random=815462973&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4538
tags.bluekai.com/site/ Frame 5416
Redirect Chain

https://c.bing.com/c.gif?uid=RrvnsEgV99YM4ZPM&Red3=MSBK_pd
https://tags.bluekai.com/site/4538?id=1A92B95495406F0925D2AB0694CB6E7F

62 B
315 B

236ms
236ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/4538?id=1A92B95495406F0925D2AB0694CB6E7F
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 04 Nov 2022 19:54:23 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F65BF6527F9429DAAB6F0A0A76782C7 Ref B: FRA31EDGE0219 Ref C: 2022-11-04T19:54:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://tags.bluekai.com/site/4538?id=1A92B95495406F0925D2AB0694CB6E7F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 5416 43 B
393 B 140ms
118ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=RrvnsEgV99YM4ZPM&p_id=661892&

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 04 Nov 2022 19:54:23 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ea6f03aefbb60cae
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7f0d19a06e3b9c19b22c32c97e2fde38ae21866a68aa4d1bbd71e99397aa5253
content-length: 43

GET
H2

200

2981
tags.bluekai.com/site/ Frame 5416
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=UnJ2bnNFZ1Y5OVlNNFpQTQ%3D%3D&
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEGk_jSYm5R6MWX9vverZ6o&google_cver=1

62 B
315 B

233ms
233ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEGk_jSYm5R6MWX9vverZ6o&google_cver=1
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 04 Nov 2022 19:54:23 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEGk_jSYm5R6MWX9vverZ6o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4413
tags.bluekai.com/site/ Frame 5416
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123
https://sync-tm.everesttech.net/ct/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123&_test=Y2Vt7wAFlS7dlAA7
https://tags.bluekai.com/site/4413?id=Y2Vt7wAFlS7dlAA7&r=123&_test=Y2Vt7wAFlS7dlAA7

62 B
315 B

180ms
179ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/4413?id=Y2Vt7wAFlS7dlAA7&r=123&_test=Y2Vt7wAFlS7dlAA7
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 04 Nov 2022 19:54:23 GMT
content-length: 62
content-type: image/gif

Redirect headers

x-served-by: cache-hhn4050-HHN
pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1667591664.697971,VS0,VE0
x-cache: HIT
location: https://tags.bluekai.com/site/4413?id=Y2Vt7wAFlS7dlAA7&r=123&_test=Y2Vt7wAFlS7dlAA7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5416 70 B
264 B 42ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai&ttd_tpi=1
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stags.bluekai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 19:54:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

OPTIONS
H2 200 6155f5bfa200eb0d32f25474
app.launchdarkly.com/sdk/goals/ Frame 0
0 54ms
7ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6155f5bfa200eb0d32f25474

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 04 Nov 2022 19:54:23 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4035-HHN
x-timer: S1667591664.968591,VS0,VE1

OPTIONS
H2 200 eyJrZXkiOiJjb250YWN0LXVzLXVpLXZpc2l0b3ItMjAiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/6155f5bfa200eb0d32f25474/users/ Frame 0
0 61ms
16ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/6155f5bfa200eb0d32f25474/users/eyJrZXkiOiJjb250YWN0LXVzLXVpLXZpc2l0b3ItMjAiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 04 Nov 2022 19:54:23 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4035-HHN
x-timer: S1667591664.968556,VS0,VE9

OPTIONS
H2 204 6155f5bfa200eb0d32f25474
events.launchdarkly.com/events/diagnostic/ Frame 0
0 291ms
94ms Preflight 50.19.192.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6155f5bfa200eb0d32f25474

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.192.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-192-122.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 04 Nov 2022 19:54:24 GMT
strict-transport-security: max-age=31536000

POST
H2 200 pubab021bb2766b54775c76d72a081b9de8
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 461ms
237ms Ping
application/json 2600:1f18:24e6:b900:7bed:18ea:ee11:be62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubab021bb2766b54775c76d72a081b9de8?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprd%2Cservice%3Azendesk-client&batch_time=1667591663913
Requested by: Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:7bed:18ea:ee11:be62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 6155f5bfa200eb0d32f25474 Show response
app.launchdarkly.com/sdk/goals/ 2 B
177 B 9ms
9ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6155f5bfa200eb0d32f25474

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://help.nytimes.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 19:54:23 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn4035-HHN
x-timer: S1667591664.976465,VS0,VE2
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJrZXkiOiJjb250YWN0LXVzLXVpLXZpc2l0b3ItMjAiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/6155f5bfa200eb0d32f25474/users/ 345 B
556 B 306ms
305ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/6155f5bfa200eb0d32f25474/users/eyJrZXkiOiJjb250YWN0LXVzLXVpLXZpc2l0b3ItMjAiLCJhbm9ueW1vdXMiOnRydWV9
Requested by: Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9bd845570f8202ca11c0e8bc732c5116f398d5e02b422ceedee0b234caaa6f8c

Request headers

Referer: https://help.nytimes.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:24 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 171
x-served-by: cache-hhn4046-HHN, cache-hhn4035-HHN
x-timer: S1667591664.986325,VS0,VE298
etag: "28dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

POST
H2 202 6155f5bfa200eb0d32f25474 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 94ms
94ms XHR
application/json 50.19.192.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6155f5bfa200eb0d32f25474

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.192.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-192-122.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://help.nytimes.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 19:54:24 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 51ms
17ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: help.nytimes.com
URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe68d63a8ef14a194b728469f0491abee5e1ce7a631b26b3083cd641bc4e2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:23 GMT
x-amz-version-id: 87_2aAa_ADYK6udU74BV3CRijBaWX2wf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 5YY4D79SRGFGPKCZ
age: 436
x-amz-id-2: dJv8fYbj6EWLnEf2URwP/+oaq+hLjwYZ4FPMsohYe8Q3SHEf6m9GkL9Q2GIAA9yDwmSLKfJrdgU=
last-modified: Mon, 17 Oct 2022 15:33:45 GMT
server: cloudflare
etag: W/"c869101d966d3786631f6b686d1c5153"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJSefGJIig9m06UdCt5nEZLwacLvq4VWxdGDm2ERohftI8mD8Z25x%2FwpxE2MeZlniLjkesmVzhpc62TBl0hNUmKJf6pvwh0TIVKXqPpwmK0ytTgw%2FfJHb6blpvLXst%2F%2FMXrylz8loQiwApBs%2FAYB8lB3UcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 764fe6bbcb9fbbec-FRA

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain

https://sb.scorecardresearch.com/c2/3005403/cs.js
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

0
358 B

8ms
8ms

Script
application/javascript

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol: H2
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:44:17 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:41:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 643
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 0w7R6FLMgdrV848XwwfeV8u7jq1mlMlKLKFGhlBoQ2SB3AmDqRB8RQ==

Redirect headers

location: /internal-c2/3005403/cs.js
date: Fri, 04 Nov 2022 19:54:23 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: fUcjP4Fb08ftxswasSGDdrdCp_Sa-sQzbaD9FI_cU9bC7uLKEdPiUA==
x-cache: Miss from cloudfront

GET
H2 200 match-prod-f8a5ab9ea3f63f2674f8.js Show response
platform.iteratehq.com/ 83 KB
29 KB 25ms
24ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-f8a5ab9ea3f63f2674f8.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b89ea3285a35df731b07cb322338690ffa0512da5795c097fdc20500ca652a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:24 GMT
x-amz-version-id: HpGqllyqcbjZxerL8ZZU8JgtYcQI._9U
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: D9FWG0WVJ4YZ9KKC
age: 1570728
x-amz-id-2: DOtsbmaRKPVQKWQG/VS4kAyEusIwHKJgmdiV0GG9Q5Ze7GHi2vUk1wQtL2QDQzJJn176RzxbxVE=
last-modified: Mon, 17 Oct 2022 15:33:43 GMT
server: cloudflare
etag: W/"43c5c24e9ecd1858195ca31c2406eb59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iws8wtP7Zsh87gJEsWKkF6O9%2FZMtbpywlTlV41ZLHfREMdwBWJsxQmaQ%2BVq2ahlW%2BFgRNwSA8ESKxkzOS8a7X2aEDgfRExKGYAkm2RvQeWsk%2FOkMlpH0XDrbrubIeQQI3yDRaXifYVgTdoH9CwIzHDlwoJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 764fe6bbebfabbec-FRA

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
662 B 115ms
115ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 19:54:24 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6hM1doihifWzY3lLLh2FmtnSTO%2BBssVGfrmNmzpNwzJtLY7w1q8a9xHP52IO6sfc9nVYONlXZiZ8gBqUfEYU85vvbfy68dTUl%2BgQ4mTLjwtmkVZ9QQ4EiS0T0hPLePdhTP%2FcyxvY9WFw9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 764fe6bd0ab4693a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 145ms
113ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 764fe6bc5902693a-FRA
content-length: 0
date: Fri, 04 Nov 2022 19:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSmiovehwsOIo0Of1bPPaap7V85C7vjQHMcKYP75nIhT0v3szOOZ%2BW3so4pmbvEK1Iff4liOI7LOrMyy0jATQAlzg%2Fkd1viw0FQs%2B3CgMzPmOXILhDjkuBTWh5Y%2Fcgq4ECM8kypiMTyx0Mw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
835 B 123ms
123ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e99f8796b1a066a179a97f043867d668266841fc345e587d882e778f8e673b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 19:54:24 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N252TeZV17dWr73uor1EUHB2avUTiB%2Bt8qiXAbM2xoTwqzqCrqLlWvjceHY7DzegcyV%2F4ST4UNuS75aUd2WWRQZKwIVp9MXqfYpxdw95es%2FxE5uNnffSpTkzwImTIrcgWgDnP3FdVD%2FHTXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 764fe6be7e77693a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 112ms
112ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 764fe6bdcc86693a-FRA
content-length: 0
date: Fri, 04 Nov 2022 19:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qU9NRogaKWO2E%2B5SlZFeM834uSoqdMjqKxTEI2wrWRQEpi%2FhDLZSr7bxTchbQxnmVgWZDksJItMFDnLfgouxDcciNAVDnfln6PDHP6rNbqObRzV%2Bbx5hueg7zpCiRwQy7eif%2F5%2FTRLhpVJU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 41ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://help.nytimes.com/
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 22 Oct 2023 00:04:52 GMT
date: Fri, 04 Nov 2022 19:54:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1194571
x-guploader-uploadid: ADPycdsOYx45F4I-GjYRjuD-YzwfHtgWjq6rA5W31Jhn5LJNhHbEAsubb1HUlI_OGcRtHvUAIZYWRtWSGm31mIEUn368UDz-Rd1t
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26600
x-served-by: cache-hhn4077-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1667591664.337331,VS0,VE0
etag: "cb85480c30b6ca5f53f673993211036f"
x-goog-generation: 1651598151041619
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kksIKQ==, md5=y4VIDDC2yl9T9nOZMhEDbw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26600
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 224

GET
H2 404 abraVariant Show response
customerchat.nytimes.com/ 100 B
581 B 372ms
371ms XHR
text/plain 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://customerchat.nytimes.com/abraVariant?testName=HC_Cancel_0722

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cd4164dca60294632bc0a2921431538ddf3659d653b09e510f26cfb9bf2463b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: chat.care.nyti.nyt.net:443/*
via: 1.1 varnish
date: Fri, 04 Nov 2022 19:54:24 GMT
x-cache: MISS
x-envoy-upstream-service-time: 3
content-length: 100
x-request-id: b21439b0-d843-4271-a691-a85b1b1e137d
x-served-by: cache-hhn4054-HHN
server: envoy
x-nyt-backend: care_chat_nyti
x-timer: S1667591664.317883,VS0,VE365
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://help.nytimes.com
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-route: customer-chat-nyti
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 0

OPTIONS
H2 200 queuestatus
customerchat.nytimes.com/ Frame 0
0 384ms
383ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://customerchat.nytimes.com/queuestatus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://help.nytimes.com
content-length: 0
date: Fri, 04 Nov 2022 19:54:24 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: chat.care.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 2
x-nyt-backend: care_chat_nyti
x-nyt-route: customer-chat-nyti
x-request-id: 953d7487-212d-448b-a14d-1bbb1e10f688
x-served-by: cache-hhn4077-HHN
x-timer: S1667591664.334105,VS0,VE376

POST
H2 200 queuestatus Show response
customerchat.nytimes.com/ 684 B
820 B 372ms
371ms XHR
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://customerchat.nytimes.com/queuestatus

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b4621275089956350e3eafbd034521072e7755dae7d4aa758f3ad6fdd6acf594

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: chat.care.nyti.nyt.net:443/*
via: 1.1 varnish
date: Fri, 04 Nov 2022 19:54:25 GMT
x-cache: MISS
x-envoy-upstream-service-time: 5
content-length: 684
x-request-id: e911f79f-8c11-468f-8d6e-81da19b675b1
x-served-by: cache-hhn4054-HHN
server: envoy
x-nyt-backend: care_chat_nyti
x-timer: S1667591665.717555,VS0,VE364
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://help.nytimes.com
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-route: customer-chat-nyti
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 0

GET
H2 200 eyJrZXkiOiJjb250YWN0LXVzLXVpLXZpc2l0b3ItMjAiLCJhbm9ueW1vdXMiOnRydWV9
clientstream.launchdarkly.com/eval/6155f5bfa200eb0d32f25474/ 366 B
0 139ms
39ms EventSource
text/event-stream 13.248.151.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/6155f5bfa200eb0d32f25474/eyJrZXkiOiJjb250YWN0LXVzLXVpLXZpc2l0b3ItMjAiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.151.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:54:24 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 200 pubab021bb2766b54775c76d72a081b9de8
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 143ms
142ms Ping
application/json 2600:1f18:24e6:b900:7bed:18ea:ee11:be62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubab021bb2766b54775c76d72a081b9de8?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprd%2Cservice%3Azendesk-client&batch_time=1667591664527
Requested by: Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:7bed:18ea:ee11:be62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://help.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 10ms
9ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://help.nytimes.com/
Origin: https://help.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 22 Oct 2023 00:04:52 GMT
date: Fri, 04 Nov 2022 19:54:25 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1194572
x-guploader-uploadid: ADPycdsOYx45F4I-GjYRjuD-YzwfHtgWjq6rA5W31Jhn5LJNhHbEAsubb1HUlI_OGcRtHvUAIZYWRtWSGm31mIEUn368UDz-Rd1t
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26600
x-served-by: cache-hhn4077-HHN
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1667591665.098024,VS0,VE0
etag: "cb85480c30b6ca5f53f673993211036f"
x-goog-generation: 1651598151041619
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kksIKQ==, md5=y4VIDDC2yl9T9nOZMhEDbw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26600
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 225

POST
H2 202 6155f5bfa200eb0d32f25474 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 95ms
95ms XHR
application/json 50.19.192.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6155f5bfa200eb0d32f25474

Requested by

Host: customerchat.nytimes.com
URL: https://customerchat.nytimes.com/contact-us-ui/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.192.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-192-122.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 7c484530-5c7a-11ed-b42d-ebe9367b5847
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json
Referer: https://help.nytimes.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.2

Response headers

date: Fri, 04 Nov 2022 19:54:26 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 6155f5bfa200eb0d32f25474
events.launchdarkly.com/events/bulk/ Frame 0
0 94ms
94ms Preflight 50.19.192.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6155f5bfa200eb0d32f25474

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.192.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-192-122.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://help.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 04 Nov 2022 19:54:25 GMT
strict-transport-security: max-age=31536000

GET
H2 200 50134
stags.bluekai.com/site/ Frame C097 2 KB
0 185ms
185ms Document
text/html 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&dt=0&postload=1&r=55839227
Requested by: Host: stags.bluekai.com
URL: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=regitenure%3D&phint=cookinggrace%3Dfalse&phint=crosswordsgrace%3Dfalse&phint=gatewayhitlm%3Dfalse&phint=coregracelevel%3Dfalse&phint=activedaysengagement%3D&phint=authors%3D&phint=newsletter%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fhelp.nytimes.com%2Fhc%2Fen-us%2Farticles%2F115014893968-Terms-of-sale%23cancellation&phint=referrer%3D&phint=section&phint=subsection%3D&phint=pagetype&phint=keywords%3D&phint=sourceapp%3Dnyt-help&phint=browsername%3DChrome&phint=funnelpropensity%3D&phint=column%3D&phint=collectionname%3D&phint=contenttype&phint=emotions%3D&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&phint=aiqaudience%3D&limit=4&r=49424917
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: 96bb
cache-control: max-age=0, no-cache, no-store
content-length: 2075
content-type: text/html
date: Fri, 04 Nov 2022 19:54:28 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/ Frame C097 0
0

GET c.gif
c.bing.com/ Frame C097 0
0

GET adsct
analytics.twitter.com/i/ Frame C097 0
0

GET 2j4ke5f0
sync-tm.everesttech.net/upi/pid/ Frame C097 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame C097 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?label=L0PfCLK4-oIBEMi-9-AD&guid=ON&script=0

Domain: c.bing.com
URL: https://c.bing.com/c.gif?uid=RrvnsEgV99YM4ZPM&Red3=MSBK_pd

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?p_user_id=RrvnsEgV99YM4ZPM&p_id=661892&

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/2j4ke5f0?redir=https%3A%2F%2Ftags.bluekai.com%2Fsite%2F4413%3Fid%3D%24%7BUSER_ID%7D%26r=123

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai&ttd_tpi=1

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newyorktimes.com/pub	1970-01-20 16:49:11	Name: 6.interact5.Tr6.....N.N... Value: _ri_=X0Gzc2X%3DAQpglLjHJlYQG1EN0FW6yPJL4zcHAgNEzdd7sTzdEzfE3gIrPp7EnIp4zaMX2bXD6BlzbpX3E4NLOfzafVXtpKX%3DTYTCSTY&_ei_=EW2tf9zs59idfPO1Sc_9Bbn_8-dtf-0omElUKkA2-z0bqxjDhqdAHRqA2nhlda1sEmmSaIY63ZAlPlF-F464jQSP-JIeVFEZKkbGHPVURiUiKUGZeTE
.help.nytimes.com/	1969-12-31 23:59:59	Name: __cfruid Value: 903832d019eb44f7932690831dcf30196cc11a3e-1667591662
.nytimes.zendesk.com/	1969-12-31 23:59:59	Name: __cfruid Value: 903832d019eb44f7932690831dcf30196cc11a3e-1667591662
.nytimes.com/	1970-01-20 07:13:26	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 07:13:26	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 15:58:47	Name: nyt-jkidd Value: uid=0&lastRequest=1667591662865&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1667591662865&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 15:58:47	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 09:22:47	Name: _gcl_au Value: 1.1.1100432271.1667591663
.nytimes.com/	1970-01-20 16:49:11	Name: walley Value: GA1.2.1675086445.1667591663
.nytimes.com/	1970-01-20 07:14:38	Name: walley_gid Value: GA1.2.1478294594.1667591663
.nytimes.com/	1970-01-20 07:13:11	Name: _gat_UA-58630905-28 Value: 1
.nytimes.com/	1970-01-20 15:58:47	Name: nyt-a Value: mCUj8uZHkKE-Z0NRS0b3F73_
.et.nytimes.com/	1970-01-20 07:13:13	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 15:58:47	Name: sessionIndex Value: 1\|1667591663036\|mCUj8uZHkKE-Z0NRS0b3F73_\|1667591663036
.et.nytimes.com/	1970-01-20 07:14:38	Name: et-ppvid Value: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale=4weV2ZDkiXgF1ZLzbpxZgKLy
.bluekai.com/	1970-01-20 11:33:50	Name: bku Value: 5LD99m2+jV1rXRLj
.help.nytimes.com/	1970-01-20 07:13:13	Name: __cf_bm Value: NYWoEL834EnUNDI8FzppMwDCIpUEVonaOgipOw23uVM-1667591663-0-ASgh03Bqel9RL/pRYnRntuo6gUozDAEwDeWEwy4zQput7S898pTyqMKHJRkW02i1EKEanjBKSEtOW/SLg/Kyhzz/M493sS6KCsvoBwhnElFNTONPkFtmZEeDdTOTnYCvgw==
.nytimes.com/	1970-01-20 16:41:59	Name: _cb Value: _4bNrDAYG6TCMr-u8
.nytimes.com/	1970-01-20 16:41:59	Name: _chartbeat2 Value: .1667591663320.1667591663320.1.CuKEj9C-FqjwD0BMS1BoAXEIB90tbz.1
.nytimes.com/	1970-01-20 07:13:13	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 15:58:47	Name: datadome Value: ~np7kFUo~pMWeVvAq4MD1rUOfKFVK_FN4Ngfz8dG5mFVt1KTt3._awUzdxberspbC5sh6-GA35EiPJKCsSC0X9uEqCgIVIs1aDhahkVxdvmOyGt.z3AR9FHA3q_h_2a
.bluekai.com/	1970-01-20 11:32:23	Name: bkdc Value: phx
.doubleclick.net/	1970-01-20 16:49:11	Name: IDE Value: AHWqTUmNdlmkPFkxY2ZgvKAj7gG3YLzOz4nlaalmFcgDVeNfKCgFT1cM9RlmnyMs
.bing.com/	1970-01-20 16:34:47	Name: MUID Value: 1A92B95495406F0925D2AB0694CB6E7F
.everesttech.net/	1970-01-20 15:58:47	Name: everest_g_v2 Value: g_surferid~Y2Vt7wAFlS7dlAA7
.twitter.com/	1970-01-20 16:49:11	Name: personalization_id Value: "v1_a1QaKGorhX4MM3VTPRV0sg=="
.nytimes.com/	1970-01-20 16:49:11	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MzY1NmRmMDY1M2FkMzAwMDFjMWI2ZDQiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjY3NTkxNjY0fQ.UYo3ZIagBa6n356_aITrKE_4HboseUp9f6Ghulo9rX8
help.nytimes.com/	1970-01-20 07:13:12	Name: _dd_s Value: rum=1&id=cccf1d83-94d1-42bc-b901-fba172a4ea6f&created=1667591663897&expire=1667592566108

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://customerchat.nytimes.com/abraVariant?testName=HC_Cancel_0722 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.com.bd
analytics.twitter.com
app.launchdarkly.com
c.bing.com
cdn.brandmetrics.com
cdnjs.cloudflare.com
clientstream.launchdarkly.com
cm.g.doubleclick.net
collector.brandmetrics.com
customerchat.nytimes.com
dd.nytimes.com
e.newyorktimes.com
events.launchdarkly.com
g1.nyt.com
googleads.g.doubleclick.net
help.nytimes.com
insight.adsrvr.org
iteratehq.com
match.adsrvr.org
nytimes.zendesk.com
p20.zdassets.com
platform.iteratehq.com
pnytimes.chartbeat.net
rum-http-intake.logs.datadoghq.com
sb.scorecardresearch.com
stags.bluekai.com
static.chartbeat.com
static.zdassets.com
sync-tm.everesttech.net
tags.bkrtx.com
tags.bluekai.com
theme.zdassets.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
analytics.twitter.com
c.bing.com
googleads.g.doubleclick.net
match.adsrvr.org
sync-tm.everesttech.net
104.16.51.111
104.18.70.113
104.18.72.113
104.244.42.131
13.225.78.39
13.248.151.210
142.250.185.162
142.250.186.38
143.204.215.121
151.101.193.164
151.101.194.217
151.101.65.164
151.101.66.49
162.223.233.247
20.50.2.28
2600:1f18:24e6:b900:7bed:18ea:ee11:be62
2600:9000:20eb:d200:18:1fcd:351:7bc1
2606:4700:20::681a:7e5
2606:4700:20::ac43:45f7
2606:4700:20::ac43:479c
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
3.211.10.9
3.33.220.150
44.211.112.71
50.19.192.122
69.192.160.219
96.16.135.39
0389e95eb9cb47878c2143de03116163617cc6703739ec3e3c89bfb092c85c13
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
073144c5c0d999e3df547827cd6265befb161ffa30413534cd2f1b5b84471a81
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f6ee9ca3aac02f389980ffb8f67e78c93f83f73a8f71555a9bff4e22da10183
131bbce63874c2fbb7431972981bdd34faeeea49d88d9feecbff890a412720a7
1b2091549f8f3ca8a9039046e4b2cfd3907695c1be2638cdcd7aeef9d4b92394
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
1f863a830de4687bdad7f6e52d9e3227e460d02c8970c857f86eef6f73ee2027
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
31e739df2ca2f7e04d306ca3b67d508da0b0a6a4d738a80f3015453d225f2c9e
38f302f383b2315cbecbfccb57a80c4582f61d6982a7cdad8d443c1623d0b934
3dadde92340126226fab77a5a6cef5da6509a1f5abec49e2a159d948f3c7f577
3f04a94e0088216db8fee41145e318d32ece17b54f628c04488f74aaa564f155
46a7be70025ccbe492986449e34cad65ed68478ca78362d508282fe385926ea3
475ab18f9935eb27b85d51a457f86477e6f6721ee3df7dedd517a52777fb7614
4d8013986f9cf5b89a16a6dd1226a9d87ee6786a96ea11a3c5d4622d7ac2d006
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
50d5b516d840c7f050b44630b17a495e6549316b53c4a81bff2c8d11f1f0500e
5795c162503a8a8db1b67d8e38ff5b901d6278579c73750bb6641a69f54baad5
5f93e8137294e65f89717fb0d3da7fc0797d0332b7df70b8849d88f52e660f83
60518c66d82e96415cae48231422bdcad1360662ab137b6372ce39f324411b51
630289b7c03bdb6e89d7361bd639497353f88d29f28327f0dc8ad668eb3c3304
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c1f66940e22d66301667eefccc248df97e5309985b48dd11e5329dffd9e8a7c
7d6b3acac84ed57a0c82d2a51fc92a787bd9ae1cf49fef6dda4488ee74e1aef1
836316444e9cede5ce83cfe98734b9c8ab27192a9634a59b82c118a8e6792037
88011d782fa21da0ec301e49080fa9950973db277a33674d252f0fe1e333f61f
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9856d4bddb59705e83ada5eef8f4c384de9c5fa84beeb616e045a73ef1e44a53
9bd845570f8202ca11c0e8bc732c5116f398d5e02b422ceedee0b234caaa6f8c
a35a9727411f91f19c9280745497b01d00bb9576cdc2e48239c96d2f77ffba1a
a7fd3b0c4c51872dfab8f31f578f7c157ff86084e4eb5207415e10d3357b9c3d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b10ee35e45d0f0a4b8b4c6915f869ba169a96e47ef350240234b1239fda3cce3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4621275089956350e3eafbd034521072e7755dae7d4aa758f3ad6fdd6acf594
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f
b89ea3285a35df731b07cb322338690ffa0512da5795c097fdc20500ca652a47
bc358418d879447dacb1ce05fbb2fa5241cdc8bcdbfc3bc2987512fb0cfe67e0
bd03b0b6236cb66eb345ef4921d76c8d9be436ea7cc7c89f9e62163c3e0a4a64
bf637b7823c9a484872231e61705b0b5f2610bde3d88b2bb7a9e602761516855
ca092a961dc261252b8b72e1431cdd726d27d4442f1f663e5394b689d6cbb71b
cbe68d63a8ef14a194b728469f0491abee5e1ce7a631b26b3083cd641bc4e2ab
cd4164dca60294632bc0a2921431538ddf3659d653b09e510f26cfb9bf2463b6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d74eb7e1ca5ad2bbe04c5380ab61592470c420ab194855a9977cf6a76a5c7ea0
dc7098acb017323550c1cfdc8e3ce3441e08fe3c7a84e8d022fb71953bafd179
ddcda8f523b1483d6711cfdd4db9e06ea348d8b5fff9b5aa974051f66378aa8b
e1fc56c5af917b653be54d619245c4079c1afec0991321f0d358679b1ef529a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99f8796b1a066a179a97f043867d668266841fc345e587d882e778f8e673b20
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
ebd054f7f2a9f13c76806c053440a1b6a98dba76ff897c46a1af441ae3a64337
ed4a1439d54f9d51aa5cf0be648a8083bb2e08aa528775cdaecbd60ad7642dfc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd6352884f9b67de039f766838e02950e4cc1bacf9af49d167e9e082f95995a7
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

help.nytimes.com Open in urlscan Pro 104.16.51.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

87 %HTTPS

40 %IPv6

25 Domains

41 Subdomains

30 IPs

4 Countries

1018 kBTransfer

3112 kBSize

29 Cookies

14 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

help.nytimes.com Open in urlscan Pro
104.16.51.111 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

87 %
HTTPS

40 %
IPv6

25
Domains

41
Subdomains

30
IPs

4
Countries

1018 kB
Transfer

3112 kB
Size

29
Cookies

93 HTTP transactions
0 data transactions